KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > test > SecurityProxyUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.test.security.test;
23
24 import java.rmi.RemoteException JavaDoc;
25 import javax.naming.InitialContext JavaDoc;
26 import javax.rmi.PortableRemoteObject JavaDoc;
27 import javax.security.auth.login.Configuration JavaDoc;
28 import javax.security.auth.login.LoginContext JavaDoc;
29
30 import org.jboss.security.auth.login.XMLLoginConfigImpl;
31 import org.jboss.test.JBossTestCase;
32 import org.jboss.test.JBossTestSetup;
33 import org.jboss.test.security.interfaces.IOSession;
34 import org.jboss.test.security.interfaces.IOSessionHome;
35 import org.jboss.test.security.interfaces.ReadAccessException;
36 import org.jboss.test.util.AppCallbackHandler;
37
38 import junit.extensions.TestSetup;
39 import junit.framework.Test;
40 import junit.framework.TestSuite;
41
42
43 /** Tests of the EJB security proxy.
44  
45  @author Scott.Stark@jboss.org
46  @version $Revision: 37406 $
47  */
48 public class SecurityProxyUnitTestCase
49    extends JBossTestCase
50 {
51    LoginContext JavaDoc lc;
52    boolean loggedIn;
53
54    public SecurityProxyUnitTestCase(String JavaDoc name)
55    {
56       super(name);
57    }
58
59    /** Test that the echo method is accessible by an Echo
60     role. Since the noop() method of the StatelessSession
61     bean was not assigned any permissions it should not be
62     accessible by any user.
63     */
64    public void testMethodAccess() throws Exception JavaDoc
65    {
66       log.debug("+++ testMethodAccess");
67       login();
68       Object JavaDoc obj = getInitialContext().lookup("security-proxy/ProxiedStatelessBean");
69       obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
70       IOSessionHome home = (IOSessionHome) obj;
71       log.debug("Found IOSessionHome");
72       IOSession bean = home.create();
73       log.debug("Created IOSession");
74       
75       try
76       {
77          // This should not be allowed
78 bean.read("/restricted/pgp.keys");
79          fail("Was able to call read(/restricted/pgp.keys)");
80       }
81       catch(RemoteException JavaDoc e)
82       {
83          log.debug("IOSession.read failed as expected");
84       }
85       bean.read("/public/pgp.keys");
86
87       try
88       {
89          // This should not be allowed
90 bean.retryableRead("/restricted/pgp.keys");
91          fail("Was able to call read(/restricted/pgp.keys)");
92       }
93       catch(ReadAccessException e)
94       {
95          log.debug("IOSession.read failed as expected with ReadAccessException");
96          bean.read("/public/pgp.keys");
97       }
98
99       try
100       {
101          // This should not be allowed
102 bean.write("/restricted/pgp.keys");
103          fail("Was able to call write(/restricted/pgp.keys)");
104       }
105       catch(RemoteException JavaDoc e)
106       {
107          log.debug("IOSession.write failed as expected");
108       }
109       bean.write("/public/pgp.keys");
110
111       bean.remove();
112    }
113
114    /** Login as user scott using the conf.name login config or
115     'spec-test' if conf.name is not defined.
116     */
117    private void login() throws Exception JavaDoc
118    {
119       login("jduke", "theduke".toCharArray());
120    }
121    private void login(String JavaDoc username, char[] password) throws Exception JavaDoc
122    {
123       if( loggedIn )
124          return;
125
126       lc = null;
127       String JavaDoc confName = System.getProperty("conf.name", "spec-test");
128       AppCallbackHandler handler = new AppCallbackHandler(username, password);
129       log.debug("Creating LoginContext("+confName+")");
130       lc = new LoginContext JavaDoc(confName, handler);
131       lc.login();
132       log.debug("Created LoginContext, subject="+lc.getSubject());
133       loggedIn = true;
134    }
135    private void logout() throws Exception JavaDoc
136    {
137       if( loggedIn )
138       {
139          loggedIn = false;
140          lc.logout();
141       }
142    }
143
144
145    /**
146     * Setup the test suite.
147     */
148    public static Test suite() throws Exception JavaDoc
149    {
150       TestSuite suite = new TestSuite();
151       suite.addTest(new TestSuite(SecurityProxyUnitTestCase.class));
152
153       // Create an initializer for the test suite
154 TestSetup wrapper = new JBossTestSetup(suite)
155       {
156          protected void setUp() throws Exception JavaDoc
157          {
158             super.setUp();
159             Configuration.setConfiguration(new XMLLoginConfigImpl());
160             redeploy("security-proxy.jar");
161             flushAuthCache();
162          }
163          protected void tearDown() throws Exception JavaDoc
164          {
165             undeploy("security-proxy.jar");
166             super.tearDown();
167          
168          }
169       };
170       return wrapper;
171    }
172
173 }
174
Popular Tags