SecurityUnitTestCase


1   /*
2     * JBoss, Home of Professional Open Source
3     * Copyright 2005, JBoss Inc., and individual contributors as indicated
4     * by the @authors tag. See the copyright.txt in the distribution for a
5     * full listing of individual contributors.
6     *
7     * This is free software; you can redistribute it and/or modify it
8     * under the terms of the GNU Lesser General Public License as
9     * published by the Free Software Foundation; either version 2.1 of
10    * the License, or (at your option) any later version.
11    *
12    * This software is distributed in the hope that it will be useful,
13    * but WITHOUT ANY WARRANTY; without even the implied warranty of
14    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15    * Lesser General Public License for more details.
16    *
17    * You should have received a copy of the GNU Lesser General Public
18    * License along with this software; if not, write to the Free
19    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21    */
22  package org.jboss.test.securitymgr.test;
23  
24  import org.jboss.test.securitymgr.interfaces.Bad;
25  import org.jboss.test.securitymgr.interfaces.BadHome;
26  
27  import junit.framework.Test;
28  
29  import org.jboss.test.JBossTestCase;
30  
31  /** Tests of the security permission enforcement for items outside of the
32   standard EJB programming restrictions.
33  
34  @author Scott.Stark@jboss.org
35  @version $Revision: 58115 $
36   */
37  public class SecurityUnitTestCase extends JBossTestCase
38  {
39     org.jboss.logging.Logger log = getLog();
40  
41     public SecurityUnitTestCase(String   name)
42     {
43        super(name);
44     }
45  
46     /** Test that a bean cannot access the SecurityAssociation class
47      */
48     public void testGetPrincipal() throws Exception  
49     {
50        log.debug("+++ testGetPrincipal()");
51        Bad bean = getBadSession();
52  
53        try
54        {
55           bean.getPrincipal();
56           fail("Was able to call Bad.getPrincipal");
57        }
58        catch(Exception   e)
59        {
60           log.debug("Bad.getPrincipal failed as expected", e);
61        }
62        bean.remove();
63     }
64  
65     public void testGetCredential() throws Exception  
66     {
67        log.debug("+++ testGetCredential()");
68        Bad bean = getBadSession();
69        try
70        {
71           bean.getCredential();
72           fail("Was able to call Bad.getCredential");
73        }
74        catch(Exception   e)
75        {
76           log.debug("Bad.getCredential failed as expected", e);
77        }
78        bean.remove();
79     }
80  
81     public void testSetPrincipal() throws Exception  
82     {
83        log.debug("+++ testSetPrincipal()");
84        Bad bean = getBadSession();
85        try
86        {
87           bean.setPrincipal(null);
88           fail("Was able to call Bad.setPrincipal");
89        }
90        catch(Exception   e)
91        {
92           log.debug("Bad.setPrincipal failed as expected", e);
93        }
94        bean.remove();
95     }
96  
97     public void testSetCredential() throws Exception  
98     {
99        log.debug("+++ testSetCredential()");
100       Bad bean = getBadSession();
101       try
102       {
103          char[] password = "secret".toCharArray();
104          bean.setCredential(password);
105          fail("Was able to call Bad.setCredential");
106       }
107       catch(Exception   e)
108       {
109          log.debug("Bad.setCredential failed as expected", e);
110       }
111       bean.remove();
112    }
113 
114    /** Test that access of the thread subject is allowed
115     * @throws Exception
116     */ 
117    public void testGetSubject() throws Exception  
118    {
119       log.debug("+++ testGetSubject()");
120       Bad bean = getBadSession();
121       try
122       {
123          // Access to the thread Subject is allowed
124          bean.getSubject();
125          log.debug("Called Bad.getSubject");
126       }
127       catch(Exception   e)
128       {
129          fail("Was not able to call Bad.getSubject");
130       }
131       bean.remove();
132    }
133 
134    /** Test that access to the private credentials of the thread subject fails
135     * @throws Exception
136     */ 
137    public void testGetSubjectCredentials() throws Exception  
138    {
139       log.debug("+++ testGetSubjectCredentials()");
140       Bad bean = getBadSession();
141       try
142       {
143          bean.getSubjectCredentials();
144          fail("Was able to call Bad.getSubjectCredentials");
145       }
146       catch(Exception   e)
147       {
148          log.debug("Bad.getSubjectCredentials failed as expected", e);
149       }
150       bean.remove();
151    }
152 
153    public void testSetSubject() throws Exception  
154    {
155       log.debug("+++ testSetSubject()");
156       Bad bean = getBadSession();
157       try
158       {
159          bean.setSubject();
160          fail("Was able to call Bad.setSubject");
161       }
162       catch(Exception   e)
163       {
164          log.debug("Bad.setSubject failed as expected", e);
165       }
166       bean.remove();
167    }
168 
169    public void testPopRunAsRole() throws Exception  
170    {
171       log.debug("+++ testPopRunAsRole()");
172       Bad bean = getBadSession();
173       try
174       {
175          bean.popRunAsRole();
176          fail("Was able to call Bad.popRunAsRole");
177       }
178       catch(Exception   e)
179       {
180          log.debug("Bad.popRunAsRole failed as expected", e);
181       }
182       bean.remove();
183    }
184 
185    public void testPushRunAsRole() throws Exception  
186    {
187       log.debug("+++ testPushRunAsRole()");
188       Bad bean = getBadSession();
189       try
190       {
191          bean.pushRunAsRole();
192          fail("Was able to call Bad.pushRunAsRole");
193       }
194       catch(Exception   e)
195       {
196          log.debug("Bad.pushRunAsRole failed as expected", e);
197       }
198       bean.remove();
199    }
200 
201    /**
202     * Setup the test suite.
203     */
204    public static Test suite() throws Exception  
205    {
206       return getDeploySetup(SecurityUnitTestCase.class, "securitymgr-ejb.jar");
207    }
208 
209    private Bad getBadSession() throws Exception  
210    {
211       Object   obj = getInitialContext().lookup("secmgr.BadHome");
212       BadHome home = (BadHome) obj;
213       log.debug("Found secmgr.BadHome");
214       Bad bean = home.create();
215       log.debug("Created Bad");
216       return bean;
217    }
218 }
219
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags