KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > easybeans > tests > common > ejbs > stateful > containermanaged > security > SecurityRolesTester


1 /**
2  * EasyBeans
3  * Copyright (C) 2006 Bull S.A.S.
4  * Contact: easybeans@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: SecurityRolesTester.java 1120 2006-09-22 15:46:22Z benoitf $
23  * --------------------------------------------------------------------------
24  */
25 package org.objectweb.easybeans.tests.common.ejbs.stateful.containermanaged.security;
26
27 import static org.testng.Assert.assertFalse;
28 import static org.testng.Assert.assertTrue;
29 import static org.testng.Assert.fail;
30
31 import javax.annotation.Resource;
32 import javax.annotation.security.RunAs;
33 import javax.ejb.EJBAccessException JavaDoc;
34 import javax.ejb.SessionContext JavaDoc;
35
36 import org.objectweb.easybeans.log.JLog;
37 import org.objectweb.easybeans.log.JLogFactory;
38 import org.objectweb.easybeans.tests.common.ejbs.base.security.ItfSecurityRoles;
39
40 /**
41  * Test the differents roles types and also the methods related with security
42  * in the EJBContext.
43  * @author Gisele Pinheiro Souza
44  * @author Eduardo Studzinski Estima de Castro
45  */
46 @RunAs("mainrole")
47 public abstract class SecurityRolesTester implements ItfSecurityRolesTester {
48
49     /**
50      * Logger.
51      */
52     private static JLog logger = JLogFactory.getLog(SecurityRolesTester.class);
53
54     /**
55      * The bean used to test the roles.
56      * @return the bean.
57      */
58     public abstract ItfSecurityRoles getBean();
59
60     /**
61      * The session context.
62      */
63     @Resource
64     private SessionContext JavaDoc sessionContext;
65
66     /**
67      * Verifies if the caller is propagated among the beans.
68      */
69     public void testGetCallerPrincipalSameCaller() {
70         assertTrue(getBean().testCallerPrincipal(), "The method getCallerPrincipal is not working properly. Two bean"
71                 + " with the same caller returned different values.");
72     }
73
74     /**
75      * Verifies if the annotation RunAs is setting the role only for the callee
76      * and not for the caller.
77      */
78     public void testGetCallerPrincipalDifferentCaller() {
79         assertFalse(getBean().getCallerPrincipal().equals(sessionContext.getCallerPrincipal()),
80                 "The method getCallerPrincipal is not working properly. The bean has a RunAs "
81                         + "definition in the class, but this is valid only for the callee.Consequently, "
82                         + "the getCallerPrincipal in this method and in the callee must be different.");
83     }
84
85     /**
86      * Verifies if the method is caller in role returns false for the incorrect
87      * role.
88      */
89     public void testIsCallerInRoleIncorrect() {
90         assertFalse(getBean().isCallerinRole("secondaryrole"),
91                 "The caller has the runAs = secondaryrole and the method isCallerInRole in the callee returns true");
92     }
93
94     /**
95      * Verifies if the method is caller in role returns true for the correct
96      * role.
97      */
98     public void testIsCallerInRoleCorrect() {
99         assertTrue(getBean().isCallerinRole("mainrole"),
100                 "The caller has the runAs = mainrole and the method isCallerInRole in the callee returns false");
101     }
102
103     /**
104      * Verifies if the method that is not implemented throws the correct
105      * exception.
106      */
107     @SuppressWarnings JavaDoc("deprecation")
108     public void testGetCallerIdentity() {
109         try {
110             sessionContext.getCallerIdentity();
111             fail("The container did not throw an exception when the method getCallerIdentity was called.");
112         } catch (RuntimeException JavaDoc e) {
113             logger.debug("The bean threw an expected exception {0}", e);
114         }
115     }
116
117     /**
118      * Verifies if the method that is not implemented throws the correct
119      * exception.
120      */
121     @SuppressWarnings JavaDoc("deprecation")
122     public void testIsCallerInRoleDeprecated() {
123         try {
124             sessionContext.isCallerInRole(new DummyIdentity());
125             fail("The container did not throw an exception when the method isCallerInRole(Identity arg) was called.");
126         } catch (RuntimeException JavaDoc e) {
127             logger.debug("The bean threw an expected exception {0}", e);
128         }
129     }
130
131     /**
132      * Verifies if the permitAll police works.
133      */
134     public void testPermitAll() {
135         getBean().permitAllAttribute();
136     }
137
138     /**
139      * Verifies if the denyAll police works.
140      */
141     public void testDenyAll() {
142         try{
143             getBean().denyAllAttribute();
144             fail("The method has a denyAll annotation, so the bean cannot call this method.");
145         }catch(EJBAccessException JavaDoc e){
146             logger.debug("The bean threw an expected exception {0}", e);
147         }
148
149     }
150
151     /**
152      * Verifies if the allowedRoles police for two roles(the role specified in
153      * the RunAs and other role) works.
154      */
155     public void testAllowedRolesWithTwoRoles() {
156         getBean().permitTwoRoles();
157     }
158
159     /**
160      * Verifies if the allowedRoles police for one role(the role specified in
161      * the RunAs) works.
162      */
163     public void testAllowedRolesWithOneRole() {
164         getBean().permitOneRole();
165     }
166
167 }
168
Popular Tags