[jboss-cvs] JBossAS SVN: r69781 - in branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test: jaccpropagation and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Feb 11 15:16:47 EST 2008
Author: bdecoste
Date: 2008-02-11 15:16:47 -0500 (Mon, 11 Feb 2008)
New Revision: 69781
Added:
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/AppCallbackHandler.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/Client.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomClientLoginModule.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomLoginModule.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomPrincipalImpl.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionBean.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionRemote.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/servlets/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/servlets/EJBServlet.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/HttpUtils.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/JaccPropagationTestCase.java
Log:
test for jacc propagation (work in progress)
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/AppCallbackHandler.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/AppCallbackHandler.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/AppCallbackHandler.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,85 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import java.io.IOException;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.TextInputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.jboss.logging.Logger;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class AppCallbackHandler implements CallbackHandler
+{
+ private static final Logger log = Logger.getLogger(AppCallbackHandler.class);
+
+ private String username;
+ private char[] password;
+ private String custom;
+
+ public AppCallbackHandler(String username, char[] password)
+ {
+ this.username = username;
+ this.password = password;
+ }
+
+ public void setCustom(String custom)
+ {
+ this.custom = custom;
+ }
+
+ public void handle(Callback[] callbacks) throws
+ IOException, UnsupportedCallbackException
+ {
+ for (int i = 0; i < callbacks.length; i++)
+ {
+ Callback c = callbacks[i];
+
+ if( c instanceof NameCallback )
+ {
+ NameCallback nc = (NameCallback) c;
+ nc.setName(username);
+ }
+ else if( c instanceof PasswordCallback )
+ {
+ PasswordCallback pc = (PasswordCallback) c;
+ pc.setPassword(password);
+ }
+ else if( c instanceof TextInputCallback )
+ {
+ TextInputCallback tc = (TextInputCallback) c;
+ tc.setText(custom);
+ }
+ else
+ {
+ throw new UnsupportedCallbackException(c, "Unrecognized Callback");
+ }
+ }
+ }
+}
+
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/Client.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/Client.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/Client.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,104 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+
+import javax.naming.InitialContext;
+
+import org.jboss.ejb3.test.jaccpropagation.CustomPrincipalImpl;
+import org.jboss.ejb3.test.jaccpropagation.SessionRemote;
+import org.jboss.ejb3.test.jaccpropagation.AppCallbackHandler;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.SecurityAssociation;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class Client
+{
+ private static final Logger log = Logger.getLogger(Client.class);
+
+ public static final String JAAS_MODE = "JAAS";
+ public static final String SA_MODE = "SA";
+
+ public static String processSecurityAssociationRequest() throws Exception
+ {
+ String result = "";
+
+ InitialContext ctx = new InitialContext();
+ SessionRemote session = (SessionRemote)ctx.lookup("SessionBean/remote");
+
+ CustomPrincipalImpl principal = new CustomPrincipalImpl("somebody");
+ principal.setCustom("");
+ Object credential = "password".toCharArray();
+
+ Subject subject = new Subject();
+
+ SecurityAssociation.pushSubjectContext(subject, principal, credential);
+
+ session.testCustomPrincipal();
+
+ Subject activeSubject = SecurityAssociation.getSubject();
+
+ CustomPrincipalImpl customPrincipal = new CustomPrincipalImpl("somebody");
+ customPrincipal.setCustom("custom");
+
+ Subject newSubject = new Subject();
+
+ SecurityAssociation.pushSubjectContext(newSubject, customPrincipal, credential);
+
+ result = session.testCustomPrincipal();
+
+ return result;
+ }
+
+ public static String processJaasRequest() throws Exception
+ {
+ String result = "";
+
+ AppCallbackHandler handler = new AppCallbackHandler("somebody", "password".toCharArray());
+ LoginContext lc = new LoginContext("custom-client", handler);
+ handler.setCustom("");
+
+ lc.login();
+
+ InitialContext ctx = new InitialContext();
+
+ SessionRemote session = (SessionRemote)ctx.lookup("SessionBean/remote");
+
+ session.testCustomPrincipal();
+
+ lc.logout();
+ handler.setCustom("custom");
+
+ lc.login();
+
+ result = session.testCustomPrincipal();
+
+ lc.logout();
+
+ return result;
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomClientLoginModule.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomClientLoginModule.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomClientLoginModule.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,252 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Map;
+import java.util.Set;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.TextInputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.ClientLoginModule;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityConstants;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class CustomClientLoginModule implements LoginModule
+{
+ private static Logger log = Logger.getLogger(CustomClientLoginModule.class);
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ /** The principal set during login() */
+ private Principal loginPrincipal;
+ /** The credential set during login() */
+ private Object loginCredential;
+ /** Shared state between login modules */
+ private Map sharedState;
+ /** Flag indicating if the shared password should be used */
+ private boolean useFirstPass;
+ /** Flag indicating if the SecurityAssociation existing at login should
+ be restored on logout.
+ */
+ private boolean restoreLoginIdentity;
+ private boolean trace;
+
+ /** Initialize this LoginModule. This checks for the options:
+ multi-threaded
+ restore-login-identity
+ password-stacking
+ */
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map sharedState, Map options)
+ {
+ this.trace = log.isTraceEnabled();
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ this.sharedState = sharedState;
+
+ //log securityDomain, if set.
+ if(trace)
+ log.trace("Security domain: " +
+ (String)options.get(SecurityConstants.SECURITY_DOMAIN_OPTION));
+
+ // Check for multi-threaded option
+ String flag = (String) options.get("multi-threaded");
+ if (Boolean.valueOf(flag).booleanValue() == true)
+ {
+ /* Turn on the server mode which uses thread local storage for
+ the principal information.
+ */
+ if(trace)
+ log.trace("Enabling multi-threaded mode");
+ SecurityAssociation.setServer();
+ }
+
+ flag = (String) options.get("restore-login-identity");
+ restoreLoginIdentity = Boolean.valueOf(flag).booleanValue();
+ if(trace)
+ log.trace("Enabling restore-login-identity mode");
+
+ /* Check for password sharing options. Any non-null value for
+ password_stacking sets useFirstPass as this module has no way to
+ validate any shared password.
+ */
+ String passwordStacking = (String) options.get("password-stacking");
+ useFirstPass = passwordStacking != null;
+ if(trace && useFirstPass)
+ log.trace("Enabling useFirstPass mode");
+ }
+
+ /**
+ * Method to authenticate a Subject (phase 1).
+ */
+ public boolean login() throws LoginException
+ {
+ if( trace )
+ log.trace("Begin login");
+ // If useFirstPass is true, look for the shared password
+ if (useFirstPass == true)
+ {
+ try
+ {
+ Object name = sharedState.get("javax.security.auth.login.name");
+ if ((name instanceof Principal) == false)
+ {
+ String username = name != null ? name.toString() : "";
+ loginPrincipal = new CustomPrincipalImpl(username);
+ } else
+ {
+ loginPrincipal = (Principal) name;
+ }
+ loginCredential = sharedState.get("javax.security.auth.login.password");
+ return true;
+ }
+ catch (Exception e)
+ { // Dump the exception and continue
+ log.debug("Failed to obtain shared state", e);
+ }
+ }
+
+ /* There is no password sharing or we are the first login module. Get
+ the username and password from the callback hander.
+ */
+ if (callbackHandler == null)
+ throw new LoginException("Error: no CallbackHandler available " +
+ "to garner authentication information from the user");
+
+ PasswordCallback pc = new PasswordCallback("Password: ", false);
+ NameCallback nc = new NameCallback("User name: ", "guest");
+ TextInputCallback tc = new TextInputCallback("Custom:");
+ Callback[] callbacks = {nc, pc, tc};
+ try
+ {
+ String username;
+ char[] password = null;
+ char[] tmpPassword;
+
+ callbackHandler.handle(callbacks);
+ username = nc.getName();
+ loginPrincipal = new CustomPrincipalImpl(username);
+ if (tc.getText() != null)
+ ((CustomPrincipalImpl)loginPrincipal).setCustom(tc.getText());
+
+ tmpPassword = pc.getPassword();
+ if (tmpPassword != null)
+ {
+ password = new char[tmpPassword.length];
+ System.arraycopy(tmpPassword, 0, password, 0, tmpPassword.length);
+ pc.clearPassword();
+ }
+ loginCredential = password;
+ if( trace )
+ {
+ String credType = "null";
+ if( loginCredential != null )
+ credType = loginCredential.getClass().getName();
+ log.trace("Obtained login: "+loginPrincipal
+ +", credential.class: " + credType);
+ }
+ }
+ catch (IOException ioe)
+ {
+ LoginException ex = new LoginException(ioe.toString());
+ ex.initCause(ioe);
+ throw ex;
+ }
+ catch (UnsupportedCallbackException uce)
+ {
+ LoginException ex = new LoginException("Error: " + uce.getCallback().toString() +
+ ", not able to use this callback for username/password");
+ ex.initCause(uce);
+ throw ex;
+ }
+ if( trace )
+ log.trace("End login");
+ return true;
+ }
+
+ /**
+ * Method to commit the authentication process (phase 2).
+ */
+ public boolean commit() throws LoginException
+ {
+ if( trace )
+ log.trace("commit, subject="+subject);
+ // Set the login principal and credential and subject
+ SecurityAssociation.pushSubjectContext(subject, loginPrincipal, loginCredential);
+
+ // Add the login principal to the subject if is not there
+ Set principals = subject.getPrincipals();
+ if (principals.contains(loginPrincipal) == false)
+ principals.add(loginPrincipal);
+ return true;
+ }
+
+ /**
+ * Method to abort the authentication process (phase 2).
+ */
+ public boolean abort() throws LoginException
+ {
+ if( trace )
+ log.trace("abort");
+ if( restoreLoginIdentity == true )
+ {
+ SecurityAssociation.popSubjectContext();
+ }
+ else
+ {
+ // Clear the entire security association stack
+ SecurityAssociation.clear();
+ }
+
+ return true;
+ }
+
+ public boolean logout() throws LoginException
+ {
+ if( trace )
+ log.trace("logout");
+ if( restoreLoginIdentity == true )
+ {
+ SecurityAssociation.popSubjectContext();
+ }
+ else
+ {
+ // Clear the entire security association stack
+ SecurityAssociation.clear();
+ }
+ Set principals = subject.getPrincipals();
+ principals.remove(loginPrincipal);
+ return true;
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomLoginModule.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomLoginModule.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomLoginModule.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,145 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.auth.spi.UsersRolesLoginModule;
+
+import org.jboss.security.auth.callback.SecurityAssociationCallback;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class CustomLoginModule extends UsersRolesLoginModule
+{
+ private static Logger log = Logger.getLogger(CustomLoginModule.class);
+
+ // This returns the propagated Principal
+ protected Principal getCallbackPrincipal()
+ {
+ PasswordCallback pc = new PasswordCallback("Password: ", false);
+ SecurityAssociationCallback sc = new SecurityAssociationCallback();
+ NameCallback nc = new NameCallback("User name: ", "guest");
+
+ Callback[] callbacks = {nc, pc, sc};
+
+ try
+ {
+ callbackHandler.handle(callbacks);
+
+ return sc.getPrincipal();
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+
+ return null;
+ }
+
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map sharedState, Map options)
+ {
+ super.initialize(subject, callbackHandler, sharedState, options);
+ }
+
+ public boolean login() throws LoginException
+ {
+ boolean success = super.login();
+
+ return success;
+ }
+
+ protected Principal createIdentity(String username)
+ throws Exception
+ {
+ if (getCallbackPrincipal() != null)
+ {
+ return getCallbackPrincipal();
+ }
+ else
+ {
+ return super.createIdentity(username);
+ }
+ }
+
+ protected Principal getIdentity()
+ {
+ if (getCallbackPrincipal() != null)
+ {
+ return getCallbackPrincipal();
+ }
+ else
+ {
+ return super.getIdentity();
+ }
+ }
+
+ public boolean commit() throws LoginException
+ {
+ return super.commit();
+ }
+
+ public boolean abort() throws LoginException
+ {
+ return super.abort();
+ }
+
+ public boolean logout() throws LoginException
+ {
+ return super.logout();
+ }
+
+ protected Group[] getRoleSets() throws LoginException
+ {
+ return super.getRoleSets();
+ }
+
+ protected boolean getUseFirstPass()
+ {
+ boolean result = super.getUseFirstPass();
+
+ return result;
+ }
+
+ protected Principal getUnauthenticatedIdentity()
+ {
+ return super.getUnauthenticatedIdentity();
+ }
+
+ protected Group createGroup(String name, Set principals)
+ {
+ return super.createGroup(name, principals);
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomPrincipalImpl.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomPrincipalImpl.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/CustomPrincipalImpl.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class CustomPrincipalImpl
+ implements Principal, Serializable
+{
+ private String name;
+
+ private String custom;
+
+ public CustomPrincipalImpl(String name)
+ {
+ this.name = name;
+ }
+
+ public int hashCode()
+ {
+ return name.hashCode();
+ }
+
+ public boolean equals(Object obj)
+ {
+ Principal p = (Principal) obj;
+ return name.equals(p.getName());
+ }
+
+ public String toString()
+ {
+ return this.getClass() + ":" + name + ":" + custom;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public String getCustom()
+ {
+ return custom;
+ }
+
+ public void setCustom(String custom)
+ {
+ this.custom = custom;
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionBean.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionBean.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionBean.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,79 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+import java.security.Principal;
+import java.security.acl.Group;
+
+import java.util.Set;
+import java.util.Iterator;
+
+import javax.ejb.Remote;
+import javax.ejb.Stateless;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+
+import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.logging.Logger;
+
+import org.jboss.security.SecurityAssociation;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+ at Stateless
+ at Remote(SessionRemote.class)
+ at SecurityDomain("custom")
+public class SessionBean implements SessionRemote
+{
+ private static final Logger log = Logger.getLogger(SessionBean.class);
+
+ public String testCustomPrincipal() throws Exception
+ {
+ String result = "";
+
+ log.info("------------- testCustomPrincipal ...");
+
+ Principal principal = SecurityAssociation.getPrincipal();
+ if (principal != null)
+ log.info(" SA " + principal.getClass() + " " + principal);
+
+ Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
+
+ Set<Principal> principalSet = subject.getPrincipals();
+ Iterator<Principal> principalIter = principalSet.iterator();
+
+ while (principalIter.hasNext()){
+ principal = (Principal)principalIter.next();
+ if (!(principal instanceof Group))
+ {
+ result = principal.toString();
+ log.info(" PolicyContext " + principal.getClass() + " " + principal);
+ }
+ }
+
+ return result;
+
+ }
+
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionRemote.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionRemote.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/SessionRemote.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,31 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public interface SessionRemote
+{
+ String testCustomPrincipal() throws Exception;
+}
+
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/servlets/EJBServlet.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/servlets/EJBServlet.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/servlets/EJBServlet.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,94 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation.servlets;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+
+import javax.naming.InitialContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.ejb3.test.jaccpropagation.Client;
+import org.jboss.ejb3.test.jaccpropagation.CustomPrincipalImpl;
+import org.jboss.ejb3.test.jaccpropagation.SessionRemote;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SimplePrincipal;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class EJBServlet extends HttpServlet
+{
+ private static final Logger log = Logger.getLogger(EJBServlet.class);
+
+ protected void processRequest(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException
+ {
+ String result = "";
+ try
+ {
+ String mode = request.getParameter("mode");
+
+ if (mode.equals(Client.JAAS_MODE))
+ result = Client.processJaasRequest();
+ else
+ result = Client.processSecurityAssociationRequest();
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+
+ throw new ServletException("Failed to call OptimizedEJB/Session30 through remote and local interfaces", e);
+ }
+ response.setContentType("text/html");
+ PrintWriter out = response.getWriter();
+ out.println("<html>");
+ out.println("<head><title>EJBServlet</title></head>");
+ out.println("<body>Tests passed " + result + "<br></body>");
+ out.println("</html>");
+ out.close();
+ }
+
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException
+ {
+ processRequest(request, response);
+ }
+
+ protected void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException
+ {
+ processRequest(request, response);
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/HttpUtils.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/HttpUtils.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/HttpUtils.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,179 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation.unit;
+
+import java.net.URL;
+import java.net.HttpURLConnection;
+import java.io.IOException;
+import java.lang.System;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.commons.httpclient.HttpMethodBase;
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.methods.HeadMethod;
+import org.apache.commons.httpclient.methods.OptionsMethod;
+import org.apache.commons.httpclient.methods.PutMethod;
+import org.apache.commons.httpclient.methods.DeleteMethod;
+import org.apache.commons.httpclient.methods.TraceMethod;
+import org.jboss.logging.Logger;
+
+/** Utilities for client http requests
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision: 67560 $
+ */
+public class HttpUtils
+{
+ private static Logger log = Logger.getLogger(HttpUtils.class);
+ private static String serverHost = System.getProperty("jbosstest.server.host", "localhost");
+ private static String baseURL = "http://jduke:theduke@" + serverHost + ":" + Integer.getInteger("web.port", 8080) + "/";
+ private static String baseURLNoAuth = "http://" + serverHost + ":" + Integer.getInteger("web.port", 8080) + "/";
+
+ public static final int GET = 1;
+ public static final int POST = 2;
+ public static final int HEAD = 3;
+ public static final int OPTIONS = 4;
+ public static final int PUT = 5;
+ public static final int DELETE = 6;
+ public static final int TRACE = 7;
+
+ public static String getBaseURL()
+ {
+ return baseURL;
+ }
+ public static String getBaseURL(String username, String password)
+ {
+ String url = "http://"+username+":"+password+"@" + serverHost + ":"
+ + Integer.getInteger("web.port", 8080) + "/";
+ return url;
+ }
+ public static String getBaseURLNoAuth()
+ {
+ return baseURLNoAuth;
+ }
+
+ /** Perform a get on the indicated URL and assert an HTTP_OK response code
+ *
+ * @param url
+ * @return The commons HttpClient used to perform the get
+ * @throws Exception on any failure
+ */
+ public static HttpMethodBase accessURL(URL url) throws Exception
+ {
+ return accessURL(url, "JBossTest Servlets", HttpURLConnection.HTTP_OK);
+ }
+ /** Perform a get on the indicated URL and assert that the response code
+ * matches the expectedHttpCode argument.
+ *
+ * @param url
+ * @param expectedHttpCode the http response code expected
+ * @return The commons HttpClient used to perform the get
+ * @throws Exception on any failure
+ */
+ public static HttpMethodBase accessURL(URL url, String realm,
+ int expectedHttpCode)
+ throws Exception
+ {
+ return accessURL(url, realm, expectedHttpCode, null);
+ }
+ public static HttpMethodBase accessURL(URL url, String realm,
+ int expectedHttpCode, int type)
+ throws Exception
+ {
+ return accessURL(url, realm, expectedHttpCode, null, type);
+ }
+ public static HttpMethodBase accessURL(URL url, String realm,
+ int expectedHttpCode, Header[] hdrs)
+ throws Exception
+ {
+ return accessURL(url, realm, expectedHttpCode, hdrs, GET);
+ }
+ public static HttpMethodBase accessURL(URL url, String realm,
+ int expectedHttpCode, Header[] hdrs, int type)
+ throws Exception
+ {
+ HttpClient httpConn = new HttpClient();
+ HttpMethodBase request = createMethod(url, type);
+
+ int hdrCount = hdrs != null ? hdrs.length : 0;
+ for(int n = 0; n < hdrCount; n ++)
+ request.addRequestHeader(hdrs[n]);
+ try
+ {
+ log.debug("Connecting to: "+url);
+ String userInfo = url.getUserInfo();
+
+ if( userInfo != null )
+ {
+ UsernamePasswordCredentials auth = new UsernamePasswordCredentials(userInfo);
+ httpConn.getState().setCredentials(realm, url.getHost(), auth);
+ }
+ log.debug("RequestURI: "+request.getURI());
+ int responseCode = httpConn.executeMethod(request);
+ String response = request.getStatusText();
+ System.out.println("responseCode="+responseCode+", response="+response);
+ // Validate that we are seeing the requested response code
+ if( responseCode != expectedHttpCode )
+ {
+ throw new IOException("Expected reply code:"+expectedHttpCode
+ +", actual="+responseCode);
+ }
+ }
+ catch(IOException e)
+ {
+ throw e;
+ }
+ return request;
+ }
+
+ public static HttpMethodBase createMethod(URL url, int type)
+ {
+ HttpMethodBase request = null;
+ switch( type )
+ {
+ case GET:
+ request = new GetMethod(url.toString());
+ break;
+ case POST:
+ request = new PostMethod(url.toString());
+ break;
+ case HEAD:
+ request = new HeadMethod(url.toString());
+ break;
+ case OPTIONS:
+ request = new OptionsMethod(url.toString());
+ break;
+ case PUT:
+ request = new PutMethod(url.toString());
+ break;
+ case DELETE:
+ request = new DeleteMethod(url.toString());
+ break;
+ case TRACE:
+ request = new TraceMethod(url.toString());
+ break;
+ }
+ return request;
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/JaccPropagationTestCase.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/JaccPropagationTestCase.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jaccpropagation/unit/JaccPropagationTestCase.java 2008-02-11 20:16:47 UTC (rev 69781)
@@ -0,0 +1,132 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jaccpropagation.unit;
+
+import java.net.URL;
+
+import javax.management.Attribute;
+import javax.management.MBeanServerConnection;
+import javax.management.ObjectName;
+
+import javax.security.jacc.PolicyContext;
+import javax.security.jacc.PolicyContextHandler;
+
+import junit.framework.Test;
+
+import org.apache.commons.httpclient.HttpMethodBase;
+
+import org.jboss.ejb3.test.jaccpropagation.Client;
+
+import org.jboss.test.JBossTestCase;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+public class JaccPropagationTestCase extends JBossTestCase
+{
+ private static String REALM = "JBossTest Servlets";
+ private String baseURL = HttpUtils.getBaseURL("somebody", "password");
+ private String baseURLNoAuth = HttpUtils.getBaseURLNoAuth();
+
+ private static final String USE_JBOSS = "UseJBossWebLoader";
+
+ public JaccPropagationTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testLocalSAPropagation() throws Exception
+ {
+ MBeanServerConnection server = getServer();
+ ObjectName tomcat = new ObjectName("jboss.web:service=WebServer");
+
+ try {
+ server.setAttribute(tomcat, new Attribute(USE_JBOSS, true));
+
+ assertTrue((Boolean)server.getAttribute(tomcat, USE_JBOSS));
+
+ URL url = new URL(baseURL+"jaccpropagation/EJBServlet?mode=" + Client.SA_MODE);
+ HttpMethodBase result = HttpUtils.accessURL(url);
+
+ String content = result.getResponseBodyAsString();
+ System.out.println(content);
+
+ assertTrue(content.contains("somebody:custom"));
+ }
+ finally
+ {
+ server.setAttribute(tomcat, new Attribute(USE_JBOSS, false));
+ }
+ }
+
+ public void testLocalJaasPropagation() throws Exception
+ {
+ MBeanServerConnection server = getServer();
+ ObjectName tomcat = new ObjectName("jboss.web:service=WebServer");
+
+ try {
+ server.setAttribute(tomcat, new Attribute(USE_JBOSS, true));
+
+ assertTrue((Boolean)server.getAttribute(tomcat, USE_JBOSS));
+
+ URL url = new URL(baseURL+"jaccpropagation/EJBServlet?mode=" + Client.JAAS_MODE);
+ HttpMethodBase result = HttpUtils.accessURL(url);
+
+ String content = result.getResponseBodyAsString();
+ System.out.println(content);
+
+ assertTrue(content.contains("somebody:custom"));
+ }
+ finally
+ {
+ server.setAttribute(tomcat, new Attribute(USE_JBOSS, false));
+ }
+ }
+
+ public void testRemoteSAPropagation() throws Exception
+ {
+ String result = Client.processSecurityAssociationRequest();
+
+ System.out.println(result);
+
+ assertTrue(result.contains("somebody:custom"));
+ }
+
+ public void testRemoteJaasPropagation() throws Exception
+ {
+ String result = Client.processJaasRequest();
+
+ System.out.println(result);
+
+ assertTrue(result.contains("somebody:custom"));
+ }
+
+ /**
+ * Setup the test suite.
+ */
+ public static Test suite() throws Exception
+ {
+ return getDeploySetup(JaccPropagationTestCase.class, "jaccpropagation-security-service.xml, jaccpropagation-ejbs.jar, jaccpropagation.war");
+ }
+
+
+}
More information about the jboss-cvs-commits
mailing list