[jboss-cvs] JBossAS SVN: r63610 - in branches/Branch_4_2/testsuite: src/jdk15/org/jboss/test/aop/bean and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jun 22 09:48:29 EDT 2007
Author: kabir.khan at jboss.com
Date: 2007-06-22 09:48:29 -0400 (Fri, 22 Jun 2007)
New Revision: 63610
Added:
branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java
branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureInternalPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureRunAsPOJO.java
Modified:
branches/Branch_4_2/testsuite/imports/sections/aop.xml
branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecuredPOJO.java
branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecurityTester.java
branches/Branch_4_2/testsuite/src/resources/aop/META-INF/jboss-aop.xml
Log:
[JBAOP-193] Test improvements to RunAsSecurityInterceptor and SecurityClassMetaDataLoader
Modified: branches/Branch_4_2/testsuite/imports/sections/aop.xml
===================================================================
--- branches/Branch_4_2/testsuite/imports/sections/aop.xml 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/imports/sections/aop.xml 2007-06-22 13:48:29 UTC (rev 63610)
@@ -84,7 +84,11 @@
<include name="org/jboss/test/aop/bean/NoInterceptorsPOJO*.class"/>
<include name="org/jboss/test/aop/bean/NonadvisedPOJO.class"/>
<include name="org/jboss/test/aop/bean/SecuredPOJO.class"/>
+ <include name="org/jboss/test/aop/bean/SecureRunAsPOJO.class"/>
+ <include name="org/jboss/test/aop/bean/SecureInternalPOJO.class"/>
<include name="org/jboss/test/aop/bean/AnnotatedSecuredPOJO.class"/>
+ <include name="org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.class"/>
+ <include name="org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.class"/>
<include name="org/jboss/test/aop/bean/SomeException.class"/>
<include name="org/jboss/test/aop/bean/POJO*.class"/>
<include name="org/jboss/test/aop/bean/Call*.class"/>
Added: branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,52 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+import org.jboss.aspects.security.Permissions;
+import org.jboss.aspects.security.SecurityDomain;
+import org.jboss.aspects.security.Unchecked;
+/**
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+ at SecurityDomain ("other")
+public class AnnotatedSecureInternalPOJO
+{
+ @Unchecked
+ public AnnotatedSecureInternalPOJO()
+ {
+
+ }
+
+ @Permissions ({"allowed"})
+ public void wrongRole()
+ {
+
+ }
+
+ @Permissions ({"internal"})
+ public void correctRole()
+ {
+
+ }
+}
Added: branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,60 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+import org.jboss.aspects.security.Permissions;
+import org.jboss.aspects.security.RunAs;
+import org.jboss.aspects.security.SecurityDomain;
+import org.jboss.aspects.security.Unchecked;
+import org.jboss.test.aop.bean.AnnotatedSecureInternalPOJO;
+
+/**
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+ at SecurityDomain("other")
+ at RunAs("internal")
+public class AnnotatedSecureRunAsPOJO
+{
+ @Unchecked
+ AnnotatedSecureInternalPOJO pojo = new AnnotatedSecureInternalPOJO();
+
+ @Unchecked
+ boolean called;
+
+ @Unchecked
+ public void runAsWithCorrectRole()
+ {
+ called = true;
+ pojo.correctRole();
+ }
+
+
+ @Unchecked
+ public void runAsWithIncorrectRole()
+ {
+ called = true;
+ pojo.wrongRole();
+ }
+}
+
\ No newline at end of file
Modified: branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/src/jdk15/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -24,7 +24,9 @@
import org.jboss.aspects.security.SecurityDomain;
import org.jboss.aspects.security.Permissions;
import org.jboss.aspects.security.Exclude;
+import org.jboss.aspects.security.RunAs;
import org.jboss.aspects.security.Unchecked;
+import org.jboss.test.aop.bean.AnnotatedSecureInternalPOJO;
/**
* @author <a href="mailto:kabir.khan at jboss.org">Kabir Khan</a>
@@ -65,6 +67,5 @@
@Exclude
public void excluded() {}
-
}
Added: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureInternalPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,55 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+/**
+ * @@org.jboss.aspects.security.SecurityDomain ("other")
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+public class AnnotatedSecureInternalPOJO
+{
+ /**
+ * @@org.jboss.aspects.security.Unchecked
+ */
+ public AnnotatedSecureInternalPOJO()
+ {
+
+ }
+
+ /**
+ * @@org.jboss.aspects.security.Permissions ({"allowed"})
+ */
+ public void wrongRole()
+ {
+
+ }
+
+ /**
+ * @@org.jboss.aspects.security.Permissions ({"internal"})
+ */
+ public void correctRole()
+ {
+
+ }
+}
Added: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecureRunAsPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,61 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+/**
+ * @@org.jboss.aspects.security.SecurityDomain ("other")
+ * @@org.jboss.aspects.security.RunAs ("internal")
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+public class AnnotatedSecureRunAsPOJO
+{
+ /**
+ * @@org.jboss.aspects.security.Unchecked
+ */
+ AnnotatedSecureInternalPOJO pojo = new AnnotatedSecureInternalPOJO();
+
+ /**
+ * @@org.jboss.aspects.security.Unchecked
+ */
+ boolean called;
+
+ /**
+ * @@org.jboss.aspects.security.Unchecked
+ */
+ public void runAsWithCorrectRole()
+ {
+ called = true;
+ pojo.correctRole();
+ }
+
+ /**
+ * @@org.jboss.aspects.security.Unchecked
+ */
+ public void runAsWithIncorrectRole()
+ {
+ called = true;
+ pojo.wrongRole();
+ }
+
+}
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/AnnotatedSecuredPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -27,7 +27,7 @@
* @author <a href="mailto:bill at jboss.org">Bill Burke</a>
* @version $Revision$
*/
-public class AnnotatedSecuredPOJO
+public class AnnotatedSecuredPOJO
{
/**
* @@org.jboss.aspects.security.Permissions ({"allowed"})
@@ -78,7 +78,6 @@
/**
* @@org.jboss.aspects.security.Exclude
*/
- public void excluded() {}
-
+ public void excluded() {}
}
Added: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureInternalPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureInternalPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureInternalPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,40 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+/**
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+public class SecureInternalPOJO
+{
+ public void wrongRole()
+ {
+
+ }
+
+ public void correctRole()
+ {
+
+ }
+}
Added: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureRunAsPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureRunAsPOJO.java (rev 0)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecureRunAsPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -0,0 +1,44 @@
+/*
+* JBoss, Home of Professional Open Source.
+* Copyright 2006, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.test.aop.bean;
+
+/**
+ *
+ * @author <a href="kabir.khan at jboss.com">Kabir Khan</a>
+ * @version $Revision: 1.1 $
+ */
+public class SecureRunAsPOJO
+{
+ AnnotatedSecureInternalPOJO pojo = new AnnotatedSecureInternalPOJO();
+ boolean called;
+ public void runAsWithCorrectRole()
+ {
+ called = true;
+ pojo.correctRole();
+ }
+
+ public void runAsWithIncorrectRole()
+ {
+ called = true;
+ pojo.wrongRole();
+ }
+}
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecuredPOJO.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecuredPOJO.java 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecuredPOJO.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -34,7 +34,7 @@
// unchecked
public SecuredPOJO()
- {
+ {
}
// allowed
@@ -49,7 +49,6 @@
public void someMethod() {}
- public void excluded() {}
-
+ public void excluded() {}
}
Modified: branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecurityTester.java
===================================================================
--- branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecurityTester.java 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/src/main/org/jboss/test/aop/bean/SecurityTester.java 2007-06-22 13:48:29 UTC (rev 63610)
@@ -184,6 +184,25 @@
pojo.someField = 5;
pojo = new SecuredPOJO(5);
+ System.out.println("Testing valid run-as");
+ SecureRunAsPOJO runasPojo = new SecureRunAsPOJO();
+ runasPojo.runAsWithCorrectRole();
+ runasPojo.called = false;
+
+ securityFailure = true;
+ try
+ {
+ System.out.println("Testing invalid run-as");
+ runasPojo.runAsWithIncorrectRole();
+ }
+ catch (SecurityException ignored)
+ {
+ log.info(ignored.getMessage());
+ securityFailure = false;
+ }
+ if (!runasPojo.called) throw new RuntimeException("run-as method was not actually called");
+ if (securityFailure) throw new RuntimeException("run-as failure was not caught for method");
+
log.info("test exclusion");
securityFailure = true;
try
@@ -220,6 +239,7 @@
securityFailure = false;
}
if (securityFailure) throw new RuntimeException("excluded failure was not caught for constructor");
+
}
catch (Throwable ex)
{
@@ -337,6 +357,26 @@
pojo.someField = 5;
pojo = new AnnotatedSecuredPOJO(5);
+ AnnotatedSecureRunAsPOJO runasPojo = new AnnotatedSecureRunAsPOJO();
+ System.out.println("Testing valid run-as");
+ runasPojo.runAsWithCorrectRole();
+ runasPojo.called = false;
+
+ securityFailure = true;
+ try
+ {
+ System.out.println("Testing invalid run-as");
+ runasPojo.runAsWithIncorrectRole();
+ }
+ catch (SecurityException ignored)
+ {
+ log.info(ignored.getMessage());
+ securityFailure = false;
+ }
+ if (!runasPojo.called) throw new RuntimeException("run-as method was not actually called");
+ if (securityFailure) throw new RuntimeException("run-as failure was not caught for method");
+
+
log.info("test exclusion");
securityFailure = true;
try
Modified: branches/Branch_4_2/testsuite/src/resources/aop/META-INF/jboss-aop.xml
===================================================================
--- branches/Branch_4_2/testsuite/src/resources/aop/META-INF/jboss-aop.xml 2007-06-22 13:45:34 UTC (rev 63609)
+++ branches/Branch_4_2/testsuite/src/resources/aop/META-INF/jboss-aop.xml 2007-06-22 13:48:29 UTC (rev 63610)
@@ -390,6 +390,67 @@
</exclude-list>
</metadata>
+
+ <metadata tag="security" class="org.jboss.test.aop.bean.SecureRunAsPOJO">
+ <security-domain>other</security-domain>
+ <security-identity>
+ <run-as><role-name>internal</role-name></run-as>
+ </security-identity>
+ <method-permission>
+ <unchecked/>
+ <method>
+ <method-name>runAsWithCorrectRole</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <unchecked/>
+ <method>
+ <method-name>runAsWithIncorrectRole</method-name>
+ </method>
+ </method-permission>
+ <field-permission>
+ <unchecked/>
+ <field>
+ <field-name>called</field-name>
+ </field>
+ </field-permission>
+ <constructor-permission>
+ <unchecked/>
+ <constructor>
+ <constructor-params/>
+ </constructor>
+ </constructor-permission>
+ </metadata>
+
+ <metadata tag="security" class="org.jboss.test.aop.bean.SecureInternalPOJO">
+ <security-domain>other</security-domain>
+ <method-permission>
+ <role-name>allowed</role-name>
+ <method>
+ <method-name>wrongRole</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <role-name>internal</role-name>
+ <method>
+ <method-name>correctRole</method-name>
+ </method>
+ </method-permission>
+ <field-permission>
+ <unchecked/>
+ <field>
+ <field-name>called</field-name>
+ </field>
+ </field-permission>
+ <constructor-permission>
+ <unchecked/>
+ <constructor>
+ <constructor-params/>
+ </constructor>
+ </constructor-permission>
+ </metadata>
+
+
<!-- Observable tester -->
<prepare expr="all(org.jboss.test.aop.bean.Temperature)"/>
More information about the jboss-cvs-commits
mailing list