KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > ejb > SecurityContextBean


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.ejb;
23
24 import java.rmi.RemoteException JavaDoc;
25 import java.util.Iterator JavaDoc;
26 import java.util.Set JavaDoc;
27 import javax.ejb.CreateException JavaDoc;
28 import javax.ejb.SessionBean JavaDoc;
29 import javax.ejb.SessionContext JavaDoc;
30 import javax.naming.InitialContext JavaDoc;
31
32 import org.jboss.logging.Logger;
33 import org.jboss.test.security.interfaces.SecurityContext;
34 import org.jboss.test.security.interfaces.SecurityContextHome;
35
36 /**
37  * @author Scott.Stark@jboss.org
38  * @version $Revision: 37406 $
39  */
40 public class SecurityContextBean implements SessionBean JavaDoc
41 {
42    static Logger log = Logger.getLogger(SecurityContextBean.class);
43
44    private SessionContext JavaDoc sessionContext;
45
46    public void ejbCreate() throws CreateException JavaDoc
47    {
48       log.debug("ejbCreate() called");
49    }
50
51    public void ejbActivate()
52    {
53       log.debug("ejbActivate() called");
54    }
55
56    public void ejbPassivate()
57    {
58       log.debug("ejbPassivate() called");
59    }
60
61    public void ejbRemove()
62    {
63       log.debug("ejbRemove() called");
64    }
65
66    public void setSessionContext(SessionContext JavaDoc context)
67    {
68       sessionContext = context;
69    }
70
71    public void testDomainInteraction(Set JavaDoc expectedRoles)
72    {
73       // Validate that caller has the expected roles
74 validateRoles(expectedRoles, true);
75       // Access a bean from another security-domain
76 try
77       {
78          InitialContext JavaDoc ctx = new InitialContext JavaDoc();
79          SecurityContextHome home = (SecurityContextHome)ctx.lookup("java:comp/env/ejb/CalledBean");
80          SecurityContext bean = home.create();
81          SecurityContext thisBean = (SecurityContext) sessionContext.getEJBObject();
82          bean.nestedInteraction(thisBean, expectedRoles);
83       }
84       catch(Exception JavaDoc e)
85       {
86          SecurityException JavaDoc se = new SecurityException JavaDoc("DataSource connection failed");
87          se.initCause(e);
88          throw se;
89       }
90       // Validate that caller still has the expected roles
91 validateRoles(expectedRoles, true);
92    }
93
94    public void nestedInteraction(SecurityContext caller, Set JavaDoc expectedRoles)
95       throws RemoteException JavaDoc
96    {
97       validateRoles(expectedRoles, false);
98    }
99
100    /**
101     * Validate that the current caller has every role from expectedRoles in the
102     * context isCallerInRole set.
103     *
104     * @param expectedRoles - Set<String> of the role names
105     * @param isCallerInRoleFlag - Should isCallerInRole return true
106     * @throws SecurityException - thrown if sessionContext.isCallerInRole(name)
107     * fails for any name in expectedRoles
108     */
109    private void validateRoles(Set JavaDoc expectedRoles, boolean isCallerInRoleFlag)
110       throws SecurityException JavaDoc
111    {
112       Iterator JavaDoc names = expectedRoles.iterator();
113       while( names.hasNext() )
114       {
115          String JavaDoc name = (String JavaDoc) names.next();
116          boolean hasRole = sessionContext.isCallerInRole(name);
117          if( hasRole != isCallerInRoleFlag )
118             throw new SecurityException JavaDoc("Caller does not have role: "+name);
119       }
120    }
121 }
122
Popular Tags