Java > Open Source Codes > org > jboss > test > security > ejb > StatelessSessionBean3


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.ejb;
23
24 import java.rmi.RemoteException ;
25 import java.security.Principal ;
26 import javax.ejb.CreateException ;
27 import javax.ejb.EJBException ;
28 import javax.ejb.SessionBean ;
29 import javax.ejb.SessionContext ;
30 import javax.naming.InitialContext ;
31
32 import org.jboss.test.security.interfaces.Entity;
33 import org.jboss.test.security.interfaces.EntityHome;
34 import org.jboss.test.security.interfaces.StatelessSession;
35 import org.jboss.test.security.interfaces.StatelessSessionHome;
36
37 import org.jboss.logging.Logger;
38
39 /** A SessionBean that accesses an Entity bean in its echo() method to test runAs
40  identity propagation. It also access its own excluded() method to test that the runAs
41  identity is also see on methods of this bean that are invoked through the
42  remote interface.
43  
44  @author Scott.Stark@jboss.org
45  @version $Revision: 58115 $
46  */
47 public class StatelessSessionBean3 implements SessionBean
48 {
49    private static Logger log = Logger.getLogger(StatelessSessionBean3.class);
50    private SessionContext sessionContext;
51    
52    public void ejbCreate() throws RemoteException , CreateException
53    {
54       log.debug("ejbCreate() called");
55    }
56
57    public void ejbActivate() throws RemoteException
58    {
59       log.debug("ejbActivate() called");
60    }
61
62    public void ejbPassivate() throws RemoteException
63    {
64       log.debug("ejbPassivate() called");
65    }
66
67    public void ejbRemove() throws RemoteException
68    {
69       log.debug("ejbRemove() called");
70    }
71
72    public void setSessionContext(SessionContext context) throws RemoteException
73    {
74       sessionContext = context;
75    }
76
77    /** This method creates an instance of the entity bean bound under
78     java:comp/env/ejb/Entity and then invokes its echo method. This
79     method should be accessible by user's with a role of Echo, while
80     the Entity bean should only be accessible by the runAs role.
81     */
82    public String echo(String arg)
83    {
84       log.debug("echo, arg="+arg);
85       // This call should fail if the bean is not secured
86 Principal p = sessionContext.getCallerPrincipal();
87       log.debug("echo, callerPrincipal="+p);
88       String echo = null;
89       try
90       {
91          InitialContext ctx = new InitialContext ();
92          EntityHome home = (EntityHome) ctx.lookup("java:comp/env/ejb/Entity");
93          Entity bean = home.findByPrimaryKey(arg);
94          echo = bean.echo(arg);
95       }
96       catch(Exception e)
97       {
98          log.debug("failed", e);
99          e.fillInStackTrace();
100          throw new EJBException (e);
101       }
102       return echo;
103    }
104    
105    public String forward(String echoArg)
106    {
107       log.debug("forward, echoArg="+echoArg);
108       String echo = null;
109       try
110       {
111          InitialContext ctx = new InitialContext ();
112          StatelessSessionHome home = (StatelessSessionHome) ctx.lookup("java:comp/env/ejb/Session");
113          StatelessSession bean = home.create();
114          echo = bean.echo(echoArg);
115       }
116       catch(Exception e)
117       {
118          log.debug("failed", e);
119          e.fillInStackTrace();
120          throw new EJBException (e);
121       }
122       return echo;
123    }
124    
125    /** This method gets this bean's remote interface and invokes the
126     excluded() method to test that the method is accessed as the
127     runAs role.
128     */
129    public void noop()
130    {
131       log.debug("noop calling excluded...");
132       StatelessSession myEJB = (StatelessSession) sessionContext.getEJBObject();
133       try
134       {
135          myEJB.excluded();
136       }
137       catch(RemoteException e)
138       {
139          throw new EJBException ("Failed to access excluded: "+e.detail);
140       }
141    }
142    
143    public void npeError()
144    {
145       log.debug("npeError");
146       Object obj = null;
147       obj.toString();
148    }
149    public void unchecked()
150    {
151       Principal p = sessionContext.getCallerPrincipal();
152       log.debug("StatelessSessionBean.unchecked, callerPrincipal="+p);
153    }
154    
155    /** This method should be assigned access to the runAs role and no user
156     should have this role.
157     */
158    public void excluded()
159    {
160       log.debug("excluded, accessed");
161       // This call should fail if the bean is not secured
162 Principal p = sessionContext.getCallerPrincipal();
163       log.debug("excluded, callerPrincipal="+p);
164    }
165 }
166

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags