[jboss-cvs] JBossAS SVN: r79020 - in branches/JBPAPP_4_2_0_GA_CP: server/src/etc/conf/default and 24 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Oct 2 07:53:48 EDT 2008
Author: permaine
Date: 2008-10-02 07:53:48 -0400 (Thu, 02 Oct 2008)
New Revision: 79020
Added:
branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/cc.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-output-html.xsl
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-results.xsl
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-test-patterns.xsl
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/ccTsfiMap.xsd
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/testCaseMapping_1.0.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cacert.pem
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cakey.pem
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/client.keystore
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/localhost.keystore
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/login-config.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-roles.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-users.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-roles.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-users.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-roles.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-users.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/META-INF/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/META-INF/jboss-service.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/jboss-web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/jboss-service.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/webserver-xmbean.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/conf/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/conf/web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/server.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/jboss-web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-invoker-service.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/keystore.password
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-roles.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/security-service.xml
Modified:
branches/JBPAPP_4_2_0_GA_CP/build/build.xml
branches/JBPAPP_4_2_0_GA_CP/server/src/etc/conf/default/jboss-log4j.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/build.xml
branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/server-config.xml
Log:
JBPAPP-1056 Identify and implement configuration changes need for CC
Modified: branches/JBPAPP_4_2_0_GA_CP/build/build.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/build/build.xml 2008-10-02 11:09:32 UTC (rev 79019)
+++ branches/JBPAPP_4_2_0_GA_CP/build/build.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -707,6 +707,7 @@
token="Xms128m" value="Xms1503m"/>
<replace file="${install.production}/run.conf"
token="Xmx512m" value="Xmx1503m"/>
+ <antcall target="makeCCChanges"/>
</target>
<target name="partition-default"
@@ -943,6 +944,37 @@
</target>
+ <target name="check.soa">
+ <condition property="buildsoa">
+ <istrue value="${build.soa.bits}"/>
+ </condition>
+ </target>
+
+ <!-- Modify run.conf for EAP 4.3 CC config -->
+ <target name="makeCCChanges" if="buildsoa" depends="check.soa">
+ <replace file="${install.production}/run.conf" summary="true">
+ <replacetoken><![CDATA[
+# Sample JPDA settings for remote socket debuging
+]]></replacetoken>
+ <replacevalue><![CDATA[
+# Uncomment the following to run with Common Criteria configuration
+## Specify the Security Manager Policy
+#POLICY="security_cc.policy"
+#
+## Specify the Security Manager options
+#JAVA_OPTS="$JAVA_OPTS -Djava.security.manager -Djava.security.policy=$POLICY"
+#echo "======================================================================"
+#echo " "
+#echo " Common Criteria Configuration (Security Manager Enabled)"
+#echo " "
+#echo "======================================================================"
+## End of Common Criteria configuration
+
+# Sample JPDA settings for remote socket debuging
+]]></replacevalue>
+ </replace>
+ </target>
+
<!-- Modify run.sh for production config -->
<target name="updateConfigFiles">
Modified: branches/JBPAPP_4_2_0_GA_CP/server/src/etc/conf/default/jboss-log4j.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/server/src/etc/conf/default/jboss-log4j.xml 2008-10-02 11:09:32 UTC (rev 79019)
+++ branches/JBPAPP_4_2_0_GA_CP/server/src/etc/conf/default/jboss-log4j.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -34,12 +34,12 @@
-->
<layout class="org.apache.log4j.PatternLayout">
- <!-- The default pattern: Date Priority [Category] Message\n -->
+ <!-- The default pattern: Date Priority [Category] Message\n
<param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>
+ -->
- <!-- The full pattern: Date MS Priority [Category] (Thread:NDC) Message\n
+ <!-- The full pattern: Date MS Priority [Category] (Thread:NDC) Message\n -->
<param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>
- -->
</layout>
</appender>
@@ -233,6 +233,12 @@
<priority value="INFO" />
</category>
+ <!-- Enable this to obtain EJB Based Applications Access Log Entries
+ <category name="org.jboss.ejb.plugins.SecurityInterceptor">
+ <priority value="TRACE"/>
+ </category>
+ -->
+
@ENDPRODCONF
<!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
Added: branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/system/src/bin/security_cc.policy 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,156 @@
+//**********************************************************************
+// Common Criteria Evaluated Configuration Java2 Security Manager Policy
+// Author: Anil Saldhana
+//**********************************************************************
+
+grant codeBase "file:${user.dir}/run.jar" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${user.dir}/../lib/*" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${user.dir}/../server/production/lib/-" {
+ permission java.security.AllPermission;
+};
+
+//**********************************************************
+//
+// Section 1: Java JDK Core Code
+// (Permissions are given fully)
+//
+//*********************************************************
+// Trusted core Java code
+grant codeBase "file:${java.home}/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${java.home}/lib/*" {
+ permission java.security.AllPermission;
+};
+// For java.home pointing to the JDK jre directory
+grant codeBase "file:${java.home}/../lib/*" {
+ permission java.security.AllPermission;
+};
+
+//*******************End JDK Core**************************
+
+
+
+//*********************************************************
+//
+// Section 2: Permissions assigned to JBoss Core Codebase
+//
+//*********************************************************
+
+// Trusted core JBoss code
+grant codeBase "file:${jboss.home.dir}/bin/-" {
+ permission java.security.AllPermission;
+};
+
+// Trust all the jars in the server lib that JBoss has shipped
+grant codeBase "file:${jboss.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/work/-" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:${jboss.server.home.dir}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase "file:${jboss.server.home.dir}/-" {
+ permission java.io.FilePermission "${jboss.server.home.dir}/-", "read,write,delete";
+ permission java.io.FilePermission "${java.io.tmpdir}", "read,write,delete";
+
+ permission java.io.FilePermission "<<ALL FILES>>", "read";
+
+ // MBean permissions
+ permission javax.management.MBeanTrustPermission "*";
+ permission javax.management.MBeanServerPermission "findMBeanServer";
+ permission javax.management.MBeanPermission "*", "*";
+
+ permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.lang.RuntimePermission "accessDeclaredMembers";
+ permission java.lang.RuntimePermission "createClassLoader";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setPrincipalInfo";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getPrincipalInfo";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setServer";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setRunAsRole";
+ permission java.lang.RuntimePermission "loadLibrary.tcnative-1";
+ permission java.lang.RuntimePermission "loadLibrary.libtcnative-1";
+
+ permission java.net.NetPermission "specifyStreamHandler";
+
+ permission java.util.PropertyPermission "*", "read,write";
+ permission java.security.SecurityPermission "getProperty.package.definition";
+ permission java.security.SecurityPermission "setProperty.package.definition";
+ permission java.security.SecurityPermission "getProperty.package.access";
+ permission java.security.SecurityPermission "setProperty.package.access";
+ permission java.security.SecurityPermission "setPolicy";
+ permission java.security.SecurityPermission "putProviderProperty.JBossSX";
+ permission java.security.SecurityPermission "insertProvider.JBossSX";
+
+ permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+
+ // TODO: specify exact ports
+ permission java.net.SocketPermission "*:1024-", "accept,listen";
+ permission java.util.logging.LoggingPermission "control";
+
+ permission javax.security.auth.AuthPermission "doAsPrivileged";
+ permission javax.security.auth.AuthPermission "modifyPrincipals";
+
+ permission javax.security.auth.PrivateCredentialPermission "javax.resource.spi.security.PasswordCredential * \"*\"", "read";
+
+ // experimental
+ //permission java.lang.RuntimePermission "createSecurityManager";
+ //permission java.lang.RuntimePermission "setSecurityManager";
+
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.lang.RuntimePermission "accessClassInPackage.*";
+ permission java.lang.RuntimePermission "getClassLoader";
+ permission java.lang.RuntimePermission "getProtectionDomain";
+ permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
+
+ permission javax.security.auth.AuthPermission "createLoginContext.*";
+ permission javax.security.auth.AuthPermission "getLoginConfiguration";
+
+};
+
+
+
+//**************************************************************
+//
+// Section 3: JBoss EAP Testsuite Permissions
+//
+//**************************************************************
+
+//grant codeBase "file:${jboss.test.deploy.dir}/securitymgr-ejb.jar" {
+// permission java.util.PropertyPermission "*", "read";
+// permission java.lang.RuntimePermission "queuePrintJob";
+// permission java.net.SocketPermission "*", "connect";
+//};
+
+// Permissions for the WarPermissionsUnitTestCase
+//Permissions for crypto tests (putProvider)
+grant codeBase "file:${jboss.test.deploy.dir}/-" {
+ permission java.util.PropertyPermission "*", "read";
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+ permission java.security.SecurityPermission "putProviderProperty.JBossSX";
+};
+
+//*******************End JBoss EAP Testsuite Permissions*********
+
+
+//**************************************************************
+//
+// Section 4: User Applications Permissions
+//
+//**************************************************************
+// Minimal permissions are allowed to everyone else
+grant {
+ permission java.util.PropertyPermission "*", "read";
+ permission java.lang.RuntimePermission "queuePrintJob";
+ permission java.net.SocketPermission "*", "connect";
+};
Modified: branches/JBPAPP_4_2_0_GA_CP/testsuite/build.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/build.xml 2008-10-02 11:09:32 UTC (rev 79019)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/build.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -623,6 +623,13 @@
<exclude name="**/test/timer/test/SecureTimerUnitTestCase.class"/>
<exclude name="**/test/jmx/test/RMIAdaptorAuth*TestCase.class"/>
</patternset>
+ <!-- pattern sets for CC testing -->
+ <patternset id="cc.eap.includes" includesfile="output/eap-cc-test-patterns.txt" >
+ </patternset>
+ <patternset id="cc.ejb3.includes" includesfile="output/ejb3-cc-test-patterns.txt">
+ </patternset>
+ <patternset id="cc.jbm.includes" includesfile="output/jbm-cc-test-patterns.txt">
+ </patternset>
<!-- A patternset that requires jboss to run with a security manager -->
<patternset id="securitymgr.includes">
<include name="**/test/securitymgr/test/*TestCase.class"/>
@@ -849,6 +856,120 @@
<record name="${basedir}/build.log" action="stop"/>
</target>
+ <import file="imports/cc.xml"/>
+
+ <!-- Common Criteria Evaluation Tests running with Java Security Manager turned on.
+ -->
+ <target name="tests-cc-sm" description="Execute all Common Criteria Evaluation tests with Java Security Manager turned on."
+ depends="generate-cc-patternsets,maybejars">
+
+ <record name="${basedir}/build.log" append="no" action="start" loglevel="${buildlog.level}"/>
+ <property name="nojars" value="true"/>
+
+ <server:start name="cc-sm"/>
+
+ <antcall target="run-cc-tests-sm"/>
+ <antcall target="run-cc-tests"/>
+
+ <antcall target="tests-report"/>
+
+ <echo>Waiting for server to shutdown...</echo>
+ <server:stop name="cc-sm"/>
+
+ <record name="${basedir}/build.log" action="stop"/>
+
+ </target>
+
+ <!-- Common Criteria Evaluation Tests running with Java Security Manager turned off.
+ -->
+ <target name="tests-cc" description="Execute all Common Criteria Evaluation tests with Java Security Manager turned off."
+ depends="generate-cc-patternsets,maybejars">
+
+ <record name="${basedir}/build.log" append="no" action="start" loglevel="${buildlog.level}"/>
+
+ <!-- Create the sso enabled tomcat config starting with the default config -->
+ <create-config baseconf="all" newconf="cc" newconf-src="cc">
+ <patternset>
+ <include name="conf/**"/>
+ <include name="deploy/**"/>
+ </patternset>
+ </create-config>
+
+
+ <property name="nojars" value="true"/>
+ <server:start name="cc"/>
+
+ <antcall target="run-cc-tests"/>
+
+ <antcall target="tests-report"/>
+
+ <echo>Waiting for server to shutdown...</echo>
+ <server:stop name="cc"/>
+
+
+ <record name="${basedir}/build.log" action="stop"/>
+
+ </target>
+
+ <!-- Collection of all CC related tests.
+ Called from both tests-cc-sm and tests-cc targets.
+ Server has to be already started with proper configuration.
+ -->
+ <target name="run-cc-tests" depends="init">
+
+ <antcall target="tests-cc-unit"/>
+
+ <!--
+ <antcall target="tests-standard-unit"/>
+ <antcall target="tests-security-basic-unit"/>
+ -->
+
+ <!--
+ <antcall target="tomcat-ssl-tests"/>
+ -->
+ <!-- not sure about single sign on, be carefull starts own JBoss config
+ <antcall target="tomcat-sso-tests"/>
+ -->
+ <!--
+ <antcall target="tests-standard-stress"/>
+ <antcall target="tests-jbossmx-compliance"/>
+ <antcall target="tests-jbossmx-implementation"/>
+ <antcall target="tests-jbossmx-performance"/>
+ <antcall target="tests-iiop"/>
+ <antcall target="tests-scout-jaxr"/>
+ <antcall target="tests-webservice"/>
+ -->
+ </target>
+
+ <!-- Collection of CC related tests.
+ Called from tests-cc-sm target.
+ Server has to be already started with proper configuration.
+ -->
+ <target name="run-cc-tests-sm" depends="init">
+ <antcall target="tests-security-manager-cc"/>
+ </target>
+
+ <target name="tests-security-manager-cc" description="Tests run against a jboss server with a security manager for CC Evaluation">
+
+ <property name="jboss.home" location="${project.root}"/>
+ <property name="jboss.thirdparty.dir" location="${project.root}/thirdparty"/>
+ <property name="jboss.tools.dir" location="${project.root}/tools"/>
+ <property name="jbosstest.secure" value="true"/>
+ <property name="java.security.auth.login.config" value="${build.resources}/security/auth.conf"/>
+ <propertyset id="tests-security-manager-props">
+ <propertyref prefix="java.security"/>
+ <propertyref prefix="jboss"/>
+ </propertyset>
+
+ <patternset id="test.includes">
+ <exclude name="org/jboss/test/securitymgr/test/PolicyUnitTestCase.class"/>
+ <patternset refid="securitymgr.includes"/>
+ </patternset>
+ <run-junit junit.patternset="test.includes" junit.syspropertyset="tests-security-manager-props" junit.configuration="tests-security-manager"/>
+
+ </target>
+
+
<target name="tests-unified">
<create-unifiedInvoker-server conf="unified-jboss" serial="jboss"/>
<replace file="${jboss.dist}/server/unified-jboss/conf/standardjboss.xml">
@@ -1648,6 +1769,94 @@
</junit>
</target>
+ <target name="tests-cc-unit">
+
+
+ <mkdir dir="${build.reports}"/>
+ <mkdir dir="${build.testlog}"/>
+ <property name="jbosstest.secure" value="true"/>
+ <property name="java.security.auth.login.config" value="${build.resources}/security/auth.conf"/>
+
+ <!-- Specify the JSSE properties -->
+ <property name="javax.net.ssl.keyStore" value="${build.resources}/test-configs/cc/conf/client.keystore"/>
+ <property name="javax.net.ssl.keyStorePassword" value="unit-tests-client"/>
+ <property name="javax.net.ssl.trustStore" value="${build.resources}/test-configs/cc/conf/client.keystore"/>
+ <property name="javax.net.ssl.trustStorePassword" value="unit-tests-client"/>
+
+ <propertyset id="security-tests-props">
+ <propertyref prefix="java.security.auth"/>
+ <propertyref prefix="javax.net.ssl"/>
+ </propertyset>
+
+ <patternset id="tests-cc-unit">
+ <patternset refid="cc.eap.includes"/>
+ <!-- Exclude securitymgr tests (the testSystemExit shuts down the cc server) -->
+ <patternset refid="securitymgr.excludes"/>
+ </patternset>
+
+ <run-junit junit.patternset="tests-cc-unit" junit.configuration="tests-security-basic-unit" junit.syspropertyset="security-tests-props"/>
+
+ </target>
+
+ <!-- TODO: This target is just for reference and should be deleted in near future -->
+ <target name="xx-tests-cc-unit">
+
+ <property name="jbosstest.secure" value="true"/>
+ <property name="java.security.auth.login.config" value="${build.resources}/security/auth.conf"/>
+ <propertyset id="security-tests-props">
+ <propertyref prefix="java.security.auth"/>
+ </propertyset>
+
+ <echo>
+ <![CDATA[
+ **** tests-cc-unit ****
+ junit.timeout: ${junit.timeout}
+ jbosstest.iterationcount: ${jbosstest.iterationcount}
+ jbosstest.threadcount: ${jbosstest.threadcount}
+ jbosstest.beancount: ${jbosstest.beancount}
+ ]]>
+ </echo>
+ <mkdir dir="${build.reports}"/>
+ <mkdir dir="${build.testlog}"/>
+ <junit dir="${module.output}" printsummary="${junit.printsummary}" haltonerror="${junit.haltonerror}" haltonfailure="${junit.haltonfailure}" fork="${junit.fork}"
+ timeout="${junit.timeout}" jvm="${junit.jvm}">
+
+ <jvmarg value="${junit.jvm.options}"/>
+ <!-- Used for JGroups -->
+ <jvmarg value="-Dbind.address=${node0}"/>
+ <sysproperty key="jboss.dist" value="${jboss.dist}"/>
+ <sysproperty key="jbosstest.deploy.dir" file="${build.lib}"/>
+ <sysproperty key="build.testlog" value="${build.testlog}"/>
+ <sysproperty key="log4j.configuration" value="file:${build.resources}/log4j.xml"/>
+ <sysproperty key="java.naming.provider.url" value="${node0.jndi.url}"/>
+ <sysproperty key="jbosstest.server.host" value="${node0}"/>
+ <sysproperty key="jboss-junit-configuration" value="tests-cc-unit"/>
+ <!-- Pass along any jbosstest.* system properties -->
+ <syspropertyset>
+ <propertyref prefix="jbosstest."/>
+ </syspropertyset>
+ <syspropertyset>
+ <propertyset refid="security-tests-props" />
+ </syspropertyset>
+
+ <classpath>
+ <pathelement location="${build.classes}"/>
+ <pathelement location="${build.resources}"/>
+ <path refid="tests.classpath"/>
+ </classpath>
+
+ <formatter type="xml" usefile="${junit.formatter.usefile}"/>
+
+ <batchtest todir="${build.reports}" haltonerror="${junit.batchtest.haltonerror}" haltonfailure="${junit.batchtest.haltonfailure}" fork="${junit.batchtest.fork}">
+
+ <fileset dir="${build.classes}">
+ <patternset refid="cc.eap.includes"/>
+ <!-- Exclude securitymgr tests (the testSystemExit shuts down the cc server) -->
+ <patternset refid="securitymgr.excludes"/>
+ </fileset>
+ </batchtest>
+ </junit>
+ </target>
<target name="tests-standard-unit" depends="init,tests-standard-unit-soa,tests-standard-unit-standard">
</target>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/cc.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/cc.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/cc.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project name="Common Criteria project helper">
+
+ <target name="transform-cc-results"
+ description="Transforms results of standard test suite to the form appropriate for CC evaluation"
+ >
+
+ <!-- in="/qa/eap.bin/jboss-eap-4.3-src/jboss-as/testsuite/output/reports/TESTS-TestSuites.xml" -->
+
+ <xslt
+ in="src/resources/cc/testCaseMapping_1.0.xml"
+ out="output/cc-results.xml"
+ style="src/resources/cc/cc-results.xsl"
+ force="true">
+
+ <outputproperty name="method" value="xml"/>
+ <outputproperty name="standalone" value="yes"/>
+ <outputproperty name="encoding" value="UTF-8"/>
+ <outputproperty name="indent" value="yes"/>
+ </xslt>
+
+
+
+ </target>
+
+ <target name="generate-cc-patternsets"
+ description="Generate patternset to use during test CC"
+ >
+
+ <xslt
+ in="src/resources/cc/testCaseMapping_1.0.xml"
+ out="output/eap-cc-test-patterns.txt"
+ style="src/resources/cc/cc-test-patterns.xsl"
+ force="true">
+
+ <param name="testSuite" expression="EAP"/>
+
+ </xslt>
+
+ <xslt
+ in="src/resources/cc/testCaseMapping_1.0.xml"
+ out="output/ejb3-cc-test-patterns.txt"
+ style="src/resources/cc/cc-test-patterns.xsl"
+ force="true">
+
+ <param name="testSuite" expression="EJB3"/>
+
+ </xslt>
+
+ <xslt
+ in="src/resources/cc/testCaseMapping_1.0.xml"
+ out="output/jbm-cc-test-patterns.txt"
+ style="src/resources/cc/cc-test-patterns.xsl"
+ force="true">
+
+ <param name="testSuite" expression="JBM"/>
+
+ </xslt>
+
+ <xslt
+ in="src/resources/cc/testCaseMapping_1.0.xml"
+ out="output/cts-cc-test-patterns.txt"
+ style="src/resources/cc/cc-test-patterns.xsl"
+ force="true">
+
+ <param name="testSuite" expression="CTS"/>
+
+ </xslt>
+
+ </target>
+
+ <target name="generate-cc-results" depends="transform-cc-results"
+ description="Generates results in user readable form">
+
+ <!--
+ <xslt
+ in="output/cc-results.xml"
+ out="output/cc-results.html"
+ style="cc-output-html.xsl">
+
+ <outputproperty name="method" value="xml"/>
+ <outputproperty name="standalone" value="yes"/>
+ <outputproperty name="encoding" value="UTF-8"/>
+ <outputproperty name="indent" value="yes"/>
+ </xslt>
+ -->
+
+
+ </target>
+
+</project>
\ No newline at end of file
Modified: branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/server-config.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/server-config.xml 2008-10-02 11:09:32 UTC (rev 79019)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/imports/server-config.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -327,7 +327,27 @@
<sysproperty key="java.endorsed.dirs" value="${jboss.dist}/lib/endorsed" />
<sysproperty key="jgroups.udp.ip_ttl" value="${jbosstest.udp.ip_ttl}" />
</server>
- </server:config>
+ <server name="cc" host="${node0}" config="cc">
+ <jvmarg value="${jpda.cmdline}" />
+ <jvmarg value="-Xmx128m" />
+ <jvmarg value="-XX:MaxPermSize=128m" />
+ <sysproperty key="java.endorsed.dirs" value="${jboss.dist}/lib/endorsed" />
+ <sysproperty key="jgroups.udp.ip_ttl" value="${jbosstest.udp.ip_ttl}" />
+ </server>
+ <server name="cc-sm" host="${node0}" config="cc">
+ <jvmarg value="${jpda.cmdline}" />
+ <jvmarg value="-Xmx128m" />
+ <jvmarg value="-XX:MaxPermSize=128m" />
+ <jvmarg value="-Djboss.home.dir=${jboss.dist}" />
+ <jvmarg value="-Djboss.server.home.dir=${jboss.dist}${/}server${/}cc" />
+ <jvmarg value="-Djboss.test.deploy.dir=${jboss.test.deploy.dir}" />
+ <jvmarg value="-Djava.security.manager"/>
+ <jvmarg value="-Djava.security.policy==${jboss.dist}/bin/security_cc.policy"/>
+ <jvmarg value="-Djava.security.debug=access,failure"/>
+ <sysproperty key="java.endorsed.dirs" value="${jboss.dist}/lib/endorsed" />
+ <sysproperty key="jgroups.udp.ip_ttl" value="${jbosstest.udp.ip_ttl}" />
+ </server>
+ </server:config>
<!-- A macro for printing sleep before going into sleep
-->
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-output-html.xsl
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-output-html.xsl (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-output-html.xsl 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet version="1.0"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:cc="http://www.redhat.com/CcTsfiMap"
+ exclude-result-prefixes="cc">
+
+ <xsl:output method="xml" indent="yes" />
+
+ <!-- TODO: don't use absolute path -->
+ <xsl:variable name="results" select="document('/qa/eap.bin/jboss-eap-4.3-src/jboss-as/testsuite/output/reports/TESTS-TestSuites.xml')" />
+ <xsl:param name="fail.text" select="'failed'"/>
+ <xsl:param name="pass.text" select="'passed'"/>
+ <xsl:param name="not.covered.text" select="'not covered'"/>
+
+ <xsl:template match="/">
+ <xsl:for-each select="cc:testCaseMapping">
+ <xsl:for-each select="testSuite">
+ <xsl:for-each select="testCase">
+ <xsl:for-each select="test">
+
+ <xsl:variable name="package" select=""/>
+ <xsl:variable name="classname" select="../@name"/>
+ <xsl:variable name="testname" select="@name"/>
+
+ <xsl:element name="test">
+ <xsl:attribute name="testSuite">
+ <xsl:value-of select="../../@name"/>
+ </xsl:attribute>
+ <xsl:attribute name="testCase">
+ <xsl:value-of select="$classname"/>
+ </xsl:attribute>
+ <xsl:attribute name="name">
+ <xsl:value-of select="$testname"/>
+ </xsl:attribute>
+ <xsl:for-each select="TSFI">
+ <xsl:element name="tsfi"><xsl:value-of select="."/></xsl:element>
+ </xsl:for-each>
+ <xsl:element name="result">
+ <xsl:choose>
+ <xsl:when test="$results/testsuites/testsuite/testcase[@classname=$classname and @name=$testname]/failure[not(@message='')]"><xsl:value-of select="$fail.text"/></xsl:when>
+ <xsl:otherwise><xsl:value-of select="$pass.text"/></xsl:otherwise>
+ </xsl:choose>
+ </xsl:element>
+ <!--
+ <test>
+ <xsl:value-of select="../../@name"/>|<xsl:value-of select="../@name"/>|<xsl:value-of select="@name"/>
+ </test>
+ -->
+ </xsl:element>
+ </xsl:for-each>
+ </xsl:for-each>
+
+ </xsl:for-each>
+ </xsl:for-each>
+ </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-results.xsl
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-results.xsl (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-results.xsl 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet version="1.0"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:cc="http://www.redhat.com/CcTsfiMap"
+ exclude-result-prefixes="cc">
+
+ <xsl:output method="xml" indent="yes" />
+
+ <!-- TODO: don't use absolute path -->
+ <xsl:variable name="results" select="document('output/reports/TESTS-TestSuites.xml')" />
+ <xsl:param name="fail.text" select="'failed'"/>
+ <xsl:param name="pass.text" select="'passed'"/>
+ <xsl:param name="not.covered.text" select="'not covered'"/>
+
+ <xsl:template match="/">
+ <xsl:for-each select="cc:testCaseMapping">
+ <xsl:element name="cc-results">
+ <xsl:for-each select="testSuite">
+ <xsl:for-each select="testCase">
+ <xsl:for-each select="test">
+
+ <xsl:variable name="package" select=""/>
+ <xsl:variable name="classname" select="../@name"/>
+ <xsl:variable name="testname" select="@name"/>
+
+ <xsl:element name="test">
+ <xsl:attribute name="testSuite">
+ <xsl:value-of select="../../@name"/>
+ </xsl:attribute>
+ <xsl:attribute name="testCase">
+ <xsl:value-of select="$classname"/>
+ </xsl:attribute>
+ <xsl:attribute name="name">
+ <xsl:value-of select="$testname"/>
+ </xsl:attribute>
+ <xsl:for-each select="TSFI">
+ <xsl:element name="tsfi"><xsl:value-of select="."/></xsl:element>
+ </xsl:for-each>
+ <xsl:element name="result">
+ <xsl:choose>
+ <xsl:when test="$results/testsuites/testsuite/testcase[@classname=$classname and @name=$testname]/failure[not(@message='')]"><xsl:value-of select="$fail.text"/></xsl:when>
+ <xsl:otherwise><xsl:value-of select="$pass.text"/></xsl:otherwise>
+ </xsl:choose>
+ </xsl:element>
+ <!--
+ <test>
+ <xsl:value-of select="../../@name"/>|<xsl:value-of select="../@name"/>|<xsl:value-of select="@name"/>
+ </test>
+ -->
+ </xsl:element>
+ </xsl:for-each>
+ </xsl:for-each>
+
+ </xsl:for-each>
+ </xsl:element>
+ </xsl:for-each>
+ </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-test-patterns.xsl
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-test-patterns.xsl (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/cc-test-patterns.xsl 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet version="1.0"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:cc="http://www.redhat.com/CcTsfiMap"
+ exclude-result-prefixes="cc">
+
+ <xsl:output method="text"/>
+ <xsl:param name="testSuite" select="'EAP'"/>
+
+
+ <xsl:template match="/">
+ <xsl:for-each select="cc:testCaseMapping">
+ <xsl:for-each select="testSuite">
+ <xsl:if test="@name = $testSuite">
+ <xsl:for-each select="testCase">
+ <xsl:if test="@name != ''">
+ <xsl:variable name="pattern">
+ <xsl:call-template name="replace-substring">
+ <xsl:with-param name="value" select="@name" />
+ <xsl:with-param name="from" select="'org.jboss'" />
+ <xsl:with-param name="to" select="''" />
+ </xsl:call-template>
+ </xsl:variable>
+ <xsl:value-of select="concat('**',translate($pattern,'.','/'),'.class')"/>
+ <xsl:text>
+</xsl:text>
+ </xsl:if>
+ </xsl:for-each>
+ </xsl:if>
+ </xsl:for-each>
+ </xsl:for-each>
+ </xsl:template>
+
+
+ <xsl:template name="replace-substring">
+ <xsl:param name="value" />
+ <xsl:param name="from" />
+ <xsl:param name="to" />
+ <xsl:choose>
+ <xsl:when test="contains($value,$from)">
+ <xsl:value-of select="substring-before($value,$from)" />
+ <xsl:value-of select="$to" />
+ <xsl:call-template name="replace-substring">
+ <xsl:with-param name="value"
+ select="substring-after($value,$from)" />
+ <xsl:with-param name="from" select="$from" />
+ <xsl:with-param name="to" select="$to" />
+ </xsl:call-template>
+ </xsl:when>
+ <xsl:otherwise>
+ <xsl:value-of select="$value" />
+ </xsl:otherwise>
+ </xsl:choose>
+ </xsl:template>
+
+
+</xsl:stylesheet>
+
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/ccTsfiMap.xsd
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/ccTsfiMap.xsd (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/ccTsfiMap.xsd 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+ xmlns="http://www.redhat.com/CcTsfiMap"
+ targetNamespace="http://www.redhat.com/CcTsfiMap"
+>
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ Schema for mapping document between test (test suite, test case) and TSFI.
+ This mapping is created for purpose of Common Criteria evaluation of JBoss AS.
+ </xsd:documentation>
+ </xsd:annotation>
+
+ <xsd:element name="testCaseMapping" type="TestCaseMappingType">
+ <!-- Tes suite name has to be unique, so we are enforcing it. -->
+ <xsd:unique name="testSuiteNameUnique">
+ <xsd:selector xpath="testSuite"/>
+ <xsd:field xpath="@name"/>
+ </xsd:unique>
+ </xsd:element>
+
+ <xsd:complexType name="TestCaseMappingType">
+ <xsd:sequence>
+ <xsd:element name="testSuite" type="TestSuiteType" minOccurs="1" maxOccurs="unbounded">
+
+ <xsd:unique name="testCaseNameUnique">
+ <xsd:selector xpath="testCase"/>
+ <xsd:field xpath="@name"/>
+ </xsd:unique>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <xsd:complexType name="TestSuiteType">
+ <xsd:sequence>
+ <xsd:element name="desc" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="testCase" type="TestCaseType" minOccurs="1" maxOccurs="unbounded">
+ <xsd:unique name="testNameUnique">
+ <xsd:selector xpath="test"/>
+ <xsd:field xpath="@name"/>
+ </xsd:unique>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="name" type="TestSuiteName" use="required"/>
+ </xsd:complexType>
+
+ <!-- Enumeration of all possible test suite names -->
+ <xsd:simpleType name="TestSuiteName">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="EAP"/> <!-- EAP test suite -->
+ <xsd:enumeration value="CTS"/> <!-- J2EE TCK 1.4 test suite -->
+ <xsd:enumeration value="EJB3"/> <!-- EJB3 project test suite -->
+ <xsd:enumeration value="JBM"/> <!-- JBoss Messaging project test suite -->
+ <xsd:enumeration value="JBWS"/> <!-- JBoss Webservices project test suite -->
+ </xsd:restriction>
+ </xsd:simpleType>
+
+ <xsd:complexType name="TestCaseType">
+ <xsd:sequence>
+ <xsd:element name="desc" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="test" type="TestType" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
+ </xsd:complexType>
+
+ <xsd:complexType name="TestType">
+ <xsd:sequence>
+ <xsd:element name="desc" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="TSFI" type="xsd:string" minOccurs="1" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="name" type="xsd:string" use="required"/>
+ </xsd:complexType>
+</xsd:schema>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/testCaseMapping_1.0.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/testCaseMapping_1.0.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/cc/testCaseMapping_1.0.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,1813 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Test Case Mapping ver. 0.1
+ TSFI ID master data:
+ - - - - - - - - - - -
+ tsfi.http - HTTP access to TOE
+ tsfi.https - HTTPS access to TOE
+
+ tsfi.rmi.jrmp - RMI over JRMP
+ tsfi.rmi.http - RMI ober HTTP
+ tsfi.rmi.https - RMI ober HTTPS
+
+ tsfi.jdbc - JDBC
+
+ tsfi.jms - JMS traffic
+
+ tsfi.ws.http - Web Services over HTTP
+ tsfi.ws.https - Web Services over HTTPS
+
+ tsfi.jmx.rmi - JMX using RMI
+
+ tsfi.start -
+ tsfi.stop -
+
+-->
+<cc:testCaseMapping xmlns:cc="http://www.redhat.com/CcTsfiMap"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.redhat.com/CcTsfiMap ccTsfiMap.xsd"
+>
+
+ <!-- EJB3 is a part of TOE, so we used some testcases from EJB3 project as well -->
+ <testSuite name="EJB3">
+ <testCase name="org.jboss.ejb3.test.jacc.unit.JaccTestCase">
+ <desc></desc>
+ <test name="testUnchecked">
+ <desc>?? What about tsfi.rmi.https... it also possible</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testChecked">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testAllEntity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testStarEntity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testSomeEntity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="hasSecurityOrEJBException">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.ejb3.test.security.unit.EJBSpecUnitTestCase">
+ <desc>Test of EJB spec conformace using the security-spec.jar deployment unit. These test the basic role based access model.</desc>
+ <test name="testSecurityDomain">
+ <desc>Validate that the users have the expected logins and roles.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testGetCallerPrincipal">
+ <desc>Test that:
+ 1. SecureBean returns a non-null principal when getCallerPrincipal
+ is called with a security context and that this is propagated
+ to its Entity bean ref.
+
+ 2. UnsecureBean throws an IllegalStateException when getCallerPrincipal
+ is called without a security context.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testStatefulCreateCaller">
+ <desc>Test the use of getCallerPrincipal from within the ejbCreate in a stateful session bean</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testDomainInteraction">
+ <desc>Test that a call interacting with different security domains does not change the</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testPrincipalPropagation">
+ <desc>Test that the calling principal is propagated across bean calls.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testMethodAccess">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testDomainMethodAccess">
+ <desc>Test that the echo method is accessible by an Echo
+ role. Since the excluded() method of the StatelessSession
+ bean has been placed into the excluded set it should not
+ accessible by any user. This uses the security domain of the
+ JaasSecurityDomain service to test its use as an authentication mgr.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testMethodAccess2">
+ <desc>Test that the permissions assigned to the stateless session bean:
+ with ejb-name=org/jboss/test/security/ejb/StatelessSession_test
+ are read correctly.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="a1testLocalMethodAccess">
+ <desc>Test a user with Echo and EchoLocal roles can access the CalleeBean
+ through its local interface by calling the CallerBean and that a user
+ with only a EchoLocal cannot call the CallerBean.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testUncheckedRemote">
+ <desc>Test access to a bean with a mix of remote interface permissions and unchecked permissions with the unchecked permissions declared first.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testRemoteUnchecked">
+ <desc>Test access to a bean with a mix of remote interface permissions and unchecked permissions with the unchecked permissions declared last.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testUnchecked">
+ <desc>Test that a user with a role that has not been assigned any method permissions in the ejb-jar descriptor is able to access a method that has been marked as unchecked.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testUncheckedWithLogin">
+ <desc>Test that a user with a valid role is able to access a bean for which all methods have been marked as unchecked.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testExcluded">
+ <desc>Test that user scott who has the Echo role is not able to access the StatelessSession2.excluded method even though the Echo role has been granted access to all methods of StatelessSession2 to test that the excluded-list takes precendence over the method-permissions.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testRunAs">
+ <desc>This method tests the following call chains:
+ 1. RunAsStatelessSession.echo() -> PrivateEntity.echo()
+ 2. RunAsStatelessSession.noop() -> RunAsStatelessSession.excluded()
+ 3. RunAsStatelessSession.forward() -> StatelessSession.echo()
+ 1. Should succeed because the run-as identity of RunAsStatelessSession
+ is valid for accessing PrivateEntity.
+ 2. Should succeed because the run-as identity of RunAsStatelessSession
+ is valid for accessing RunAsStatelessSession.excluded().
+ 3. Should fail because the run-as identity of RunAsStatelessSession
+ is not Echo.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testDeepRunAs">
+ <desc> This method tests the following call chain:
+ Level1CallerBean.callEcho() -> Level2CallerBean.invokeEcho()
+ -> Level3CalleeBean.echo()
+ The Level1CallerBean uses a run-as of InternalRole and the Level2CallerBean
+ and Level3CalleeBean are only accessible by InternalRole.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="testRunAsSFSB">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="a1testMDBRunAs">
+ <desc>Test that an MDB with a run-as identity is able to access secure EJBs that require the identity.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="a1testMDBDeepRunAs">
+ <desc>Test that an MDB with a run-as identity is able to access secure EJBs
+ that require the identity. DeepRunAsMDB -> Level1MDBCallerBean.callEcho() ->
+ Level2CallerBean.invokeEcho() -> Level3CalleeBean.echo()
+ The MDB uses a run-as of InternalRole and the Level2CallerBean
+ and Level3CalleeBean are only accessible by InternalRole.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ <test name="a1testRunAsWithRoles">
+ <desc>This method tests that the RunAsWithRolesMDB is assigned multiple roles within its onMessage so that it can call into the ProjRepository session bean's methods that required ProjectAdmin, CreateFolder and DeleteFolder
+ roles.
+ </desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.rmi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="">
+ <desc></desc>
+ <test name="">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ </testCase>
+ </testSuite>
+
+ <!-- Standard EAP testsuite to TOE Security Interface mapping -->
+ <testSuite name="EAP">
+ <testCase name="org.jboss.test.security.test.CallerInfoUnitTestCase">
+ <desc>Tests of the caller context state</desc>
+ <test name="testCallerSubject">
+ <desc>Test return of a custom principal from getCallerPrincipal.</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SubjectContextUnitTestCase">
+ <desc></desc>
+ <test name="testUserMethodViaServlet">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.DeepCopySubjectUnitTestCase">
+ <desc>JBAS-2657: Add option to deep copy the authenticated subject sets
+ *
+ * Testcase that unit tests the cloneability of various JBossSX
+ * Principal/Groups
+ * Also does a test of the serverside Subject deep copy via a mutable
+ * Principal</desc>
+ <test name="testSubjectCloning">
+ <desc>Test the Deep Copy of Subjects by the JaasSecurityManager via a test servlet deployed</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.EJBSpecUnitTestCase">
+ <desc>Test of EJB spec conformace using the security-spec.jar deployment unit. These test the basic role based access model.</desc>
+ <test name="testSecurityDomain">
+ <desc>Validate that the users have the expected logins and roles.</desc>
+ <TSFI>tsfi.jmx</TSFI>
+ </test>
+ <test name="testStatefulCreateCaller">
+ <desc>Test the use of getCallerPrincipal from within the ejbCreate in a stateful session bean</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ <test name="testGetCallerPrincipal">
+ <desc>Test that:
+ 1. SecureBean returns a non-null principal when getCallerPrincipal
+ is called with a security context and that this is propagated
+ to its Entity bean ref.
+
+ 2. UnsecureBean throws an IllegalStateException when getCallerPrincipal
+ is called without a security context.</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ <test name="testDomainInteraction">
+ <desc>Test that a call interacting with different security domains does not change the</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testPrincipalPropagation">
+ <desc>Test that the calling principal is propagated across bean calls.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMethodAccess">
+ <desc>Test that the echo method is accessible by an Echo
+ role. Since the noop() method of the StatelessSession
+ bean was not assigned any permissions it should be unchecked.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testDomainMethodAccess">
+ <desc>Test that the echo method is accessible by an Echo
+ role. Since the excluded() method of the StatelessSession
+ bean has been placed into the excluded set it should not
+ accessible by any user. This uses the security domain of the
+ JaasSecurityDomain service to test its use as an authentication mgr.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMethodAccess2">
+ <desc>Test that the permissions assigned to the stateless session bean:
+ with ejb-name=org/jboss/test/security/ejb/StatelessSession_test
+ are read correctly.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testLocalMethodAccess">
+ <desc>Test a user with Echo and EchoLocal roles can access the CalleeBean
+ through its local interface by calling the CallerBean and that a user
+ with only a EchoLocal cannot call the CallerBean.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUncheckedRemote">
+ <desc>Test access to a bean with a mix of remote interface permissions and
+ * unchecked permissions with the unchecked permissions declared first.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRemoteUnchecked">
+ <desc>Test access to a bean with a mix of remote interface permissions and
+ * unchecked permissions with the unchecked permissions declared last.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUnchecked">
+ <desc>Test that a user with a role that has not been assigned any
+ method permissions in the ejb-jar descriptor is able to access a
+ method that has been marked as unchecked.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUncheckedWithLogin">
+ <desc>Test that a user with a valid role is able to access a
+ bean for which all methods have been marked as unchecked.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testExcluded">
+ <desc>Test that user scott who has the Echo role is not able to
+ access the StatelessSession2.excluded method even though
+ the Echo role has been granted access to all methods of
+ StatelessSession2 to test that the excluded-list takes
+ precendence over the method-permissions.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRunAs">
+ <desc>This method tests the following call chains:
+ 1. RunAsStatelessSession.echo() -> PrivateEntity.echo()
+ 2. RunAsStatelessSession.noop() -> RunAsStatelessSession.excluded()
+ 3. RunAsStatelessSession.forward() -> StatelessSession.echo()
+ 1. Should succeed because the run-as identity of RunAsStatelessSession
+ is valid for accessing PrivateEntity.
+ 2. Should succeed because the run-as identity of RunAsStatelessSession
+ is valid for accessing RunAsStatelessSession.excluded().
+ 3. Should fail because the run-as identity of RunAsStatelessSession
+ is not Echo.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testDeepRunAs">
+ <desc>This method tests the following call chain:
+ Level1CallerBean.callEcho() -> Level2CallerBean.invokeEcho()
+ -> Level3CalleeBean.echo()
+ The Level1CallerBean uses a run-as of InternalRole and the Level2CallerBean
+ and Level3CalleeBean are only accessible by InternalRole.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRunAsSFSB">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testJBAS1852">
+ <desc>Test the run-as side-effects raised in http://jira.jboss.com/jira/browse/JBAS-1852</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMDBRunAs">
+ <desc>Test that an MDB with a run-as identity is able to access secure EJBs
+ that require the identity.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testMDBDeepRunAs">
+ <desc>Test that an MDB with a run-as identity is able to access secure EJBs
+ that require the identity. DeepRunAsMDB -> Level1MDBCallerBean.callEcho() ->
+ Level2CallerBean.invokeEcho() -> Level3CalleeBean.echo()
+ The MDB uses a run-as of InternalRole and the Level2CallerBean
+ and Level3CalleeBean are only accessible by InternalRole.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testRunAsWithRoles">
+ <desc>This method tests that the RunAsWithRolesMDB is assigned multiple roles
+ * within its onMessage so that it can call into the ProjRepository session
+ * bean's methods that required ProjectAdmin, CreateFolder and DeleteFolder
+ * roles.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testHandle">
+ <desc>Test the security behavior of handles. To obtain secured bean from
+ a handle that the handle be </desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testStatefulHandle">
+ <desc>Test the security behavior of stateful handles. To obtain secured bean
+ from a handle requires that there be a security context to obtain the ejb.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testStress">
+ <desc>Stress test declarative security.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testStressNoJaasCache">
+ <desc>Stress test declarative security with the JAAS cache disabled.</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.LoginContextUnitTestCase">
+ <desc>A JUnit TestCase for the JAAS LoginContext usage.</desc>
+ <test name="testLogin1">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testLogin2">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.NamespacePermissionsUnitTestCase">
+ <desc>A JUnit TestCase for the NamespacePermissions and NamespacePermission classes.</desc>
+ <test name="testImplied">
+ <desc>Test the NamespacePermissionCollection implies method for various permission that should be implied by the setup PermissionCollection.</desc>
+ <TSFI></TSFI>
+ </test>
+ <test name="testNotImplied">
+ <desc>Test the NamespacePermissionCollection implies method for various permission that should NOT be implied by the setup PermissionCollection.</desc>
+ <TSFI></TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.PermissionNameUnitTestCase">
+ <desc>A JUnit TestCase for the PermissionNames class.</desc>
+ <test name="testOrdering">
+ <desc>Test the order of PermissionNames</desc>
+ <TSFI></TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.WebConstraintsUnitTestCase">
+ <desc>Tests of the web declarative security model</desc>
+ <test name="testUnchecked">
+ <desc>Test URLs that should require no authentication for any method</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testGetAccess">
+ <desc>Test GETs against URLs that only allows the GET method and required the GetRole role</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testExcludedAccess">
+ <desc>Test that the excluded paths are not accessible by anyone</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testPostAccess">
+ <desc>Test POSTs against URLs that only allows the POST method and required the PostRole role</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.WebResourcePermissionUnitTestCase">
+ <desc>Tests of the JAAC WebResourcePermission</desc>
+ <test name="testCtor2">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testBestMatch">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testQualifiedMatch">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testQualifiedPatterns">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.WebUserDataPermissionUnitTestCase">
+ <desc>Tests of the JAAC WebUserDataPermission</desc>
+ <test name="testCtor2">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testMatch">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testQualifiedPatterns">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.auth.AppCallbackHandlerUnitTestCase">
+ <desc>Unit Tests the AppCallbackHandler</desc>
+ <test name="testUserNamePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMapCallback">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testByteArrayCallback">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.ejb.SFSBIntegrationTestCase">
+ <desc>Stateful Session Beans Integration Tests</desc>
+ <test name="testCallerPrincipalInSessionSynchronization">
+ <desc>Call a SFSB method that has container transaction and each of
+ * the SessionSynchronization callback methods call the getCallerPrincipal
+ *
+ * Also the SFSB has a ejb ref to another SFSB which is secured and declares
+ * a run-as role</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.jca.test.SecurityContextUnitTestCase">
+ <desc>Tests of how security context interact with the JCA layer.</desc>
+ <test name="testCallerIdentityPropagation">
+ <desc></desc>
+ <TSFI>tsfi.jdbc</TSFI>
+ </test>
+ <test name="testConfiguredIdentityPropagation">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRunAsIdentityPropagationFS">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRunAsIdentityPropagationDS">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.jmx.test.RMIAdaptorAuthorizationUnitTestCase">
+ <desc>Authorization of the RMI Adaptor
+ * Especially tests the usage of the authorization delegate
+ * called as org.jboss.jmx.connector.invoker.ExternalizableRolesAuthorization</desc>
+ <test name="testConfigurableRolesAuthorizedAccess">
+ <desc>Test that a valid jmx-console domain user can invoke operations
+ * through the jmx/invoker/AuthenticatedRMIAdaptor</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ <test name="testUnAuthorizedAccess">
+ <desc>Test invalid access</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.jmx.test.RMIAdaptorUnitTestCase">
+ <desc>Tests over the RMIAdaptor</desc>
+ <test name="testMBeanInfoMarshalling">
+ <desc>Test that we can iterate and retrieve MBeanInfo for all registered MBeans</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.test.ssl.SSLUnitTestCase">
+ <desc>Tests of ssl and CLIENT-CERT auth. No basic auth.</desc>
+ <test name="testHttps">
+ <desc>Test that access of the transport constrained</desc>
+ <TSFI>tsfi.https</TSFI>
+ </test>
+ <test name="testHttpsSecurityDomain">
+ <desc></desc>
+ <TSFI>tsfi.https</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.ejb3.test.security.unit.ServletUnitTestCase">
+ <desc>Tests of servlet container integration into the JBoss server. This test
+ requires than a web container be integrated into the JBoss server. The tests
+ currently do NOT use the java.net.HttpURLConnection and associated http client
+ and these do not return valid HTTP error codes so if a failure occurs it
+ is best to connect the webserver using a browser to look for additional error
+ info.
+
+ The secure access tests require a user named 'jduke' with a password of 'theduke'
+ with a role of 'AuthorizedUser' in the servlet container.</desc>
+ <test name="testEJBServlet">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.ClientLoginModuleEJBUnitTestCase">
+ <desc>Call BeanA using jduke/theduke
+ +-- call BeanB switching idenity using ClientLoginModule
+ +---- call BeanC switching idenity using ClientLoginModule
+ validing the expected caller principal with different ejb method permissions</desc>
+ <test name="testClientLoginModule">
+ <desc></desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.ClientLoginModuleUnitTestCase">
+ <desc>ClientLoginModuleUnitTestCase/SecurityAssociation interaction tests</desc>
+ <test name="testSingleThreaded">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSingleThreadedRestoreIdentity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSingleThreadedRestoreStack">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMultiThreaded">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMultiThreadedRestoreIdentity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.CustomPrincipalPropagationUnitTestCase">
+ <desc>Test propagation of Custom Principal</desc>
+ <test name="testCustomPrincipalTransmission">
+ <desc>Custom Principal from outside the Application Server VM</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCustomPrincipalTransmissionInVM">
+ <desc>A web-app has a welcome jsp (called as index.jsp). Inside this jsp, there is a call made out to an ejb</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <!--
+ <testCase name="org.jboss.test.security.test.CustomSecurityManagerTestCase">
+ <desc>JBAS-2703 : Create a AuthenticationManager/AuthorizationManager
+ * plugin testcase
+ *
+ * This testcase overrides test methods from EJBSpecUnitTestCase (that
+ * should not be tested) with noop implementation.
+ *
+ * Also tests the interaction of the web layer with the EJB layer, with
+ * a custom security manager plugin installed.</desc>
+ <test name="testWebLayer">
+ <desc>Tests the access of a BASIC secured servlet that internally
+ * accesses a secured EJB</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ -->
+ <testCase name="org.jboss.test.security.test.DynamicLoginConfigServiceUnitTestCase">
+ <desc>Unit tests for the Dynamic Login Config Service</desc>
+ <test name="testAbsoluteLoginConfigURL">
+ <desc>DynamicLoginConfig service fails absolute login-config.xml url</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testAuthConf">
+ <desc>Do not allow Null AuthConfig or login-config.xml</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.EJBPermissionUnitTestCase">
+ <desc>Tests of the JAAC EJB*Permissions</desc>
+ <test name="testCtor1">
+ <desc>Tests of the EJBMethodPermission(String name, String actions)</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCtor2">
+ <desc>Tests of EJBMethodPermission(String ejbName, String methodInterface, Method method)</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCtor3">
+ <desc>Tests of EJBMethodPermission(String ejbName, String methodName,
+ String methodInterface, String[] methodParams)</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.JaasSecurityDomainUnitTestCase">
+ <desc>Tests of the JaasSecurityDomain service.</desc>
+ <test name="testTmpFilePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testFilePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testEncodeDecode">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testEncodeDecode64">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.LoginModulesUnitTestCase">
+ <desc>Tests of the LoginModule classes.</desc>
+ <test name="testClientLogin">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUsernamePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUsernamePasswordHash">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUsernamePasswordHashWithDigestCallback">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUsersRoles">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testUsersRolesHash">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testAnonUsersRoles">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testAnon">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testNull">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testIdentity">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ <test name="testJCACallerIdentity">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testJaasSecurityDomainIdentityLoginModule">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSimple">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testJdbc">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testControlFlags">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCertLogin">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCertRoles">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.MissingMethodUnitTestCase">
+ <desc>Tests missing-method-permissions-excluded-mode</desc>
+ <test name="testMissingIsUnchecked">
+ <desc>Test that methods without a method-permission behave as unchecked</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMissingIsExcluded">
+ <desc>Test that methods without a method-permission behave as excluded</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.RoleMappingModuleUnitTestCase">
+ <desc>JBAS-3323: Role Mapping Login Module that maps application role to declarative role</desc>
+ <test name="testRoleMappingModule">
+ <desc>Test the RoleMappingLoginModule with no option to replace the role</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testRoleMappingModuleWithReplace">
+ <desc>Test the RoleMappingLoginModule with an option to replace the role</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SAInheritableThreadLocalUnitTestCase">
+ <desc>Test that the security context thread locals propagate to child threads</desc>
+ <test name="testSecurityContext">
+ <desc>Test the expected security context exists via the SecurityAssociation accessors</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testInheritableThreadLocal">
+ <desc>Validate that a child thread sees its parent</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SAThreadLocalUnitTestCase">
+ <desc>Test that the security context thread locals do NOT propagate to child threads</desc>
+ <test name="testSecurityContext">
+ <desc>Test the order of PermissionNames</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testThreadLocal">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SecurityDomainLoginModuleOptionUnitTestCase">
+ <desc>For changes made on JBAS-1477, the security domain name is added to every login
+ * module option map by the ApplicationInfo object. When TRACE logging is enable,
+ * a login module will then display this option value for trouble shooting. The
+ * first part of test, displays how the security domain option is properly set
+ * in a security domain that exists in Configuration. The second test shows
+ * how the "other" security domain is displayed when the original domain does not
+ * exist in Configuration.</desc>
+ <test name="testSecurityDomainLoginModuleOption">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SecurityMgrStressTestCase">
+ <desc>Stress testing of the JaasSecurityManager</desc>
+ <test name="testMTAuthentication">
+ <desc>Test concurrent access to the isValid and doesUserHaveRole security
+ * mgr methods.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SecurityProxyUnitTestCase">
+ <desc>Tests of the EJB security proxy.</desc>
+ <test name="testMethodAccess">
+ <desc>Test that the echo method is accessible by an Echo
+ role. Since the noop() method of the StatelessSession
+ bean was not assigned any permissions it should not be
+ accessible by any user.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.SRPLoginModuleUnitTestCase">
+ <desc>Test of the secure remote password(SRP) service and its usage via JAAS
+login modules.</desc>
+ <test name="testSRPLogin">
+ <desc>Test a login against the SRP service using the SRPLoginModule</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSRPLogins">
+ <desc>Test a login against the SRP service using the SRPLoginModule, logout,
+ * and repeat twice.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSRPLoginHTTP">
+ <desc>Test a login against the SRP service using the SRPLoginModule</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSRPLoginHTTPHA">
+ <desc>Test a login against the SRP service using the SRPLoginModule</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSRPLoginWithExternalA">
+ <desc>Test a login against the SRP service using the SRPLoginModule and
+ specify the random number used in the client A public key.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSRPLoginWithAuxChallenge">
+ <desc>Test a login against the SRP service using the SRPLoginModule and
+ provide an auxillarly challenge to be validated by the server.</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSRPLoginWithMultipleSessions">
+ <desc>Test a login against the SRP service using the SRPLoginModule with
+ multiple sessions for the same user. This creates two threads</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="SRPUnitTestCase">
+ <desc>Test of the secure remote password(SRP) session key to perform crypto
+operations.</desc>
+ <test name="testEchoArgs">
+ <desc>Test that the echo method is secured by the SRPCacheLogin module</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMultiUserEchoArgs">
+ <desc>Test that the echo method is secured by the SRPCacheLogin module when using multi-session srp with two threads</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="WebUserDataPermissionUnitTestCase">
+ <desc>Tests of the JAAC WebUserDataPermission</desc>
+ <test name="testCtor2">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testNotImpliesPermission">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMatch">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testQualifiedPatterns">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.XMLLoginModulesUnitTestCase">
+ <desc>Tests of the LoginModule classes using the XMLLoginConfigImpl implementation
+ * of the JAAS login module configuration.</desc>
+ <test name="testGargantusRealm">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ <test name="testPropertyReplacement">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testPBEIdentityLoginModule">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testPBEIdentityLoginModuleTmpFilePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testXmlLoginModuleParsing">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testXMLLoginModule">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testXmlLoginModuleJaxbParsing">
+ <desc>JBAS-2702</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="AppCallbackHandlerUnitTestCase">
+ <desc>Unit Tests the AppCallbackHandler</desc>
+ <test name="testUserNamePassword">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testMapCallback">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testByteArrayCallback">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.securitymgr.test.EJBSpecUnitTestCase">
+ <desc>Tests of the programming restrictions defined by the EJB spec. The JBoss
+server must be running under a security manager. The securitymgr-ejb.jar
+should be granted only the following permission:
+
+grant securitymgr-ejb.jar {
+ permission java.util.PropertyPermission "*", "read";
+ permission java.lang.RuntimePermission "queuePrintJob";
+ permission java.net.SocketPermission "*", "connect";
+ };</desc>
+ <test name="testFileExists">
+ <desc>Test that a bean cannot access the filesystem using java.io.File</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testFileWrite">
+ <desc>Test that a bean cannot access the filesystem using java.io.File</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSocketListen">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSocketConnect">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCreateClassLoader">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testGetContextClassLoader">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSetContextClassLoader">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testReflection">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testThreadAccess">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCreateThread">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testChangeSystemErr">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testCreateSecurityMgr">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testLoadLibrary">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSystemExit">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.securitymgr.test.PolicyUnitTestCase">
+ <desc>Tests of the security permission enforcement that creates and directly
+ invokes the ejb methods to test the security policy permissions
+ without the noise of the ejb container.</desc>
+ <test name="testSecurityAssociation">
+ <desc>Test that a bean cannot access the SecurityAssociation class</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testFileIO">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ <test name="testSockets">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testClassLoaders">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testReflection">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testThreadAccess">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSystemAccess">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.securitymgr.test.SecurityUnitTestCase">
+ <desc>Tests of the security permission enforcement for items outside of the
+ standard EJB programming restrictions.</desc>
+ <test name="testGetPrincipal">
+ <desc>Test that a bean cannot access the SecurityAssociation class</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testGetCredential">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSetPrincipal">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSetCredential">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testGetSubject">
+ <desc>Test that access of the thread subject is allowed</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testGetSubjectCredentials">
+ <desc>Test that access to the private credentials of the thread subject fails</desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testSetSubject">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testPopRunAsRole">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="testPushRunAsRole">
+ <desc></desc>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.test.WebIntegrationUnitTestCase">
+ <desc>Tests of servlet container integration into the JBoss server. This test
+ requires than a web container be integrated into the JBoss server. The tests
+ currently do NOT use the java.net.HttpURLConnection and associated http client
+ and these do not return valid HTTP error codes so if a failure occurs it
+ is best to connect the webserver using a browser to look for additional error
+ info.
+
+ The secure access tests require a user named 'jduke' with a password of 'theduke'
+ with a role of 'AuthorizedUser' in the servlet container.</desc>
+ <test name="testClientLoginServlet">
+ <desc>Access the http://{host}/jbosstest/ClientLoginServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUserInRoleServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/UserInRoleServlet to
+ * test isUserInRole.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServlet2">
+ <desc>Access the http://{host}/jbosstest/restricted2/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSubjectServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SubjectServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletAndUnsecureAccess">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletWithBadPass">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletWithNoLogin">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotJbosstest">
+ <desc>Access the http://{host}/jbosstest-not/unrestricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecuredEntityFacadeServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SecuredEntityFacadeServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureEJBAccess">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureEJBAccess</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testIncludeEJB">
+ <desc>Access the http://{host}/jbosstest/restricted/include_ejb.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureEJBAccess">
+ <desc>Access the http://{host}/jbosstest/UnsecureEJBAccess with method=echo
+ * to test that an unsecured servlet cannot access a secured EJB method
+ * that requires a valid permission. This should fail.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureAnonEJBAccess">
+ <desc>Access the http://{host}/jbosstest/UnsecureEJBAccess with method=unchecked
+ * to test that an unsecured servlet can access a secured EJB method that
+ * only requires an authenticated user. This requires unauthenticated
+ * identity support by the web security domain.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServlet">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServletWithPrincipalName">
+ <desc>Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalName
+ * to test that an unsecured servlet can access a secured EJB method by using
+ * a run-as role. This should also have a custom run-as principal name.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServletWithPrincipalNameAndRoles">
+ <desc>Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalNameAndRoles
+ * to test that an unsecured servlet can access a secured EJB method by using
+ * a run-as role. This should also have a custom run-as principal name and
+ * additional roles.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotJbosstest2">
+ <desc>Deploy a second ear that include a notjbosstest-web.war to test ears
+ with the same war names conflicting.
+ Access the http://{host}/jbosstest-not2/unrestricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnauthorizedAccess">
+ <desc>JBAS-3279: Authenticated user can bypass declarative role checks for servlets</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.securitymgr.test.WebIntegrationUnitTestCase">
+ <desc>Tests of servlet container integration into the JBoss server. This test
+ requires than a web container be integrated into the JBoss server. The tests
+ currently do NOT use the java.net.HttpURLConnection and associated http client
+ and these do not return valid HTTP error codes so if a failure occurs it
+ is best to connect the webserver using a browser to look for additional error
+ info.
+
+ The secure access tests require a user named 'jduke' with a password of 'theduke'
+ with a role of 'AuthorizedUser' in the servlet container.</desc>
+ <test name="testRealPath">
+ <desc>Access the http://{host}/jbosstest/APIServlet to test the
+ * getRealPath method</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testHttpSessionListener">
+ <desc>Access the http://{host}/jbosstest/APIServlet to test the
+ * HttpSessionListener events</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testEJBOnStartupServlet">
+ <desc>Access the http://{host}/jbosstest/EJBOnStartupServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testENCServlet">
+ <desc>Access the http://{host}/jbosstest/ENCServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testServletInJar">
+ <desc>Access the http://{host}/jbosstest/SimpleServlet to test that servlets
+ * in the WEB-INF/lib jar.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testEJBServlet">
+ <desc>Access the http://{host}/jbosstest/EJBServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testEntityServlet">
+ <desc>Access the http://{host}/jbosstest/EntityServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testStatefulSessionServlet">
+ <desc>Access the http://{host}/jbosstest/StatefulSessionServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUserTransactionServlet">
+ <desc>Access the http://{host}/jbosstest/UserTransactionServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSpeedServlet">
+ <desc>Access the http://{host}/jbosstest/SpeedServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSnoopJSP">
+ <desc>Access the http://{host}/jbosstest/snoop.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSnoopJSPByPattern">
+ <desc>Access the http://{host}/jbosstest/snoop.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSnoopJSPByMapping">
+ <desc>Access the http://{host}/jbosstest/test-jsp-mapping</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testJSPClasspath">
+ <desc>Access the http://{host}/jbosstest/classpath.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testClientLoginServlet">
+ <desc>Access the http://{host}/jbosstest/ClientLoginServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUserInRoleServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/UserInRoleServlet to
+ * test isUserInRole.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServlet2">
+ <desc>Access the http://{host}/jbosstest/restricted2/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSubjectServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SubjectServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletAndUnsecureAccess">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletWithBadPass">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureServletWithNoLogin">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotJbosstest">
+ <desc>Access the http://{host}/jbosstest-not/unrestricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecuredEntityFacadeServlet">
+ <desc>Access the http://{host}/jbosstest/restricted/SecuredEntityFacadeServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureEJBAccess">
+ <desc>Access the http://{host}/jbosstest/restricted/SecureEJBAccess</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testIncludeEJB">
+ <desc>Access the http://{host}/jbosstest/restricted/include_ejb.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureEJBAccess">
+ <desc>Access the http://{host}/jbosstest/UnsecureEJBAccess with method=echo
+ * to test that an unsecured servlet cannot access a secured EJB method
+ * that requires a valid permission. This should fail.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureAnonEJBAccess">
+ <desc>Access the http://{host}/jbosstest/UnsecureEJBAccess with method=unchecked
+ * to test that an unsecured servlet can access a secured EJB method that
+ * only requires an authenticated user. This requires unauthenticated
+ * identity support by the web security domain.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServlet">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServletWithPrincipalName">
+ <desc>Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalName
+ * to test that an unsecured servlet can access a secured EJB method by using
+ * a run-as role. This should also have a custom run-as principal name.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnsecureRunAsServletWithPrincipalNameAndRoles">
+ <desc>Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalNameAndRoles
+ * to test that an unsecured servlet can access a secured EJB method by using
+ * a run-as role. This should also have a custom run-as principal name and
+ * additional roles.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNotJbosstest2">
+ <desc>Deploy a second ear that include a notjbosstest-web.war to test ears
+ with the same war names conflicting.
+ Access the http://{host}/jbosstest-not2/unrestricted/SecureServlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testBadWarRedeploy">
+ <desc>Deploy a bad war and then redploy with a fixed war to test failed war
+ * cleanup.
+ * Access the http://{host}/redeploy/index.html</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testWarManifest">
+ <desc>Test of a war that accesses classes referred to via the war manifest
+ * classpath. Access the http://{host}/manifest/classpath.jsp</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testBadEarRedeploy">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testJava2ClassLoadingComplianceOverride">
+ <desc>Validate a war level override of the
+ * java2ClassLoadingComplianceOverride flag to true with a
+ * useJBossWebLoader = false</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testJava2ClassLoadingComplianceOverrideULR">
+ <desc>Validate a war level override of the
+ * java2ClassLoadingComplianceOverride flag to true with a
+ * useJBossWebLoader = true</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUnauthorizedAccess">
+ <desc>JBAS-3279: Authenticated user can bypass declarative role checks for servlets</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.security.CustomHeaderAuthTestCase">
+ <desc>JBAS-2283: Custom Header based authentication</desc>
+ <test name="testRegularFormAuth">
+ <desc>Ensure that in the absence of headers, there is regular
+ * form based authentication</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <!--
+ <testCase name="org.jboss.test.web.test.ClusteredSingleSignOnUnitTestCase">
+ <desc>Tests of web app single sign-on in a clustered environment</desc>
+ <test name="testUndeployNonClusteredWebapp">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testUndeployClusteredWebapp">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testFormAuthSingleSignOn">
+ <desc>Test single sign-on across two web apps using form based auth</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNoAuthSingleSignOn">
+ <desc>Test single sign-on across two web apps using form based auth</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSessionExpiration">
+ <desc>Tests that use of transactions in ClusteredSSO does not interfere
+ * with session expiration thread. See JBAS-2212.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ -->
+ <testCase name="FormAuthUnitTestCase">
+ <desc>Tests of form authentication</desc>
+ <test name="testFormAuth">
+ <desc>Test form authentication of a secured servlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testFormAuthException">
+ <desc>Test that a bad login is redirected to the errors.jsp and that the
+ * session j_exception is not null.
+ * </desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testFormAuthSubject">
+ <desc>Test form authentication of a secured servlet and validate that there is
+ * a SecurityAssociation setting Subject. </desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testPostDataFormAuth">
+ <desc>Test that a post from an unsecured form to a secured servlet does not
+ * loose its data during the redirct to the form login.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testFlushOnSessionInvalidation">
+ <desc>Test that the war which use <security-domain flushOnSessionInvalidation="true">
+ * in the jboss-web.xml does not have any jaas security domain cache entries
+ * after the web session has been invalidated.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.test.SingleSignOnUnitTestCase">
+ <desc>ests of web app single sign-on</desc>
+ <test name="testFormAuthSingleSignOn">
+ <desc>Test single sign-on across two web apps using form based auth</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testNoAuthSingleSignOn">
+ <desc>Test single sign-on across two web apps using form based auth</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.test.UserInRoleUnitTestCase">
+ <desc>Tests of the servlet request isUserInRole call.</desc>
+ <test name="testRoleWithLink">
+ <desc>Test that the custom 404 error page is seen</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testRoleWithoutLink">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testConflictingUserInRole">
+ <desc>Test that two wars from different security domains with common principal
+ * names do not conflict in terms of isUserInRole results.
+ * http://jira.jboss.com/jira/browse/JBAS-3043
+ *
+ * This is the non-jacc version where the programmatic security of isUserInRole
+ * will work off of the roles populated in the subject, irrespective of whether
+ * the roles are fully defined in the web.xml</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testConflictingUserInRoleJaccVersion">
+ <desc>Test that two wars from different security domains with common principal
+ * names do not conflict in terms of isUserInRole results.
+ * http://jira.jboss.com/jira/browse/JBAS-3043
+ *
+ * This is the jacc version where the programmatic security of isUserInRole
+ * will work only of the roles are fully defined in the web.xml</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.web.test.WebProgrammaticLoginTestCase">
+ <desc>JBAS-4077: Web Programmatic Login </desc>
+ <test name="testUnsuccessfulLogin">
+ <desc>Test unsuccessful login</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSuccessfulLogin">
+ <desc>Test Successful programmatic login in a servlet</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.jmx.test.SecureRMIAdaptorUnitTestCase">
+ <desc>Tests for a secured deployment of the jmx invoker adaptor</desc>
+ <test name="testAuthenticatedAccess">
+ <desc>Test that a valid jmx-console domain user can invoke operations
+ * through the jmx/invoker/AuthenticatedRMIAdaptor</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ <test name="testUnauthenticatedAccess">
+ <desc>Test that a valid jmx-console domain user can NOT invoke operations
+ * through the jmx/invoker/AuthenticatedRMIAdaptor</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ <test name="testAuthorizedAccess">
+ <desc>Test that a valid jmx-console domain user can invoke operations
+ * through the jmx/invoker/AuthenticatedRMIAdaptor</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ <test name="testUnauthorizedAccess">
+ <desc>Test that a valid jmx-console domain user can NOT invoke operations
+ * through the jmx/invoker/AuthenticatedRMIAdaptor</desc>
+ <TSFI>tsfi.jmx.rmi</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.naming.test.SecurityUnitTestCase">
+ <desc>Tests of secured access to the JNDI naming service. This testsuite will be run with the standard security resources available via the classpath.</desc>
+ <test name="testSecureHttpInvokerFailure">
+ <desc>Test access to the security http InitialContext without a login</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testSecureHttpInvoker">
+ <desc>Test access to the JNDI naming service over a restricted http URL</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testHttpReadonlyLookup">
+ <desc>Test access of the readonly context without a login</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testHttpReadonlyContextLookup">
+ <desc>Test access of the readonly context without a login</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="testLoginInitialContext">
+ <desc>Test an initial context factory that does a JAAS login to validate the credentials passed in</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ <test name="testSecureEJBViaLoginInitialContextFactory">
+ <desc>Use the LoginInitialContextFactory to access a secured ejb</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ <test name="testSecureEJBViaJndiLoginInitialContextFactory">
+ <desc>Use the JndiLoginInitialContextFactory to access a secured ejb</desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ <test name="testEjbLinkLocalSecured">
+ <desc></desc>
+ <TSFI>???jnp.. isn't it disabled?</TSFI>
+ </test>
+ </testCase>
+
+ <!-- template -->
+ <testCase name="">
+ <desc></desc>
+ <test name="">
+ <desc></desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ </testCase>
+
+ </testSuite>
+
+ <testSuite name="JBM">
+
+ <testCase name="org.jboss.test.messaging.jms.SecurityTest">
+ <desc>Test JMS Security. This test must be run with the Test security config. on the server.</desc>
+ <test name="testLoginNoUserNoPassword ">
+ <desc>Login with no user, no password. Should allow login (equivalent to guest)</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testLoginValidUserAndPassword">
+ <desc>Login with valid user and password
+ * Should allow</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testLoginValidUserInvalidPassword">
+ <desc>Login with valid user and invalid password</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testLoginInvalidUserInvalidPassword">
+ <desc>Login with invalid user and invalid password</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testPreConfClientID">
+ <desc>user/pwd with preconfigured clientID, should return preconf</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSetClientID">
+ <desc>Try setting client ID</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSetClientIDPreConf">
+ <desc>Try setting client ID on preconfigured connection - should throw exception</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testAnonymousConnection">
+ <desc>Authorization tests</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidTopicPublisher">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidTopicPublisher">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidTopicSubscriber">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidTopicSubscriber">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidQueueBrowser">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidQueueBrowser">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidQueueSender">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidQueueSender">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidQueueReceiver">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidQueueReceiver">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidDurableSubscriptionCreationPreConf">
+ <desc>Test valid durable subscription creation for connection preconfigured with client id</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidDurableSubscriptionCreationPreConf">
+ <desc> Test invalid durable subscription creation for connection preconfigured with client id</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testValidDurableSubscriptionCreationNotPreConf">
+ <desc>Test valid durable subscription creation for connection not preconfigured with client id</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testInvalidDurableSubscriptionCreationNotPreConf">
+ <desc>Test invalid durable subscription creation for connection not preconfigured with client id</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testDefaultSecurityValid">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testDefaultSecurityInvalid">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testDefaultSecurityUpdate">
+ <desc>This test makes sure that changing the default security configuration on the server has effect over already deployed destinations.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testQueueSecurityUpdateStopped">
+ <desc>This test makes sure that changing the queue security configuration on the server has effect
+ * over destinations when they are stopped (this is what happens in a real deployment - the security config
+ * gets set before the queue/topic is started
+ * See http://jira.jboss.com/jira/browse/JBMESSAGING-976</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testTopicSecurityUpdateStopped">
+ <desc> * This test makes sure that changing the topic security configuration on the server has effect
+ * over destinations when they are stopped (this is what happens in a real deployment - the security config
+ * gets set before the queue/topic is started
+ * See http://jira.jboss.com/jira/browse/JBMESSAGING-976</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testQueueSecurityUpdate">
+ <desc>This test makes sure that changing the queue security configuration on the server has effect
+ * over already deployed destinations.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testTopicSecurityUpdate">
+ <desc>This test makes sure that changing the topic security configuration on the server has effect
+ * over already deployed destinations.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSecurityForQueuesAndTopicsWithTheSameName">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSecurityForTemporaryQueue">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSecurityForTemporaryTopic">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSecurityForTemporaryDestination">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testSecurityOnXA">
+ <desc>This Validate sending messages on an Queue where the user don't have write authorization</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.thirdparty.jbosssx.SecurityAssociationTest">
+ <desc>Set of tests to insure consistent behavior relative to the JBoss AS security infrastructure.
+ * This is just a safety layer, full fledged security tests should be present in the integration
+ * test suite.</desc>
+ <test name="testSecurityAssociation">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testGuestAuthorizedSend">
+ <desc>Send a message to a queue that requires write permissions, and make sure the thread local
+ * SecurityContext stack is correctly cleaned up after that. We're using a test security
+ * manager that simulates a JBoss JaasSecurityManager.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ <test name="testAuthorizedSend">
+ <desc>Send a message to a queue that requires write permissions, and make sure the thread local
+ * SecurityContext stack is correctly cleaned up after that. We're using a test security
+ * manager that simulates a JBoss JaasSecurityManager.</desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ </testCase>
+ <testCase name="org.jboss.test.security.test.HttpsUnitTestCase">
+ <desc>Test of using https urls inside of the JBoss server. This testcase
+ creates a simple https server and deploys a service that tries to
+ connect to the server using the https url passed to the service.</desc>
+ <test name="testJSSE">
+ <desc>Test the JSSE installation</desc>
+ <TSFI>tsfi.https</TSFI>
+ </test>
+ <test name="testHttpsURL">
+ <desc>Test a login against the SRP service using the SRPLoginModule</desc>
+ <TSFI>tsfi.https</TSFI>
+ </test>
+ </testCase>
+
+ <!-- template -->
+ <testCase name="">
+ <desc></desc>
+ <test name="">
+ <desc></desc>
+ <TSFI>tsfi.jms</TSFI>
+ </test>
+ </testCase>
+
+ </testSuite>
+
+ <!-- JBoss (TOE) has passed J2EE TCK 1.4, so some testcases from there are also picked up -->
+ <testSuite name="CTS">
+ <testCase name="J2EE">
+ <desc>J2EETM 1.4 Platform assertions</desc>
+ <test name="J2EE:SPEC:21">
+ <desc> All J2EE products are required to support three login mechanisms: HTTP basic authentication, SSL mutual authentication, and form-based login. An application is not required to use any of these mechanisms, but they are required to be available for any application's use.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="J2EE:SPEC:22">
+ <desc>All J2EE products are required to support HTTP basic authentication (RFC2068). Platform Providers are also required to support basic authentication over SSL.</desc>
+ <TSFI>tsfi.http</TSFI>
+ <TSFI>tsfi.https</TSFI>
+ </test>
+ <test name="J2EE:SPEC:25">
+ <desc>Web containers are required to support access to web resources by clients that have not authenticated themselves to the container. This is the common mode of access to web resources on the Internet. A web container reports that no user has been authenticated by returning null from the HttpServletRequest method getUserPrincipal. This is different than the corresponding result for EJB containers. The EJB specification requires that the EJBContext method getCallerPrincipal always return a valid Principal object. The method can never return null. Components running in a web container must be able to call enterprise beans even when no user has been authenticated in the web container. When a call is made in such a case from a component in a web container to an enterprise bean, a J2EE product must provide a principal for use in the call. A J2EE product may provide a principal for use by unauthenticated callers using many approaches, including, but not limited to: Alw!
ays use a single distinguished principal. Use a different distinguished principal per server, or per session, or per application. Allow the deployer or system administrator to choose which principal to use through the Run As capability of the web and enterprise bean containers. </desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="J2EE:SPEC:27">
+ <desc>A Product Provider must support both of the following: 1. Configured Identity.AJ2EE container must be able to authenticate for access to the resource using a principal and authentication data specified by a Deployer at deployment time.The authentication must not depend in any way on data provided by the application components. Providing for the confidential storage of the authentication information is the responsibility of the Product Provider. 2. Programmatic Authentication. The J2EE product must provide for specification of the principal and authentication data for a resource by the application component at runtime using appropriate APIs. The application may obtain the principal and authentication data through a variety of mechanisms, including receiving them as parameters, obtaining them from the component's environment, and so forth.</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="J2EE:SPEC:30">
+ <desc> Caller Authorization A J2EE product must enforce the access control rules specified at deployment time (see Section J2EE.3.6, Deployment Requirements) and more fully described in the EJB and servlet specifications.</desc>
+ <TSFI>tsfi.http</TSFI>
+ <TSFI>tsfi.rmi.jrmp</TSFI>
+ </test>
+ <test name="J2EE:SPEC:31">
+ <desc> Propagated Caller Identities. It must be possible to configure a J2EE product so that a propagated caller identity is used in all authorization decisions. With this configuration, for all calls to all enterprise beans from a single application within a single J2EE product, the principal name returned by the EJBContext method getCallerPrincipal must be the same as that returned by the first enterprise bean in the call chain. If the first enterprise bean in the call chain is called by a servlet or JSP page, the principal name must be the same as that returned by the HttpServletRequest method getUserPrincipal in the calling servlet or JSP page. (However, if the HttpServletRequest method getUserPrincipal returns null, the principal used in calls to enterprise beans is not specified by this specification, although it must still be possible to configure enterprise beans to be callable by such components.) Note that this does not require delegation of credentials, o!
nly identification of the caller. A single principal must be the principal used in authorization decisions for access to all enterprise beans in the call chain. The requirements in this section apply only when a J2EE product has been configured to propagate caller identity</desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="J2EE:SPEC:33">
+ <desc> All J2EE products must implement the access control semantics described in the EJB, JSP, and servlet specifications, and provide a means of mapping the deployment descriptor security roles to the actual roles exposed by a J2EE product </desc>
+ <TSFI>tsfi.http</TSFI>
+ </test>
+ <test name="">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ </testCase>
+
+ <!-- template -->
+ <testCase name="">
+ <desc></desc>
+ <test name="">
+ <desc></desc>
+ <TSFI></TSFI>
+ </test>
+ </testCase>
+ </testSuite>
+
+</cc:testCaseMapping>
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cacert.pem
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cacert.pem (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cacert.pem 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDnzCCAwigAwIBAgIJAKv1Uv9kGk3vMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEYMBYGA1UEBxMPU25vcXVhbG1p
+ZSBQYXNzMRMwEQYDVQQKEwpKQm9zcyBJbmMuMQswCQYDVQQLEwJRQTESMBAGA1UE
+AxMJamJvc3MuY29tMR4wHAYJKoZIhvcNAQkBFg9hZG1pbkBqYm9zcy5jb20wHhcN
+MDUwODAyMjA1MjA4WhcNMzIxMjE4MjA1MjA4WjCBkjELMAkGA1UEBhMCVVMxEzAR
+BgNVBAgTCldhc2hpbmd0b24xGDAWBgNVBAcTD1Nub3F1YWxtaWUgUGFzczETMBEG
+A1UEChMKSkJvc3MgSW5jLjELMAkGA1UECxMCUUExEjAQBgNVBAMTCWpib3NzLmNv
+bTEeMBwGCSqGSIb3DQEJARYPYWRtaW5AamJvc3MuY29tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDE0ykCaGFDXnF+4ASlGPTh6yPvUOEGCQWIr10B+0qPk9ct
+yGpJR8dxFqlRBQ/ORCx+SPASEJd/xt9QSScDFNeKIHClKq96k1DBJBflDCRTJQkn
+3d6VsxTlW1PGjFejnqEII0mtpoiUxS3jyHBY8lNf7izRuSCxbFS+LXeEiDX5iQID
+AQABo4H6MIH3MB0GA1UdDgQWBBRLldgXCGLsOtXZjfSSKwLzSvoWfjCBxwYDVR0j
+BIG/MIG8gBRLldgXCGLsOtXZjfSSKwLzSvoWfqGBmKSBlTCBkjELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCldhc2hpbmd0b24xGDAWBgNVBAcTD1Nub3F1YWxtaWUgUGFz
+czETMBEGA1UEChMKSkJvc3MgSW5jLjELMAkGA1UECxMCUUExEjAQBgNVBAMTCWpi
+b3NzLmNvbTEeMBwGCSqGSIb3DQEJARYPYWRtaW5AamJvc3MuY29tggkAq/VS/2Qa
+Te8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAg6c158cHl0pnwK4Ir
+QzmMbd4oWY4gSmkTAM+92G2KPU/ZiH0gCK3sZX9raKtIeOkf4EGxWyJ8/9D7aTlU
+/6bsKOX4WwdyzsSP4IcIoXN2sCZvyTNW9j9sqN+u1mMe0EpLfM/vQF8SXmN9wUXF
+vuVw26a3neK+p4W5O1QADLZ3OA==
+-----END CERTIFICATE-----
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cakey.pem
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cakey.pem (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/cakey.pem 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDE0ykCaGFDXnF+4ASlGPTh6yPvUOEGCQWIr10B+0qPk9ctyGpJ
+R8dxFqlRBQ/ORCx+SPASEJd/xt9QSScDFNeKIHClKq96k1DBJBflDCRTJQkn3d6V
+sxTlW1PGjFejnqEII0mtpoiUxS3jyHBY8lNf7izRuSCxbFS+LXeEiDX5iQIDAQAB
+AoGAK3jkJub9DI8wjDBYdkqj075GypXXjaiyczUgWs6w8jNaJH+Oki7raxvxO7bd
+fdZq6V2cwLCvdYZsTmRJ3JFe5X0J4g5/t2pdXY2BHL/EbKURQN7IeL+7e+Pw/wmi
+QKafjqhzdCZi5rM/TPqfbAzIIgX2eknfE3LYLcmZrWZlZC0CQQDhtv6B/AunQUD0
+eTOV4mWXD6pGlHn/gqYAnli1DwKme7HY9pdH7/pjXt58PMANZAYiXaiaVY/nH9/U
+e5YicI1TAkEA3zvVYLTikTaR371bDUpAJ9d257fEgexqaVGuqltjY9kNx2nNhmxe
+oyO2nZDyrkh0YED7KrCCI3blSMab5IKmMwJAO6JgfbE81vS7l5vKEEifdJjT8Q/b
+Z7F58GHlp/iOR7QYme0UrRHvQn/XIlXem+sYX84E9Lm0amkWdwor8W9xNwJASEJ3
++YvT4ymE4qXKuWyVg9ANH0ivBVdfwqO8JEzcyU9TVH99FcwyfiBrVmm7BItTkGy4
+YMMt/QjZg0s23ysjXQJAaw8M6Sk7kam0qtxBBByJcBWTqrpVV+Ihm2+bAUB1gGnS
+TYwoKQZevczRwlAKsg8eilH2eJkCptp/pNSeG89syg==
+-----END RSA PRIVATE KEY-----
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/client.keystore
===================================================================
(Binary files differ)
Property changes on: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/client.keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/localhost.keystore
===================================================================
(Binary files differ)
Property changes on: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/localhost.keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/login-config.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/login-config.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/login-config.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,167 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+
+<policy>
+ <!-- Used by clients within the application server VM such as
+ mbeans and servlets that access EJBs.
+ -->
+ <application-policy name = "client-login">
+ <authentication>
+ <login-module code = "org.jboss.security.ClientLoginModule"
+ flag = "required">
+ <!-- Any existing security context will be restored on logout -->
+ <module-option name="restore-login-identity">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ -->
+ <application-policy name = "jbossmq">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
+ flag = "required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name = "dsJndiName">java:/DefaultDS</module-option>
+ <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
+ <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ when using file-state-service.xml
+ <application-policy name = "jbossmq">
+ <authentication>
+ <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
+ flag = "required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ -->
+
+ <!-- Security domains for testing new jca framework -->
+ <application-policy name = "HsqlDbRealm">
+ <authentication>
+ <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag = "required">
+ <module-option name = "principal">sa</module-option>
+ <module-option name = "userName">sa</module-option>
+ <module-option name = "password"></module-option>
+ <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "JmsXARealm">
+ <authentication>
+ <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag = "required">
+ <module-option name = "principal">guest</module-option>
+ <module-option name = "userName">guest</module-option>
+ <module-option name = "password">guest</module-option>
+ <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the jmx-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name = "jmx-console">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
+ <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the web-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name = "web-console">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name="usersProperties">web-console-users.properties</module-option>
+ <module-option name="rolesProperties">web-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!--
+ A template configuration for the JBossWS security domain.
+ This defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="JBossWS">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="usersProperties">props/jbossws-users.properties</module-option>
+ <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
+ <module-option name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="messaging">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
+ flag = "required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name = "dsJndiName">java:/DefaultDS</module-option>
+ <module-option name = "principalsQuery">SELECT PASSWD FROM JBM_USER WHERE USER_ID=?</module-option>
+ <module-option name = "rolesQuery">SELECT ROLE_ID, 'Roles' FROM JBM_ROLE WHERE USER_ID=?</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "jbosstest-ssl">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.BaseCertLoginModule"
+ flag = "required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="securityDomain">java:/jaas/jbosstest-ssl</module-option>
+ </login-module>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="usersProperties">ssl-users.properties</module-option>
+ <module-option name="rolesProperties">ssl-roles.properties</module-option>
+ <module-option name="roleGroupSeperator">:</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- The default login configuration used by any security domain that
+ does not have a application-policy entry with a matching name
+ -->
+ <application-policy name = "other">
+ <!-- A simple server login module, which can be used when the number
+ of users is relatively small. It uses two properties files:
+ users.properties, which holds users (key) and their password (value).
+ roles.properties, which holds users (key) and a comma-separated list of
+ their roles (value).
+ The unauthenticatedIdentity property defines the name of the principal
+ that will be used when a null username and password are presented as is
+ the case for an unuathenticated web client or MDB. If you want to
+ allow such users to be authenticated add the property, e.g.,
+ unauthenticatedIdentity="nobody"
+ -->
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required" />
+ </authentication>
+ </application-policy>
+
+</policy>
+
+
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-roles.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-roles.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-roles.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+kermit=friend
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-users.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-users.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jbossws-users.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+kermit=thefrog
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-roles.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-roles.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-roles.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+admin=JBossAdmin,HttpInvoker
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-users.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-users.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/props/jmx-console-users.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+admin=admin
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-roles.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-roles.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-roles.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+CN\=unit-tests-client,\ OU\=JBoss\ Inc.,\ O\=JBoss\ Inc.,\ ST\=Washington,\ C\=US=AuthorizedUser
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-users.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-users.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/conf/ssl-users.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1 @@
+# An empty users file
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/META-INF/jboss-service.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/META-INF/jboss-service.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/META-INF/jboss-service.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE server>
+<!-- $Id: jboss-service.xml 35473 2005-08-30 17:38:39Z jmoran $ -->
+
+<server>
+
+ <!-- The HTTP invoker service configration
+ -->
+ <mbean code="org.jboss.invocation.http.server.HttpInvoker"
+ name="jboss:service=invoker,type=http">
+ <!-- Use a URL of the form http://<hostname>:8080/invoker/EJBInvokerServlet
+ where <hostname> is InetAddress.getHostname value on which the server
+ is running.
+ -->
+ <attribute name="InvokerURLPrefix">http://</attribute>
+ <attribute name="InvokerURLSuffix">:8080/invoker/EJBInvokerServlet</attribute>
+ <attribute name="UseHostName">true</attribute>
+ </mbean>
+
+ <mbean code="org.jboss.invocation.http.server.HttpInvokerHA"
+ name="jboss:service=invoker,type=httpHA">
+ <!-- Use a URL of the form http://<hostname>:8080/invoker/EJBInvokerHAServlet
+ where <hostname> is InetAddress.getHostname value on which the server
+ is running.
+ -->
+ <attribute name="InvokerURLPrefix">http://</attribute>
+ <attribute name="InvokerURLSuffix">:8080/invoker/EJBInvokerHAServlet</attribute>
+ <attribute name="UseHostName">true</attribute>
+ </mbean>
+
+ <!-- Expose the Naming service interface via HTTP -->
+ <mbean code="org.jboss.invocation.http.server.HttpProxyFactory"
+ name="jboss:service=invoker,type=http,target=Naming">
+ <!-- The Naming service we are proxying -->
+ <attribute name="InvokerName">jboss:service=Naming</attribute>
+ <!-- Compose the invoker URL from the cluster node address -->
+ <attribute name="InvokerURLPrefix">http://</attribute>
+ <attribute name="InvokerURLSuffix">:8080/invoker/JMXInvokerServlet</attribute>
+ <attribute name="UseHostName">true</attribute>
+ <attribute name="ExportedInterface">org.jnp.interfaces.Naming</attribute>
+ <attribute name="JndiName"></attribute>
+ <attribute name="ClientInterceptors">
+ <interceptors>
+ <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor>
+ <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
+ <interceptor>org.jboss.naming.interceptors.ExceptionInterceptor</interceptor>
+ <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
+ </interceptors>
+ </attribute>
+ </mbean>
+
+ <!-- Expose the Naming service interface via clustered HTTP. This maps
+ to the ReadOnlyJNDIFactory servlet URL
+ -->
+ <mbean code="org.jboss.invocation.http.server.HttpProxyFactory"
+ name="jboss:service=invoker,type=http,target=Naming,readonly=true">
+ <attribute name="InvokerName">jboss:service=Naming</attribute>
+ <attribute name="InvokerURLPrefix">http://</attribute>
+ <attribute name="InvokerURLSuffix">:8080/invoker/readonly/JMXInvokerServlet</attribute>
+ <attribute name="UseHostName">true</attribute>
+ <attribute name="ExportedInterface">org.jnp.interfaces.Naming</attribute>
+ <attribute name="JndiName"></attribute>
+ <attribute name="ClientInterceptors">
+ <interceptors>
+ <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor>
+ <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
+ <interceptor>org.jboss.naming.interceptors.ExceptionInterceptor</interceptor>
+ <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
+ </interceptors>
+ </attribute>
+ </mbean>
+
+ <!-- Expose the HA Naming service interface via HTTP -->
+ <mbean code="org.jboss.invocation.http.server.HttpProxyFactory"
+ name="jboss:service=invoker,type=http,target=HAJNDI">
+ <!-- The Naming service we are proxying -->
+ <attribute name="InvokerName">jboss:service=HAJNDI</attribute>
+ <!-- Compose the invoker URL from the cluster node address -->
+ <attribute name="InvokerURLPrefix">http://</attribute>
+ <attribute name="InvokerURLSuffix">:8080/invoker/JMXInvokerHAServlet</attribute>
+ <attribute name="UseHostName">true</attribute>
+ <attribute name="ExportedInterface">org.jnp.interfaces.Naming</attribute>
+ <attribute name="JndiName"></attribute>
+ <attribute name="ClientInterceptors">
+ <interceptors>
+ <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor>
+ <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
+ <interceptor>org.jboss.naming.interceptors.ExceptionInterceptor</interceptor>
+ <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
+ </interceptors>
+ </attribute>
+ </mbean>
+</server>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/jboss-web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/jboss-web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/jboss-web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,3 @@
+<jboss-web>
+ <security-domain>java:/jaas/jmx-console</security-domain>
+</jboss-web>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,224 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<!-- The http-invoker.sar/invoker.war web.xml descriptor
+$Id: web.xml 65305 2007-09-11 21:15:24Z fnasser at redhat.com $
+-->
+<web-app>
+ <filter>
+ <filter-name>ReadOnlyAccessFilter</filter-name>
+ <filter-class>org.jboss.invocation.http.servlet.ReadOnlyAccessFilter</filter-class>
+ <init-param>
+ <param-name>readOnlyContext</param-name>
+ <param-value>readonly</param-value>
+ <description>The top level JNDI context the filter will enforce
+ read-only access on. If specified only Context.lookup operations
+ will be allowed on this context. Another other operations or lookups
+ on any other context will fail. Do not associate this filter with the
+ JMXInvokerServlets if you want unrestricted access.
+ </description>
+ </init-param>
+ <init-param>
+ <param-name>invokerName</param-name>
+ <param-value>jboss:service=Naming</param-value>
+ <description>The JMX ObjectName of the naming service mbean
+ </description>
+ </init-param>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>ReadOnlyAccessFilter</filter-name>
+ <url-pattern>/readonly/*</url-pattern>
+ </filter-mapping>
+
+<!-- ### Servlets -->
+ <servlet>
+ <servlet-name>EJBInvokerServlet</servlet-name>
+ <description>The EJBInvokerServlet receives posts containing serlized
+ MarshalledInvocation objects that are routed to the EJB invoker given by
+ the invokerName init-param. The return content is a serialized
+ MarshalledValue containg the return value of the inovocation, or any
+ exception that may have been thrown.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>
+ <init-param>
+ <param-name>invokerName</param-name>
+ <param-value>jboss:service=invoker,type=http</param-value>
+ <description>The RMI/HTTP EJB compatible invoker</description>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet>
+ <servlet-name>EJBInvokerHAServlet</servlet-name>
+ <description>The EJBInvokerHAServlet receives posts containing serlized
+ MarshalledInvocation objects that are routed to the EJB invoker given by
+ the invokerName init-param. The return content is a serialized
+ MarshalledValue containg the return value of the inovocation, or any
+ exception that may have been thrown.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>
+ <init-param>
+ <param-name>invokerName</param-name>
+ <param-value>jboss:service=invoker,type=httpHA</param-value>
+ <description>The HA-RMI/HTTP EJB compatible invoker</description>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet>
+ <servlet-name>JMXInvokerServlet</servlet-name>
+ <description>The JMXInvokerServlet receives posts containing serlized
+ MarshalledInvocation objects that are routed to the invoker given by
+ the the MBean whose object name hash is specified by the
+ invocation.getObjectName() value. The return content is a serialized
+ MarshalledValue containg the return value of the inovocation, or any
+ exception that may have been thrown.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JNDIFactory</servlet-name>
+ <description>A servlet that exposes the JBoss JNDI Naming service stub
+ through http. The return content is a serialized
+ MarshalledValue containg the org.jnp.interfaces.Naming stub. This
+ configuration handles requests for the standard JNDI naming service.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class>
+ <init-param>
+ <param-name>namingProxyMBean</param-name>
+ <param-value>jboss:service=invoker,type=http,target=Naming</param-value>
+ </init-param>
+ <init-param>
+ <param-name>proxyAttribute</param-name>
+ <param-value>Proxy</param-value>
+ </init-param>
+ <load-on-startup>2</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>HAJNDIFactory</servlet-name>
+ <description>A servlet that exposes the JBoss JNDI Naming service stub
+ through http, but only for a single read-only context. The return content
+ is a serialized MarshalledValue containg the org.jnp.interfaces.Naming
+ stub.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class>
+ <init-param>
+ <param-name>namingProxyMBean</param-name>
+ <param-value>jboss:service=invoker,type=http,target=HAJNDI</param-value>
+ </init-param>
+ <init-param>
+ <param-name>proxyAttribute</param-name>
+ <param-value>Proxy</param-value>
+ </init-param>
+ <load-on-startup>2</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>ReadOnlyJNDIFactory</servlet-name>
+ <description>A servlet that exposes the JBoss JNDI Naming service stub
+ through http, but only for a single read-only context. The return content
+ is a serialized MarshalledValue containg the org.jnp.interfaces.Naming
+ stub.
+ </description>
+ <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class>
+ <init-param>
+ <param-name>namingProxyMBean</param-name>
+ <param-value>jboss:service=invoker,type=http,target=Naming,readonly=true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>proxyAttribute</param-name>
+ <param-value>Proxy</param-value>
+ </init-param>
+ <load-on-startup>2</load-on-startup>
+ </servlet>
+
+<!-- ### Servlet Mappings -->
+ <servlet-mapping>
+ <servlet-name>JNDIFactory</servlet-name>
+ <url-pattern>/JNDIFactory/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>HAJNDIFactory</servlet-name>
+ <url-pattern>/HAJNDIFactory/*</url-pattern>
+ </servlet-mapping>
+ <!-- A mapping for the NamingFactoryServlet that only allows invocations
+ of lookups under a read-only context. This is enforced by the
+ ReadOnlyAccessFilter
+ -->
+ <servlet-mapping>
+ <servlet-name>ReadOnlyJNDIFactory</servlet-name>
+ <url-pattern>/ReadOnlyJNDIFactory/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>EJBInvokerServlet</servlet-name>
+ <url-pattern>/EJBInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>EJBInvokerHAServlet</servlet-name>
+ <url-pattern>/EJBInvokerHAServlet/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>JMXInvokerServlet</servlet-name>
+ <url-pattern>/JMXInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>JMXInvokerServlet</servlet-name>
+ <url-pattern>/JMXInvokerHAServlet/*</url-pattern>
+ </servlet-mapping>
+ <!-- A mapping for the JMXInvokerServlet that only allows invocations
+ of lookups under a read-only context. This is enforced by the
+ ReadOnlyAccessFilter
+ -->
+ <servlet-mapping>
+ <servlet-name>JMXInvokerServlet</servlet-name>
+ <url-pattern>/readonly/JMXInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+
+ <!-- Alternate mappings that place the servlets under the restricted
+ path to required authentication for access. Remove the unsecure mappings
+ if only authenticated users should be allowed.
+ -->
+ <servlet-mapping>
+ <servlet-name>JNDIFactory</servlet-name>
+ <url-pattern>/restricted/JNDIFactory/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>JMXInvokerServlet</servlet-name>
+ <url-pattern>/restricted/JMXInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+
+ <!-- An example security constraint that restricts access to the HTTP invoker
+ to users with the role HttpInvoker Edit the roles to what you want and
+ configure the WEB-INF/jboss-web.xml/security-domain element to reference
+ the security domain you want. -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HttpInvokers</web-resource-name>
+ <description>An example security config that only allows users with the
+ role HttpInvoker to access the HTTP invoker servlets
+ </description>
+ <url-pattern>/restricted/*</url-pattern>
+ <url-pattern>/JNDIFactory/*</url-pattern>
+ <url-pattern>/EJBInvokerServlet/*</url-pattern>
+ <url-pattern>/JMXInvokerServlet/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>HttpInvoker</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBoss HTTP Invoker</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>HttpInvoker</role-name>
+ </security-role>
+</web-app>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/jboss-service.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/jboss-service.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/jboss-service.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,152 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- $Id: jboss-service-all.xml 60489 2007-02-12 08:22:28Z scott.stark at jboss.org $ -->
+
+<server>
+ <!-- JBoss Web Service-->
+ <mbean code="org.jboss.web.tomcat.service.JBossWeb"
+ name="jboss.web:service=WebServer" xmbean-dd="META-INF/webserver-xmbean.xml">
+
+ <!-- You can configure a set of authenticators keyed by http-auth method used. This
+ will apply the same set of authenticators across all web applications. You can
+ override the set of authenticators at the web application level by adding
+ <authenticators> element to the respective jboss-web.xml -->
+ <!--
+ -->
+ <attribute name="Authenticators" serialDataType="jbxb">
+ <java:properties xmlns:java="urn:jboss:java-properties"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+ xs:schemaLocation="urn:jboss:java-properties resource:java-properties_1_0.xsd">
+ <java:property>
+ <java:key>BASIC</java:key>
+ <java:value>org.apache.catalina.authenticator.BasicAuthenticator</java:value>
+ </java:property>
+ <java:property>
+ <java:key>CLIENT-CERT</java:key>
+ <java:value>org.apache.catalina.authenticator.SSLAuthenticator</java:value>
+ </java:property>
+ <java:property>
+ <java:key>DIGEST</java:key>
+ <java:value>org.apache.catalina.authenticator.DigestAuthenticator</java:value>
+ </java:property>
+ <java:property>
+ <java:key>FORM</java:key>
+ <java:value>org.apache.catalina.authenticator.FormAuthenticator</java:value>
+ </java:property>
+ <java:property>
+ <java:key>NONE</java:key>
+ <java:value>org.apache.catalina.authenticator.NonLoginAuthenticator</java:value>
+ </java:property>
+ </java:properties>
+ </attribute>
+
+ <!-- The JAAS security domain to use in the absense of an explicit
+ security-domain specification in the war WEB-INF/jboss-web.xml
+ -->
+ <attribute name="DefaultSecurityDomain">java:/jaas/other</attribute>
+
+ <!-- Get the flag indicating if the normal Java2 parent first class
+ loading model should be used over the servlet 2.3 web container first
+ model.
+ -->
+ <attribute name="Java2ClassLoadingCompliance">false</attribute>
+ <!-- A flag indicating if the JBoss Loader should be used. This loader
+ uses a unified class loader as the class loader rather than the tomcat
+ specific class loader.
+ The default is false to ensure that wars have isolated class loading
+ for duplicate jars and jsp files.
+ -->
+ <attribute name="UseJBossWebLoader">true</attribute>
+ <!-- The list of package names that should not be loaded without
+ delegating to the parent class loader before trying the web app
+ class loader. The packages listed here are those tha are used by
+ the web container implementation and cannot be overriden.
+ This only applies when UseJBossWebLoader=false.
+ -->
+ <attribute name="FilteredPackages">javax.servlet</attribute>
+
+ <attribute name="LenientEjbLink">true</attribute>
+
+ <!--Flag to delete the Work Dir on Context Destroy -->
+ <attribute name="DeleteWorkDirOnContextDestroy">false</attribute>
+
+ <!--
+ Class of the session manager (used if context is marked as 'distributable'. Currently allowed values:
+ - org.jboss.web.tomcat.service.session.JBossCacheManager
+ -->
+ <attribute name="ManagerClass">org.jboss.web.tomcat.service.session.JBossCacheManager</attribute>
+
+ <!-- The name of the request attribute under with the authenticated JAAS
+ Subject is stored on successful authentication. If null or empty then
+ the Subject will not be stored.
+ -->
+ <!--
+ <attribute name="SubjectAttributeName">j_subject</attribute>
+ -->
+
+ <!-- The SessionIdAlphabet is the set of characters used to create a session Id
+ It must be made up of exactly 65 unique characters
+ <attribute name="SessionIdAlphabet">ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-*</attribute>
+ -->
+ <attribute name="AllowSelfPrivilegedWebApps">false</attribute>
+
+ <!--
+ *******************************************************
+ ****************** CLUSTERING *************************
+ *******************************************************
+ In order to activate HTTP Session clustering for Tomcat
+ make sure you run JBoss's "all" configuration i.e.
+ "run -c all"
+ (the default configuration doesn't contain clustering)
+
+ Furthermore, you may change SnapshotMode and
+ SnapshotInterval attributes below to indicate when to
+ synchronize changes with the other node(s).
+
+ If you use Apache+mod_jk(2) you will most probably use
+ the AJP1.3 connector below. Thus, if you so wish,
+ you may comment (i.e. deactivate) the HTTP connector
+ as it won't be used anymore.
+
+ *******************************************************
+ *******************************************************
+ *******************************************************
+ -->
+
+ <!--
+ If you are using clustering, the following two attributes
+ define when the sessions are replicated to the other nodes.
+ The default value, "instant", synchronously replicates changes
+ to the other nodes at the end of requests. In this case, the
+ "SnapshotInterval" attribute is not used.
+ The "interval" mode, in association with the "SnapshotInterval"
+ attribute, indicates that modified sessions will only be replicated
+ every "SnapshotInterval" milliseconds at most.
+
+ Note that this attribute is not in effect if the replication-granularity
+ is set to FIELD. If it is FIELD, it will be per http request (that is,
+ "instant" mode.)
+ -->
+ <attribute name="SnapshotMode">instant</attribute> <!-- you may switch to "interval" -->
+ <attribute name="SnapshotInterval">2000</attribute>
+
+ <!--
+ Whether to use MOD_JK(2) for load balancing with sticky session
+ combined with JvmRoute. If set to true, it will insert a JvmRouteFilter
+ to intercept every request and replace the JvmRoute if it detects a
+ failover. In addition, you will need to set the JvmRoute inside
+ Tomcat, e.g.,
+ Engine name="jboss.web" jmvRoute="Node1" defaultHost="localhost"
+ in server.xml.
+
+ For clustering purpose only.
+ -->
+ <attribute name="UseJK">false</attribute>
+
+ <attribute name="Domain">jboss.web</attribute>
+
+ <depends>jboss.security:service=SecurityDomain</depends>
+ <depends>jboss.security:service=PBESecurityDomain</depends>
+ </mbean>
+
+</server>
+
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/webserver-xmbean.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/webserver-xmbean.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/META-INF/webserver-xmbean.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mbean PUBLIC
+ "-//JBoss//DTD JBOSS XMBEAN 1.2//EN"
+ "http://www.jboss.org/j2ee/dtd/jboss_xmbean_1_2.dtd">
+<!--
+ JBoss Web XMBean descriptor
+
+ $Id: webserver-xmbean.xml 59833 2007-01-19 15:45:42Z dimitris at jboss.org $
+-->
+<mbean>
+ <description>The JBoss Web Deployer responsible for war deployment</description>
+ <descriptors>
+ <interceptors>
+ <!-- comment out DynamicInterceptor to disable dynamic addition of interceptors -->
+ <interceptor code="org.jboss.mx.interceptor.DynamicInterceptor"/>
+ </interceptors>
+ </descriptors>
+ <class>org.jboss.web.tomcat.service.JBossWeb</class>
+
+ <!-- JBossWebMBean attributes -->
+
+ <attribute access="read-write" getMethod="getAuthenticators" setMethod="setAuthenticators">
+ <name>Authenticators</name>
+ <type>java.util.Properties</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getUseJBossWebLoader" setMethod="setUseJBossWebLoader">
+ <name>UseJBossWebLoader</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getAllowSelfPrivilegedWebApps" setMethod="setAllowSelfPrivilegedWebApps">
+ <name>AllowSelfPrivilegedWebApps</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getDeleteWorkDirOnContextDestroy"
+ setMethod="setDeleteWorkDirOnContextDestroy">
+ <name>DeleteWorkDirOnContextDestroy</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getHttpHeaderForSSOAuth"
+ setMethod="setHttpHeaderForSSOAuth">
+ <name>HttpHeaderForSSOAuth</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSessionCookieForSSOAuth"
+ setMethod="setSessionCookieForSSOAuth">
+ <name>SessionCookieForSSOAuth</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSubjectAttributeName" setMethod="setSubjectAttributeName">
+ <name>SubjectAttributeName</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getCacheName" setMethod="setCacheName">
+ <name>CacheName</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getUnpackWars" setMethod="setUnpackWars">
+ <name>UnpackWars</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getAcceptNonWarDirs" setMethod="setAcceptNonWarDirs">
+ <name>AcceptNonWarDirs</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getConfig" setMethod="setConfig">
+ <name>Config</name>
+ <type>org.w3c.dom.Element</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getLenientEjbLink" setMethod="setLenientEjbLink">
+ <name>LenientEjbLink</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="isUseJK" setMethod="setUseJK">
+ <name>UseJK</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getDomain" setMethod="setDomain">
+ <name>Domain</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getFilteredPackages" setMethod="setFilteredPackages">
+ <name>FilteredPackages</name>
+ <type>[Ljava.lang.String;</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getJava2ClassLoadingCompliance" setMethod="setJava2ClassLoadingCompliance">
+ <name>Java2ClassLoadingCompliance</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getDefaultSecurityDomain" setMethod="setDefaultSecurityDomain">
+ <name>DefaultSecurityDomain</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSnapshotMode" setMethod="setSnapshotMode">
+ <name>SnapshotMode</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSnapshotInterval" setMethod="setSnapshotInterval">
+ <name>SnapshotInterval</name>
+ <type>int</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getConfigFile" setMethod="setConfigFile">
+ <name>ConfigFile</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getUseLocalCache" setMethod="setUseLocalCache">
+ <name>UseLocalCache</name>
+ <type>boolean</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSessionIdAlphabet" setMethod="setSessionIdAlphabet">
+ <name>SessionIdAlphabet</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getContextMBeanCode" setMethod="setContextMBeanCode">
+ <name>ContextMBeanCode</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getManagerClass" setMethod="setManagerClass">
+ <name>ManagerClass</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-only" getMethod="getDeployedApplications">
+ <name>DeployedApplications</name>
+ <type>java.util.Iterator</type>
+ </attribute>
+
+ <attribute access="write-only" setMethod="setSecurityManagerService">
+ <name>SecurityManagerService</name>
+ <type>org.jboss.security.plugins.JaasSecurityManagerServiceMBean</type>
+ </attribute>
+
+ <!-- SubDeployerExt attribute -->
+ <attribute access="read-write" getMethod="getEnhancedSuffixes" setMethod="setEnhancedSuffixes">
+ <description>Allow the override of supported suffixes and relative order</description>
+ <name>EnhancedSuffixes</name>
+ <type>[Ljava.lang.String;</type>
+ </attribute>
+
+ &deployerAttributes;
+ &defaultAttributes;
+
+ <!-- JBossWebMBean operations -->
+ <operation>
+ <description>See if a war is deployed</description>
+ <name>isDeployed</name>
+ <parameter>
+ <name>warUrl</name>
+ <type>java.lang.String</type>
+ </parameter>
+ <return-type>boolean</return-type>
+ </operation>
+
+ <operation>
+ <description>Start all connectors of the Domain</description>
+ <name>startConnectors</name>
+ </operation>
+
+ <operation>
+ <description>Stop all connectors of the Domain</description>
+ <name>stopConnectors</name>
+ </operation>
+
+ &deployerOperations;
+ &defaultOperations;
+ &interceptable;
+
+</mbean>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/conf/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/conf/web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/conf/web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,1230 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+ version="2.4">
+
+ <!-- ======================== Introduction ============================== -->
+ <!-- This document defines default values for *all* web applications -->
+ <!-- loaded into this instance of Tomcat. As each application is -->
+ <!-- deployed, this file is processed, followed by the -->
+ <!-- "/WEB-INF/web.xml" deployment descriptor from your own -->
+ <!-- applications. -->
+ <!-- -->
+ <!-- WARNING: Do not configure application-specific resources here! -->
+ <!-- They should go in the "/WEB-INF/web.xml" file in your application. -->
+
+ <!-- =========== Common Context Params ================================== -->
+ <!-- JBossInjectionProvider provides resource injection for managed beans. -->
+ <!-- See JSF 1.2 spec section 5.4 for details. -->
+ <context-param>
+ <param-name>com.sun.faces.injectionProvider</param-name>
+ <param-value>org.jboss.web.jsf.integration.injection.JBossInjectionProvider</param-value>
+ </context-param>
+
+ <!-- ================== Common filter Configuration ==================== -->
+ <filter>
+ <filter-name>CommonHeadersFilter</filter-name>
+ <filter-class>org.jboss.web.tomcat.filters.ReplyHeaderFilter</filter-class>
+ <init-param>
+ <param-name>X-Powered-By</param-name>
+ <param-value>Servlet 2.4; JBoss-4.3.0.GA (build: SVNTag=JBPAPP_4_3_0_GA date=200806260858)/Tomcat-5.5</param-value>
+ </init-param>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>CommonHeadersFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
+ <!-- ================== Common Listener Configuration ==================== -->
+ <listener>
+ <listener-class>org.jboss.web.tomcat.security.SecurityFlushSessionListener</listener-class>
+ </listener>
+
+ <!-- Configures JSF for a web application if the javax.faces.webapp.FacesServlet is declared -->
+ <!-- in web.xml. -->
+ <listener>
+ <listener-class>org.jboss.web.jsf.integration.config.JBossJSFConfigureListener</listener-class>
+ </listener>
+
+ <!-- Listens to all web app lifecycle events so that @PreDestroy can be called on -->
+ <!-- JSF managed beans that go out of scope. You can comment this out if you -->
+ <!-- don't use JSF or you don't use annotations on your managed beans. -->
+ <listener>
+ <listener-class>com.sun.faces.application.WebappLifecycleListener</listener-class>
+ </listener>
+
+
+ <!-- ================== Built In Servlet Definitions ==================== -->
+
+
+ <!-- The default servlet for all web applications, that serves static -->
+ <!-- resources. It processes all requests that are not mapped to other -->
+ <!-- servlets with servlet mappings (defined either here or in your own -->
+ <!-- web.xml file. This servlet supports the following initialization -->
+ <!-- parameters (default values are in square brackets): -->
+ <!-- -->
+ <!-- debug Debugging detail level for messages logged -->
+ <!-- by this servlet. [0] -->
+ <!-- -->
+ <!-- fileEncoding Encoding to be used to read static resources -->
+ <!-- [platform default] -->
+ <!-- -->
+ <!-- input Input buffer size (in bytes) when reading -->
+ <!-- resources to be served. [2048] -->
+ <!-- -->
+ <!-- listings Should directory listings be produced if there -->
+ <!-- is no welcome file in this directory? [false] -->
+ <!-- WARNING: Listings for directories with many -->
+ <!-- entries can be slow and may consume -->
+ <!-- significant proportions of server resources. -->
+ <!-- -->
+ <!-- output Output buffer size (in bytes) when writing -->
+ <!-- resources to be served. [2048] -->
+ <!-- -->
+ <!-- readonly Is this context "read only", so HTTP -->
+ <!-- commands like PUT and DELETE are -->
+ <!-- rejected? [true] -->
+ <!-- -->
+ <!-- readmeFile File name to display with the directory -->
+ <!-- contents. [null] -->
+ <!-- -->
+ <!-- sendfileSize If the connector used supports sendfile, this -->
+ <!-- represents the minimal file size in KB for -->
+ <!-- which sendfile will be used. Use a negative -->
+ <!-- value to always disable sendfile. [48] -->
+ <!-- -->
+ <!-- For directory listing customization. Checks localXsltFile, then -->
+ <!-- globalXsltFile, then defaults to original behavior. -->
+ <!-- -->
+ <!-- localXsltFile Make directory listings an XML doc and -->
+ <!-- pass the result to this style sheet residing -->
+ <!-- in that directory. This overrides -->
+ <!-- globalXsltFile[null] -->
+ <!-- -->
+ <!-- globalXsltFile Site wide configuration version of -->
+ <!-- localXsltFile This argument is expected -->
+ <!-- to be a physical file. [null] -->
+ <!-- -->
+ <!-- -->
+
+ <servlet>
+ <servlet-name>default</servlet-name>
+ <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <init-param>
+ <param-name>listings</param-name>
+ <param-value>false</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+
+ <!-- The "invoker" servlet, which executes anonymous servlet classes -->
+ <!-- that have not been defined in a web.xml file. Traditionally, this -->
+ <!-- servlet is mapped to the URL pattern "/servlet/*", but you can map -->
+ <!-- it to other patterns as well. The extra path info portion of such a -->
+ <!-- request must be the fully qualified class name of a Java class that -->
+ <!-- implements Servlet (or extends HttpServlet), or the servlet name -->
+ <!-- of an existing servlet definition. This servlet supports the -->
+ <!-- following initialization parameters (default values are in square -->
+ <!-- brackets): -->
+ <!-- -->
+ <!-- debug Debugging detail level for messages logged -->
+ <!-- by this servlet. [0] -->
+
+<!--
+ <servlet>
+ <servlet-name>invoker</servlet-name>
+ <servlet-class>
+ org.apache.catalina.servlets.InvokerServlet
+ </servlet-class>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <load-on-startup>2</load-on-startup>
+ </servlet>
+-->
+
+
+ <!-- The JSP page compiler and execution servlet, which is the mechanism -->
+ <!-- used by Tomcat to support JSP pages. Traditionally, this servlet -->
+ <!-- is mapped to the URL pattern "*.jsp". This servlet supports the -->
+ <!-- following initialization parameters (default values are in square -->
+ <!-- brackets): -->
+ <!-- -->
+ <!-- checkInterval If development is false and checkInterval is -->
+ <!-- greater than zero, background compilations are -->
+ <!-- enabled. checkInterval is the time in seconds -->
+ <!-- between checks to see if a JSP page needs to -->
+ <!-- be recompiled. [0] -->
+ <!-- -->
+ <!-- modificationTestInterval -->
+ <!-- Causes a JSP (and its dependent files) to not -->
+ <!-- be checked for modification during the -->
+ <!-- specified time interval (in seconds) from the -->
+ <!-- last time the JSP was checked for -->
+ <!-- modification. A value of 0 will cause the JSP -->
+ <!-- to be checked on every access. -->
+ <!-- Used in development mode only. [4] -->
+ <!-- -->
+ <!-- compiler Which compiler Ant should use to compile JSP -->
+ <!-- pages. See the Ant documentation for more -->
+ <!-- information. -->
+ <!-- -->
+ <!-- classdebuginfo Should the class file be compiled with -->
+ <!-- debugging information? [true] -->
+ <!-- -->
+ <!-- classpath What class path should I use while compiling -->
+ <!-- generated servlets? [Created dynamically -->
+ <!-- based on the current web application] -->
+ <!-- -->
+ <!-- development Is Jasper used in development mode? If true, -->
+ <!-- the frequency at which JSPs are checked for -->
+ <!-- modification may be specified via the -->
+ <!-- modificationTestInterval parameter. [true] -->
+ <!-- -->
+ <!-- enablePooling Determines whether tag handler pooling is -->
+ <!-- enabled [true] -->
+ <!-- -->
+ <!-- fork Tell Ant to fork compiles of JSP pages so that -->
+ <!-- a separate JVM is used for JSP page compiles -->
+ <!-- from the one Tomcat is running in. [true] -->
+ <!-- -->
+ <!-- ieClassId The class-id value to be sent to Internet -->
+ <!-- Explorer when using <jsp:plugin> tags. -->
+ <!-- [clsid:8AD9C840-044E-11D1-B3E9-00805F499D93] -->
+ <!-- -->
+ <!-- javaEncoding Java file encoding to use for generating java -->
+ <!-- source files. [UTF8] -->
+ <!-- -->
+ <!-- keepgenerated Should we keep the generated Java source code -->
+ <!-- for each page instead of deleting it? [true] -->
+ <!-- -->
+ <!-- mappedfile Should we generate static content with one -->
+ <!-- print statement per input line, to ease -->
+ <!-- debugging? [true] -->
+ <!-- -->
+ <!-- trimSpaces Should white spaces in template text between -->
+ <!-- actions or directives be trimmed? [false] -->
+ <!-- -->
+ <!-- suppressSmap Should the generation of SMAP info for JSR45 -->
+ <!-- debugging be suppressed? [false] -->
+ <!-- -->
+ <!-- dumpSmap Should the SMAP info for JSR45 debugging be -->
+ <!-- dumped to a file? [false] -->
+ <!-- False if suppressSmap is true -->
+ <!-- -->
+ <!-- genStrAsCharArray Should text strings be generated as char -->
+ <!-- arrays, to improve performance in some cases? -->
+ <!-- [false] -->
+ <!-- -->
+ <!-- errorOnUseBeanInvalidClassAttribute -->
+ <!-- Should Jasper issue an error when the value of -->
+ <!-- the class attribute in an useBean action is -->
+ <!-- not a valid bean class? [true] -->
+ <!-- -->
+ <!-- scratchdir What scratch directory should we use when -->
+ <!-- compiling JSP pages? [default work directory -->
+ <!-- for the current web application] -->
+ <!-- -->
+ <!-- xpoweredBy Determines whether X-Powered-By response -->
+ <!-- header is added by generated servlet [false] -->
+ <!-- -->
+ <!-- compilerTargetVM Compiler target VM -->
+ <!-- default is System.properties -->
+ <!-- java.specification.version > 1.4 -->
+ <!-- [1.5] else [1.4] -->
+ <!-- -->
+ <!-- compilerSourceVM Compiler source VM -->
+ <!-- default is System.properties -->
+ <!-- java.specification.version > 1.4 -->
+ <!-- [1.5] else [1.4] -->
+ <!-- -->
+ <!-- If you wish to use Jikes to compile JSP pages: -->
+ <!-- Please see the "Using Jikes" section of the Jasper-HowTo -->
+ <!-- page in the Tomcat documentation. -->
+
+ <servlet>
+ <servlet-name>jsp</servlet-name>
+ <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
+ <init-param>
+ <param-name>fork</param-name>
+ <param-value>false</param-value>
+ </init-param>
+ <init-param>
+ <param-name>xpoweredBy</param-name>
+ <param-value>false</param-value>
+ </init-param>
+
+ <!-- Use a custom options class to allow the shared tag lib descriptors
+ to be loaded from jars in the tomcat sar conf/tlds directory. The
+ standard options implementation can only find taglibs based on the
+ class loader classpath.
+ -->
+ <init-param>
+ <param-name>engineOptionsClass</param-name>
+ <param-value>org.jboss.web.tomcat.service.jasper.JspServletOptions</param-value>
+ </init-param>
+ <!-- Specify the jars relative to the jbossweb-tomcat6.sar that should
+ be scanned for common tag lib descriptors to include in every war
+ deployment.
+ -->
+ <init-param>
+ <description>JSF standard tlds</description>
+ <param-name>tagLibJar0</param-name>
+ <param-value>jsf-libs/jsf-impl.jar</param-value>
+ </init-param>
+ <init-param>
+ <description>JSTL standard tlds</description>
+ <param-name>tagLibJar1</param-name>
+ <param-value>jstl.jar</param-value>
+ </init-param>
+
+ <load-on-startup>3</load-on-startup>
+ </servlet>
+
+
+ <!-- NOTE: An SSI Filter is also available as an alternative SSI -->
+ <!-- implementation. Use either the Servlet or the Filter but NOT both. -->
+ <!-- -->
+ <!-- Server Side Includes processing servlet, which processes SSI -->
+ <!-- directives in HTML pages consistent with similar support in web -->
+ <!-- servers like Apache. Traditionally, this servlet is mapped to the -->
+ <!-- URL pattern "*.shtml". This servlet supports the following -->
+ <!-- initialization parameters (default values are in square brackets): -->
+ <!-- -->
+ <!-- buffered Should output from this servlet be buffered? -->
+ <!-- (0=false, 1=true) [0] -->
+ <!-- -->
+ <!-- debug Debugging detail level for messages logged -->
+ <!-- by this servlet. [0] -->
+ <!-- -->
+ <!-- expires The number of seconds before a page with SSI -->
+ <!-- directives will expire. [No default] -->
+ <!-- -->
+ <!-- isVirtualWebappRelative -->
+ <!-- Should "virtual" paths be interpreted as -->
+ <!-- relative to the context root, instead of -->
+ <!-- the server root? (0=false, 1=true) [0] -->
+ <!-- -->
+ <!-- inputEncoding The encoding to assume for SSI resources if -->
+ <!-- one is not available from the resource. -->
+ <!-- [Platform default] -->
+ <!-- -->
+ <!-- outputEncoding The encoding to use for the page that results -->
+ <!-- from the SSI processing. [UTF-8] -->
+ <!-- -->
+ <!-- -->
+ <!-- IMPORTANT: To use the SSI servlet, you also need to rename the -->
+ <!-- $CATALINA_HOME/server/lib/servlets-ssi.renametojar file -->
+ <!-- to $CATALINA_HOME/server/lib/servlets-ssi.jar -->
+
+<!--
+ <servlet>
+ <servlet-name>ssi</servlet-name>
+ <servlet-class>
+ org.apache.catalina.ssi.SSIServlet
+ </servlet-class>
+ <init-param>
+ <param-name>buffered</param-name>
+ <param-value>1</param-value>
+ </init-param>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <init-param>
+ <param-name>expires</param-name>
+ <param-value>666</param-value>
+ </init-param>
+ <init-param>
+ <param-name>isVirtualWebappRelative</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <load-on-startup>4</load-on-startup>
+ </servlet>
+-->
+
+
+ <!-- Common Gateway Includes (CGI) processing servlet, which supports -->
+ <!-- execution of external applications that conform to the CGI spec -->
+ <!-- requirements. Typically, this servlet is mapped to the URL pattern -->
+ <!-- "/cgi-bin/*", which means that any CGI applications that are -->
+ <!-- executed must be present within the web application. This servlet -->
+ <!-- supports the following initialization parameters (default values -->
+ <!-- are in square brackets): -->
+ <!-- -->
+ <!-- cgiPathPrefix The CGI search path will start at -->
+ <!-- webAppRootDir + File.separator + this prefix. -->
+ <!-- [WEB-INF/cgi] -->
+ <!-- -->
+ <!-- debug Debugging detail level for messages logged -->
+ <!-- by this servlet. [0] -->
+ <!-- -->
+ <!-- executable Name of the exectuable used to run the -->
+ <!-- script. [perl] -->
+ <!-- -->
+ <!-- parameterEncoding Name of parameter encoding to be used with -->
+ <!-- CGI servlet. -->
+ <!-- [System.getProperty("file.encoding","UTF-8")] -->
+ <!-- -->
+ <!-- passShellEnvironment Should the shell environment variables (if -->
+ <!-- any) be passed to the CGI script? [false] -->
+ <!-- -->
+ <!-- IMPORTANT: To use the CGI servlet, you also need to rename the -->
+ <!-- $CATALINA_HOME/server/lib/servlets-cgi.renametojar file -->
+ <!-- to $CATALINA_HOME/server/lib/servlets-cgi.jar -->
+
+<!--
+ <servlet>
+ <servlet-name>cgi</servlet-name>
+ <servlet-class>org.apache.catalina.servlets.CGIServlet</servlet-class>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <init-param>
+ <param-name>cgiPathPrefix</param-name>
+ <param-value>WEB-INF/cgi</param-value>
+ </init-param>
+ <load-on-startup>5</load-on-startup>
+ </servlet>
+-->
+
+
+ <!-- ================ Built In Servlet Mappings ========================= -->
+
+
+ <!-- The servlet mappings for the built in servlets defined above. Note -->
+ <!-- that, by default, the CGI and SSI servlets are *not* mapped. You -->
+ <!-- must uncomment these mappings (or add them to your application's own -->
+ <!-- web.xml deployment descriptor) to enable these services -->
+
+ <!-- The mapping for the default servlet -->
+ <servlet-mapping>
+ <servlet-name>default</servlet-name>
+ <url-pattern>/</url-pattern>
+ </servlet-mapping>
+
+ <!-- The mapping for the invoker servlet -->
+<!--
+ <servlet-mapping>
+ <servlet-name>invoker</servlet-name>
+ <url-pattern>/servlet/*</url-pattern>
+ </servlet-mapping>
+-->
+
+ <!-- The mapping for the JSP servlet -->
+ <servlet-mapping>
+ <servlet-name>jsp</servlet-name>
+ <url-pattern>*.jsp</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>jsp</servlet-name>
+ <url-pattern>*.jspx</url-pattern>
+ </servlet-mapping>
+
+ <!-- The mapping for the SSI servlet -->
+<!--
+ <servlet-mapping>
+ <servlet-name>ssi</servlet-name>
+ <url-pattern>*.shtml</url-pattern>
+ </servlet-mapping>
+-->
+
+ <!-- The mapping for the CGI Gateway servlet -->
+
+<!--
+ <servlet-mapping>
+ <servlet-name>cgi</servlet-name>
+ <url-pattern>/cgi-bin/*</url-pattern>
+ </servlet-mapping>
+-->
+
+
+ <!-- ================== Built In Filter Definitions ===================== -->
+
+ <!-- NOTE: An SSI Servlet is also available as an alternative SSI -->
+ <!-- implementation. Use either the Servlet or the Filter but NOT both. -->
+ <!-- -->
+ <!-- Server Side Includes processing filter, which processes SSI -->
+ <!-- directives in HTML pages consistent with similar support in web -->
+ <!-- servers like Apache. Traditionally, this filter is mapped to the -->
+ <!-- URL pattern "*.shtml", though it can be mapped to "*" as it will -->
+ <!-- selectively enable/disable SSI processing based on mime types. For -->
+ <!-- this to work you will need to uncomment the .shtml mime type -->
+ <!-- definition towards the bottom of this file. -->
+ <!-- The contentType init param allows you to apply SSI processing to JSP -->
+ <!-- pages, javascript, or any other content you wish. This filter -->
+ <!-- supports the following initialization parameters (default values are -->
+ <!-- in square brackets): -->
+ <!-- -->
+ <!-- contentType A regex pattern that must be matched before -->
+ <!-- SSI processing is applied. -->
+ <!-- [text/x-server-parsed-html(;.*)?] -->
+ <!-- -->
+ <!-- debug Debugging detail level for messages logged -->
+ <!-- by this servlet. [0] -->
+ <!-- -->
+ <!-- expires The number of seconds before a page with SSI -->
+ <!-- directives will expire. [No default] -->
+ <!-- -->
+ <!-- isVirtualWebappRelative -->
+ <!-- Should "virtual" paths be interpreted as -->
+ <!-- relative to the context root, instead of -->
+ <!-- the server root? (0=false, 1=true) [0] -->
+ <!-- -->
+ <!-- -->
+ <!-- IMPORTANT: To use the SSI filter, you also need to rename the -->
+ <!-- $CATALINA_HOME/server/lib/servlets-ssi.renametojar file -->
+ <!-- to $CATALINA_HOME/server/lib/servlets-ssi.jar -->
+
+<!--
+ <filter>
+ <filter-name>ssi</filter-name>
+ <filter-class>
+ org.apache.catalina.ssi.SSIFilter
+ </filter-class>
+ <init-param>
+ <param-name>contentType</param-name>
+ <param-value>text/x-server-parsed-html(;.*)?</param-value>
+ </init-param>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <init-param>
+ <param-name>expires</param-name>
+ <param-value>666</param-value>
+ </init-param>
+ <init-param>
+ <param-name>isVirtualWebappRelative</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ </filter>
+-->
+
+
+ <!-- ==================== Built In Filter Mappings ====================== -->
+
+ <!-- The mapping for the SSI Filter -->
+<!--
+ <filter-mapping>
+ <filter-name>ssi</filter-name>
+ <url-pattern>*.shtml</url-pattern>
+ </filter-mapping>
+-->
+
+
+ <!-- ==================== Default Session Configuration ================= -->
+ <!-- You can set the default session timeout (in minutes) for all newly -->
+ <!-- created sessions by modifying the value below. -->
+
+ <session-config>
+ <session-timeout>30</session-timeout>
+ </session-config>
+
+
+ <!-- ===================== Default MIME Type Mappings =================== -->
+ <!-- When serving static resources, Tomcat will automatically generate -->
+ <!-- a "Content-Type" header based on the resource's filename extension, -->
+ <!-- based on these mappings. Additional mappings can be added here (to -->
+ <!-- apply to all web applications), or in your own application's web.xml -->
+ <!-- deployment descriptor. -->
+
+ <mime-mapping>
+ <extension>abs</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ai</extension>
+ <mime-type>application/postscript</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>aif</extension>
+ <mime-type>audio/x-aiff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>aifc</extension>
+ <mime-type>audio/x-aiff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>aiff</extension>
+ <mime-type>audio/x-aiff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>aim</extension>
+ <mime-type>application/x-aim</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>art</extension>
+ <mime-type>image/x-jg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>asf</extension>
+ <mime-type>video/x-ms-asf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>asx</extension>
+ <mime-type>video/x-ms-asf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>au</extension>
+ <mime-type>audio/basic</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>avi</extension>
+ <mime-type>video/x-msvideo</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>avx</extension>
+ <mime-type>video/x-rad-screenplay</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>bcpio</extension>
+ <mime-type>application/x-bcpio</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>bin</extension>
+ <mime-type>application/octet-stream</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>bmp</extension>
+ <mime-type>image/bmp</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>body</extension>
+ <mime-type>text/html</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>cdf</extension>
+ <mime-type>application/x-cdf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>cer</extension>
+ <mime-type>application/x-x509-ca-cert</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>class</extension>
+ <mime-type>application/java</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>cpio</extension>
+ <mime-type>application/x-cpio</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>csh</extension>
+ <mime-type>application/x-csh</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>css</extension>
+ <mime-type>text/css</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>dib</extension>
+ <mime-type>image/bmp</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>doc</extension>
+ <mime-type>application/msword</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>dtd</extension>
+ <mime-type>application/xml-dtd</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>dv</extension>
+ <mime-type>video/x-dv</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>dvi</extension>
+ <mime-type>application/x-dvi</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>eps</extension>
+ <mime-type>application/postscript</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>etx</extension>
+ <mime-type>text/x-setext</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>exe</extension>
+ <mime-type>application/octet-stream</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>gif</extension>
+ <mime-type>image/gif</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>gtar</extension>
+ <mime-type>application/x-gtar</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>gz</extension>
+ <mime-type>application/x-gzip</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>hdf</extension>
+ <mime-type>application/x-hdf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>hqx</extension>
+ <mime-type>application/mac-binhex40</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>htc</extension>
+ <mime-type>text/x-component</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>htm</extension>
+ <mime-type>text/html</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>html</extension>
+ <mime-type>text/html</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>hqx</extension>
+ <mime-type>application/mac-binhex40</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ief</extension>
+ <mime-type>image/ief</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jad</extension>
+ <mime-type>text/vnd.sun.j2me.app-descriptor</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jar</extension>
+ <mime-type>application/java-archive</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>java</extension>
+ <mime-type>text/plain</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jnlp</extension>
+ <mime-type>application/x-java-jnlp-file</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jpe</extension>
+ <mime-type>image/jpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jpeg</extension>
+ <mime-type>image/jpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jpg</extension>
+ <mime-type>image/jpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>js</extension>
+ <mime-type>text/javascript</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jsf</extension>
+ <mime-type>text/plain</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>jspf</extension>
+ <mime-type>text/plain</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>kar</extension>
+ <mime-type>audio/x-midi</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>latex</extension>
+ <mime-type>application/x-latex</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>m3u</extension>
+ <mime-type>audio/x-mpegurl</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mac</extension>
+ <mime-type>image/x-macpaint</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>man</extension>
+ <mime-type>application/x-troff-man</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mathml</extension>
+ <mime-type>application/mathml+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>me</extension>
+ <mime-type>application/x-troff-me</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mid</extension>
+ <mime-type>audio/x-midi</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>midi</extension>
+ <mime-type>audio/x-midi</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mif</extension>
+ <mime-type>application/x-mif</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mov</extension>
+ <mime-type>video/quicktime</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>movie</extension>
+ <mime-type>video/x-sgi-movie</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mp1</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mp2</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mp3</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpa</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpe</extension>
+ <mime-type>video/mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpeg</extension>
+ <mime-type>video/mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpega</extension>
+ <mime-type>audio/x-mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpg</extension>
+ <mime-type>video/mpeg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>mpv2</extension>
+ <mime-type>video/mpeg2</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ms</extension>
+ <mime-type>application/x-wais-source</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>nc</extension>
+ <mime-type>application/x-netcdf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>oda</extension>
+ <mime-type>application/oda</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Database -->
+ <extension>odb</extension>
+ <mime-type>application/vnd.oasis.opendocument.database</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Chart -->
+ <extension>odc</extension>
+ <mime-type>application/vnd.oasis.opendocument.chart</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Formula -->
+ <extension>odf</extension>
+ <mime-type>application/vnd.oasis.opendocument.formula</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Drawing -->
+ <extension>odg</extension>
+ <mime-type>application/vnd.oasis.opendocument.graphics</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Image -->
+ <extension>odi</extension>
+ <mime-type>application/vnd.oasis.opendocument.image</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Master Document -->
+ <extension>odm</extension>
+ <mime-type>application/vnd.oasis.opendocument.text-master</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Presentation -->
+ <extension>odp</extension>
+ <mime-type>application/vnd.oasis.opendocument.presentation</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Spreadsheet -->
+ <extension>ods</extension>
+ <mime-type>application/vnd.oasis.opendocument.spreadsheet</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Text -->
+ <extension>odt</extension>
+ <mime-type>application/vnd.oasis.opendocument.text</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ogg</extension>
+ <mime-type>application/ogg</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Drawing Template -->
+ <extension>otg </extension>
+ <mime-type>application/vnd.oasis.opendocument.graphics-template</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- HTML Document Template -->
+ <extension>oth</extension>
+ <mime-type>application/vnd.oasis.opendocument.text-web</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Presentation Template -->
+ <extension>otp</extension>
+ <mime-type>application/vnd.oasis.opendocument.presentation-template</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Spreadsheet Template -->
+ <extension>ots</extension>
+ <mime-type>application/vnd.oasis.opendocument.spreadsheet-template </mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- OpenDocument Text Template -->
+ <extension>ott</extension>
+ <mime-type>application/vnd.oasis.opendocument.text-template</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pbm</extension>
+ <mime-type>image/x-portable-bitmap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pct</extension>
+ <mime-type>image/pict</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pdf</extension>
+ <mime-type>application/pdf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pgm</extension>
+ <mime-type>image/x-portable-graymap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pic</extension>
+ <mime-type>image/pict</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pict</extension>
+ <mime-type>image/pict</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pls</extension>
+ <mime-type>audio/x-scpls</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>png</extension>
+ <mime-type>image/png</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pnm</extension>
+ <mime-type>image/x-portable-anymap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>pnt</extension>
+ <mime-type>image/x-macpaint</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ppm</extension>
+ <mime-type>image/x-portable-pixmap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ppt</extension>
+ <mime-type>application/powerpoint</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ps</extension>
+ <mime-type>application/postscript</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>psd</extension>
+ <mime-type>image/x-photoshop</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>qt</extension>
+ <mime-type>video/quicktime</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>qti</extension>
+ <mime-type>image/x-quicktime</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>qtif</extension>
+ <mime-type>image/x-quicktime</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ras</extension>
+ <mime-type>image/x-cmu-raster</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>rdf</extension>
+ <mime-type>application/rdf+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>rgb</extension>
+ <mime-type>image/x-rgb</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>rm</extension>
+ <mime-type>application/vnd.rn-realmedia</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>roff</extension>
+ <mime-type>application/x-troff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>rtf</extension>
+ <mime-type>application/rtf</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>rtx</extension>
+ <mime-type>text/richtext</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>sh</extension>
+ <mime-type>application/x-sh</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>shar</extension>
+ <mime-type>application/x-shar</mime-type>
+ </mime-mapping>
+<!--
+ <mime-mapping>
+ <extension>shtml</extension>
+ <mime-type>text/x-server-parsed-html</mime-type>
+ </mime-mapping>
+-->
+ <mime-mapping>
+ <extension>smf</extension>
+ <mime-type>audio/x-midi</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>sit</extension>
+ <mime-type>application/x-stuffit</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>snd</extension>
+ <mime-type>audio/basic</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>src</extension>
+ <mime-type>application/x-wais-source</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>sv4cpio</extension>
+ <mime-type>application/x-sv4cpio</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>sv4crc</extension>
+ <mime-type>application/x-sv4crc</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>swf</extension>
+ <mime-type>application/x-shockwave-flash</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>t</extension>
+ <mime-type>application/x-troff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tar</extension>
+ <mime-type>application/x-tar</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tcl</extension>
+ <mime-type>application/x-tcl</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tex</extension>
+ <mime-type>application/x-tex</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>texi</extension>
+ <mime-type>application/x-texinfo</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>texinfo</extension>
+ <mime-type>application/x-texinfo</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tif</extension>
+ <mime-type>image/tiff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tiff</extension>
+ <mime-type>image/tiff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tr</extension>
+ <mime-type>application/x-troff</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>tsv</extension>
+ <mime-type>text/tab-separated-values</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>txt</extension>
+ <mime-type>text/plain</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ulw</extension>
+ <mime-type>audio/basic</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ustar</extension>
+ <mime-type>application/x-ustar</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>vxml</extension>
+ <mime-type>application/voicexml+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xbm</extension>
+ <mime-type>image/x-xbitmap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xht</extension>
+ <mime-type>application/xhtml+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xhtml</extension>
+ <mime-type>application/xhtml+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xml</extension>
+ <mime-type>application/xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xpm</extension>
+ <mime-type>image/x-xpixmap</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xsl</extension>
+ <mime-type>application/xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xslt</extension>
+ <mime-type>application/xslt+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xul</extension>
+ <mime-type>application/vnd.mozilla.xul+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xwd</extension>
+ <mime-type>image/x-xwindowdump</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>wav</extension>
+ <mime-type>audio/x-wav</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>svg</extension>
+ <mime-type>image/svg+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>svgz</extension>
+ <mime-type>image/svg+xml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>vsd</extension>
+ <mime-type>application/x-visio</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- Wireless Bitmap -->
+ <extension>wbmp</extension>
+ <mime-type>image/vnd.wap.wbmp</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- WML Source -->
+ <extension>wml</extension>
+ <mime-type>text/vnd.wap.wml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- Compiled WML -->
+ <extension>wmlc</extension>
+ <mime-type>application/vnd.wap.wmlc</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- WML Script Source -->
+ <extension>wmls</extension>
+ <mime-type>text/vnd.wap.wmlscript</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <!-- Compiled WML Script -->
+ <extension>wmlscriptc</extension>
+ <mime-type>application/vnd.wap.wmlscriptc</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>wrl</extension>
+ <mime-type>x-world/x-vrml</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>Z</extension>
+ <mime-type>application/x-compress</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>z</extension>
+ <mime-type>application/x-compress</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>zip</extension>
+ <mime-type>application/zip</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>xls</extension>
+ <mime-type>application/vnd.ms-excel</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>doc</extension>
+ <mime-type>application/vnd.ms-word</mime-type>
+ </mime-mapping>
+ <mime-mapping>
+ <extension>ppt</extension>
+ <mime-type>application/vnd.ms-powerpoint</mime-type>
+ </mime-mapping>
+
+ <!-- ==================== Default Welcome File List ===================== -->
+ <!-- When a request URI refers to a directory, the default servlet looks -->
+ <!-- for a "welcome file" within that directory and, if present, -->
+ <!-- to the corresponding resource URI for display. If no welcome file -->
+ <!-- is present, the default servlet either serves a directory listing, -->
+ <!-- or returns a 404 status, depending on how it is configured. -->
+ <!-- -->
+ <!-- If you define welcome files in your own application's web.xml -->
+ <!-- deployment descriptor, that list *replaces* the list configured -->
+ <!-- here, so be sure that you include any of the default values that -->
+ <!-- you wish to include. -->
+
+ <welcome-file-list>
+ <welcome-file>index.html</welcome-file>
+ <welcome-file>index.htm</welcome-file>
+ <welcome-file>index.jsp</welcome-file>
+ </welcome-file-list>
+
+</web-app>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/server.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/server.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jboss-web.deployer/server.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,181 @@
+<Server>
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+ <!-- Use a custom version of StandardService that allows the
+ connectors to be started independent of the normal lifecycle
+ start to allow web apps to be deployed before starting the
+ connectors.
+ -->
+ <Service name="jboss.web">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Documentation at :
+ Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
+ Java AJP Connector: /docs/config/ajp.html
+ APR (HTTP/AJP) Connector: /docs/apr.html
+ Define a non-SSL HTTP/1.1 Connector on port 8080
+ -->
+ <Connector port="8080" address="${jboss.bind.address}"
+ maxThreads="250" maxHttpHeaderSize="8192"
+ emptySessionPath="true" protocol="HTTP/1.1"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ connectionTimeout="20000" disableUploadTimeout="true" />
+
+ <!-- SSL/TLS Connector configuration -->
+ <Connector port="8443" address="${jboss.bind.address}"
+ maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
+ scheme="https" secure="true" clientAuth="true" SSLEnabled="true"
+ truststoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ truststorePass="unit-tests-server"
+ keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ keystorePass="unit-tests-server" sslProtocol = "TLS" />
+
+ <!-- A HTTP/1.1 Connector on port 9080 which redirects to 9443 for https -->
+ <Connector port="9080" address="${jboss.bind.address}"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false" redirectPort="9443" acceptCount="100"
+ connectionTimeout="20000" disableUploadTimeout="true"/>
+ <!-- SSL/TLS Connector configuration -->
+ <Connector port="9443" address="${jboss.bind.address}"
+ maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
+ scheme="https" secure="true" clientAuth="true" SSLEnabled="true"
+ sslProtocol = "TLS" securityDomain="java:/jaas/jbosstest-ssl"
+ SSLImplementation="org.jboss.net.ssl.JBossImplementation" />
+ <!-- SSL/TLS Connector with encrypted keystore password configuration -->
+ <Connector port="9943" address="${jboss.bind.address}"
+ maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
+ scheme="https" secure="true" clientAuth="true" SSLEnabled="true"
+ sslProtocol = "TLS" securityDomain="java:/jaas/encrypt-keystore-password"
+ SSLImplementation="org.jboss.net.ssl.JBossImplementation" />
+
+
+ <Engine name="jboss.web" defaultHost="localhost">
+
+ <!-- The JAAS based authentication and authorization realm implementation
+ that is compatible with the jboss 3.2.x realm implementation.
+ - certificatePrincipal : the class name of the
+ org.jboss.security.auth.certs.CertificatePrincipal impl
+ used for mapping X509[] cert chains to a Princpal.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ -->
+ <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
+ behavior of JBossSecurityMgrRealm, but overrides the authorization
+ checks to use JACC permissions with the current java.security.Policy
+ to determine authorized access.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ -->
+
+ <Host name="localhost"
+ autoDeploy="false" deployOnStartup="false" deployXML="false"
+ configClass="org.jboss.web.tomcat.security.config.JBossContextConfig"
+ >
+
+ <!-- Uncomment to enable request dumper. This Valve "logs interesting
+ contents from the specified Request (before processing) and the
+ corresponding Response (after processing). It is especially useful
+ in debugging problems related to headers and cookies."
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ -->
+
+ <!-- Access logger -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ prefix="localhost_access_log." suffix=".log"
+ pattern="common" directory="${jboss.server.home.dir}/log"
+ resolveHosts="false" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host. Does not provide SSO across a cluster.
+
+ If this valve is used, do not use the JBoss ClusteredSingleSignOn
+ valve shown below.
+
+ A new configuration attribute is available beginning with
+ release 4.0.4:
+
+ cookieDomain configures the domain to which the SSO cookie
+ will be scoped (i.e. the set of hosts to
+ which the cookie will be presented). By default
+ the cookie is scoped to "/", meaning the host
+ that presented it. Set cookieDomain to a
+ wider domain (e.g. "xyz.com") to allow an SSO
+ to span more than one hostname.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host AND to all other hosts in the cluster.
+
+ If this valve is used, do not use the standard Tomcat SingleSignOn
+ valve shown above.
+
+ Valve uses a JBossCache instance to support SSO credential
+ caching and replication across the cluster. The JBossCache
+ instance must be configured separately. By default, the valve
+ shares a JBossCache with the service that supports HttpSession
+ replication. See the "jboss-web-cluster-service.xml" file in the
+ server/all/deploy directory for cache configuration details.
+
+ Besides the attributes supported by the standard Tomcat
+ SingleSignOn valve (see the Tomcat docs), this version also
+ supports the following attributes:
+
+ cookieDomain see above
+
+ treeCacheName JMX ObjectName of the JBossCache MBean used to
+ support credential caching and replication across
+ the cluster. If not set, the default value is
+ "jboss.cache:service=TomcatClusteringCache", the
+ standard ObjectName of the JBossCache MBean used
+ to support session replication.
+ -->
+ <!-- -->
+ <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" />
+
+
+ <!-- Check for unclosed connections and transaction terminated checks
+ in servlets/jsps.
+
+ Important: The dependency on the CachedConnectionManager
+ in META-INF/jboss-service.xml must be uncommented, too
+ -->
+ <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
+ cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
+ transactionManagerObjectName="jboss:service=TransactionManager" />
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+</Server>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/jboss-web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/jboss-web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/jboss-web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,6 @@
+<jboss-web>
+ <!-- Uncomment the security-domain to enable security. You will
+ need to edit the htmladaptor login configuration to setup the
+ login modules used to authentication users. -->
+ <security-domain>java:/jaas/jmx-console</security-domain>
+</jboss-web>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-console.war/WEB-INF/web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,108 @@
+<?xml version="1.0"?>
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+ <description>The standard web descriptor for the html adaptor</description>
+ <!--
+ <filter>
+ <filter-name>JmxOpsAccessControlFilter</filter-name>
+ <filter-class>org.jboss.jmx.adaptor.html.JMXOpsAccessControlFilter</filter-class>
+ <init-param>
+ <param-name>updateAttributes</param-name>
+ <param-value>UpdateAttributeRole</param-value>
+ <description>Comma-delimited Roles that define the JMX Operation denoting updation of Attributes</description>
+ </init-param>
+ <init-param>
+ <param-name>invokeOp</param-name>
+ <param-value>InvokeOpRole</param-value>
+ <description>Comma-delimited Roles that define the JMX Operation denoting Invocation of Operations</description>
+ </init-param>
+ </filter>
+ <filter-mapping>
+ <filter-name>JmxOpsAccessControlFilter</filter-name>
+ <servlet-name>HtmlAdaptor</servlet-name>
+ </filter-mapping>
+ -->
+ <servlet>
+ <servlet-name>HtmlAdaptor</servlet-name>
+ <servlet-class>org.jboss.jmx.adaptor.html.HtmlAdaptorServlet</servlet-class>
+ </servlet>
+ <servlet>
+ <servlet-name>ClusteredConsoleServlet</servlet-name>
+ <servlet-class>org.jboss.jmx.adaptor.html.ClusteredConsoleServlet</servlet-class>
+ <init-param>
+ <param-name>jgProps</param-name>
+ <param-value>UDP(ip_mcast=true;ip_ttl=16;loopback=false;mcast_addr=${jboss.partition.udpGroup:228.1.2.3};mcast_port=${jboss.hapartition.mcast_port:45566}):
+org.jboss.jmx.adaptor.control.FindView
+ </param-value>
+ <description>The JGroups protocol stack config</description>
+ </init-param>
+ </servlet>
+ <servlet>
+ <servlet-name>DisplayMBeans</servlet-name>
+ <jsp-file>/displayMBeans.jsp</jsp-file>
+ </servlet>
+ <servlet>
+ <servlet-name>InspectMBean</servlet-name>
+ <jsp-file>/inspectMBean.jsp</jsp-file>
+ </servlet>
+ <servlet>
+ <servlet-name>DisplayOpResult</servlet-name>
+ <jsp-file>/displayOpResult.jsp</jsp-file>
+ </servlet>
+ <servlet>
+ <servlet-name>ClusterView</servlet-name>
+ <jsp-file>/cluster/clusterView.jsp</jsp-file>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>HtmlAdaptor</servlet-name>
+ <url-pattern>/HtmlAdaptor</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>ClusteredConsoleServlet</servlet-name>
+ <url-pattern>/cluster/ClusteredConsole</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>DisplayMBeans</servlet-name>
+ <url-pattern>/DisplayMBeans</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>InspectMBean</servlet-name>
+ <url-pattern>/InspectMBean</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>DisplayOpResult</servlet-name>
+ <url-pattern>/DisplayOpResult</url-pattern>
+ </servlet-mapping>
+
+ <!-- A security constraint that restricts access to the HTML JMX console
+ to users with the role JBossAdmin. Edit the roles to what you want and
+ uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
+ secured access to the HTML JMX console. -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HtmlAdaptor</web-resource-name>
+ <description>An example security config that only allows users with the
+ role JBossAdmin to access the HTML JMX console web application
+ </description>
+ <url-pattern>/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>JBossAdmin</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBoss JMX Console</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>JBossAdmin</role-name>
+ </security-role>
+</web-app>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-invoker-service.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-invoker-service.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/jmx-invoker-service.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,131 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- $Id: jboss-service.xml 65305 2007-09-11 21:15:24Z fnasser at redhat.com $ -->
+<server>
+
+ <!-- The JRMP invoker proxy configuration for the InvokerAdaptorService -->
+ <mbean code="org.jboss.invocation.jrmp.server.JRMPProxyFactory"
+ name="jboss.jmx:type=adaptor,name=Invoker,protocol=jrmp,service=proxyFactory">
+ <!-- Use the standard JRMPInvoker from conf/jboss-service.xxml -->
+ <depends optional-attribute-name="InvokerName">jboss:service=invoker,type=jrmp</depends>
+ <!-- The target MBean is the InvokerAdaptorService configured below -->
+ <depends optional-attribute-name="TargetName">jboss.jmx:type=adaptor,name=Invoker</depends>
+ <!-- Where to bind the RMIAdaptor proxy -->
+ <attribute name="JndiName">jmx/invoker/RMIAdaptor</attribute>
+ <!-- The RMI compabitle MBeanServer interface -->
+ <attribute name="ExportedInterfaces">org.jboss.jmx.adaptor.rmi.RMIAdaptor,
+ org.jboss.jmx.adaptor.rmi.RMIAdaptorExt
+ </attribute>
+ <attribute name="ClientInterceptors">
+ <interceptors>
+ <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor>
+ <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
+ <interceptor>org.jboss.jmx.connector.invoker.client.InvokerAdaptorClientInterceptor</interceptor>
+ <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
+ </interceptors>
+ </attribute>
+ <depends>jboss:service=Naming</depends>
+ </mbean>
+
+ <!--
+ Choose the remote proxy to expose mbean proxies over
+ -->
+ <mbean code="org.jboss.jmx.connector.invoker.MBeanProxyRemote"
+ name="jboss.jmx:type=adaptor,name=MBeanProxyRemote,protocol=jrmp">
+ <depends optional-attribute-name="MBeanServerConnection">jboss.jmx:type=adaptor,name=Invoker,protocol=jrmp,service=proxyFactory</depends>
+ </mbean>
+
+ <!-- Create a mapping from the legacy jmx-rmi-adaptor.sar binding to the
+ jmx-invoker-adaptor-server.sar JndiName specified above for backwards
+ portability.
+ -->
+ <mbean code="org.jboss.naming.NamingAlias" name="jboss.jmx:alias=jmx/rmi/RMIAdaptor">
+ <attribute name="FromName">jmx/rmi/RMIAdaptor</attribute>
+ <attribute name="ToName">jmx/invoker/RMIAdaptor</attribute>
+ <depends>jboss:service=Naming</depends>
+ </mbean>
+
+ <!-- This is the service that handles the RMIAdaptor invocations by routing
+ them to the MBeanServer the service is deployed under. -->
+ <mbean code="org.jboss.jmx.connector.invoker.InvokerAdaptorService"
+ name="jboss.jmx:type=adaptor,name=Invoker"
+ xmbean-dd="">
+ <xmbean>
+ <description>The JMX Detached Invoker Service</description>
+ <class>org.jboss.jmx.connector.invoker.InvokerAdaptorService</class>
+
+ <!-- Attributes -->
+ <attribute access="read-only" getMethod="getName">
+ <description>The class name of the MBean</description>
+ <name>Name</name>
+ <type>java.lang.String</type>
+ </attribute>
+ <attribute access="read-only" getMethod="getState">
+ <description>The status of the MBean</description>
+ <name>State</name>
+ <type>int</type>
+ </attribute>
+ <attribute access="read-only" getMethod="getStateString">
+ <description>The status of the MBean in text form</description>
+ <name>StateString</name>
+ <type>java.lang.String</type>
+ </attribute>
+ <attribute access="read-write" getMethod="getExportedInterfaces" setMethod="setExportedInterfaces">
+ <description>The interfaces the invoker proxy supports</description>
+ <name>ExportedInterfaces</name>
+ <type>[Ljava.lang.Class;</type>
+ </attribute>
+ <attribute access="read-only" getMethod="getMethodMap">
+ <description>Map(Long hash, Method) of the proxy interface methods</description>
+ <name>MethodMap</name>
+ <type>java.util.Map</type>
+ </attribute>
+ <!-- Operations -->
+ <operation>
+ <description>The start lifecycle operation</description>
+ <name>start</name>
+ </operation>
+ <operation>
+ <description>The stop lifecycle operation</description>
+ <name>stop</name>
+ </operation>
+ <operation>
+ <description>The detyped lifecycle operation (for internal use only)</description>
+ <name>jbossInternalLifecycle</name>
+ <parameter>
+ <description>The lifecycle operation</description>
+ <name>method</name>
+ <type>java.lang.String</type>
+ </parameter>
+ <return-type>void</return-type>
+ </operation>
+
+ <operation>
+ <description>The detached invoker entry point</description>
+ <name>invoke</name>
+ <parameter>
+ <description>The method invocation context</description>
+ <name>invocation</name>
+ <type>org.jboss.invocation.Invocation</type>
+ </parameter>
+ <return-type>java.lang.Object</return-type>
+ <descriptors>
+ <interceptors>
+ <!-- Uncomment to require authenticated users
+ <interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor"
+ securityDomain="java:/jaas/jmx-console"/>
+ -->
+ <!-- Interceptor that deals with non-serializable results -->
+ <interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor"
+ policyClass="StripModelMBeanInfoPolicy"/>
+ </interceptors>
+ </descriptors>
+ </operation>
+ </xmbean>
+
+ <attribute name="ExportedInterfaces">org.jboss.jmx.adaptor.rmi.RMIAdaptor,
+ org.jboss.jmx.adaptor.rmi.RMIAdaptorExt
+ </attribute>
+ </mbean>
+
+</server>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/keystore.password
===================================================================
(Binary files differ)
Property changes on: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/keystore.password
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-roles.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-roles.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-roles.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+admin=JBossAdmin
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,2 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+admin=admin
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,16 @@
+<?xml version='1.0' encoding='UTF-8' ?>
+
+<!DOCTYPE jboss-web
+ PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
+ "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">
+
+<jboss-web>
+
+ <!-- Uncomment the security-domain to enable security. You will
+ need to edit the htmladaptor login configuration to setup the
+ login modules used to authentication users. -->
+ <security-domain>java:/jaas/web-console</security-domain>
+
+ <!-- The war depends on the -->
+ <depends>jboss.admin:service=PluginManager</depends>
+</jboss-web>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,366 @@
+<?xml version="1.0"?>
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+ <description>Web Admin Console</description>
+ <servlet>
+ <servlet-name>J2EEFolder</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>ScriptName</param-name>
+ <param-value>J2EEFolder.bsh</param-value>
+ </init-param>
+ <init-param>
+ <param-name>IsRootNode</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>SystemFolder</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>ScriptName</param-name>
+ <param-value>SystemFolder.bsh</param-value>
+ </init-param>
+ <init-param>
+ <param-name>IsRootNode</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>MonitorsFolder</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.MonitorLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>IsRootNode</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>AOPFolder</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.AOPLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>IsRootNode</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JMS Message</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.JMSLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>MBeanClass</param-name>
+ <param-value>org.jboss.management.j2ee.JMSResource</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <!--servlet>
+ <servlet-name>UCLs</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>ScriptName</param-name>
+ <param-value>Classloaders.bsh</param-value>
+ </init-param>
+ <init-param>
+ <param-name>FolderName</param-name>
+ <param-value>ROOT/System</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet-->
+
+ <servlet>
+ <servlet-name>UCLs</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.UCLLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>FolderName</param-name>
+ <param-value>ROOT/System</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>MBeans</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.MBeansLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>FolderName</param-name>
+ <param-value>ROOT/System</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JSR77 Domains and Servers</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.JSR77Lister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>FolderName</param-name>
+ <param-value>ROOT/J2EE</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JSR77 EJBModules and EJBs</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.EJBModuleLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>MBeanClass</param-name>
+ <param-value>org.jboss.management.j2ee.EJBModule</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JSR77 J2EE Apps</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.J2EEAppLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>MBeanClass</param-name>
+ <param-value>org.jboss.management.j2ee.J2EEApplication</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>JSR77 WebModule</servlet-name>
+ <servlet-class>org.jboss.console.plugins.helpers.ServletPluginHelper</servlet-class>
+ <init-param>
+ <param-name>WrapperClass</param-name>
+ <param-value>org.jboss.console.plugins.WebModuleLister</param-value>
+ </init-param>
+ <init-param>
+ <param-name>MBeanClass</param-name>
+ <param-value>org.jboss.management.j2ee.WebModule</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ContextName</param-name>
+ <param-value>/web-console</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>HTTP Invocation</servlet-name>
+ <servlet-class>org.jboss.console.remote.InvokerServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Create Snapshot</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.CreateSnapshotServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Manage Snapshot</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.ManageSnapshotServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Create Threshold Monitor</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.CreateThresholdMonitorServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Manage Threshold Monitor</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.ManageThresholdMonitorServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Create String Threshold Monitor</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.CreateStringThresholdMonitorServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Manage String Threshold Monitor</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.ManageStringThresholdMonitorServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Clear Monitor Alerts</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.ClearMonitorAlertsServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Acknowledge Active Alarms</servlet-name>
+ <servlet-class>org.jboss.console.plugins.monitor.AcknowledgeActiveAlarmsServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet>
+ <servlet-name>Status Servlet</servlet-name>
+ <servlet-class>org.jboss.web.tomcat.service.StatusServlet</servlet-class>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>Status Servlet</servlet-name>
+ <url-pattern>/status</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>HTTP Invocation</servlet-name>
+ <url-pattern>/Invoker/*</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Create Snapshot</servlet-name>
+ <url-pattern>/CreateSnapshot</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Manage Snapshot</servlet-name>
+ <url-pattern>/ManageSnapshot</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Create Threshold Monitor</servlet-name>
+ <url-pattern>/CreateThresholdMonitor</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Manage Threshold Monitor</servlet-name>
+ <url-pattern>/ManageThresholdMonitor</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Create String Threshold Monitor</servlet-name>
+ <url-pattern>/CreateStringThresholdMonitor</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Manage String Threshold Monitor</servlet-name>
+ <url-pattern>/ManageStringThresholdMonitor</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Clear Monitor Alerts</servlet-name>
+ <url-pattern>/ClearMonitorAlerts</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
+ <servlet-name>Acknowledge Active Alarms</servlet-name>
+ <url-pattern>/AcknowledgeActiveAlarms</url-pattern>
+ </servlet-mapping>
+
+ <taglib>
+ <taglib-uri>/webconsole</taglib-uri>
+ <taglib-location>/WEB-INF/tlds/webconsole.tld</taglib-location>
+ </taglib>
+
+ <!-- A security constraint that restricts access to the HTML JMX console
+ to users with the role JBossAdmin. Edit the roles to what you want and
+ uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
+ secured access to the HTML JMX console. -->
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HtmlAdaptor</web-resource-name>
+ <description>An example security config that only allows users with the
+ role JBossAdmin to access the HTML JMX console web application
+ </description>
+ <url-pattern>/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>JBossAdmin</role-name>
+ </auth-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBoss WEB Console</realm-name>
+ </login-config>
+
+ <security-role>
+ <role-name>JBossAdmin</role-name>
+ </security-role>
+</web-app>
Added: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/security-service.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/security-service.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/resources/test-configs/cc/deploy/security-service.xml 2008-10-02 11:53:48 UTC (rev 79020)
@@ -0,0 +1,21 @@
+<server>
+ <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
+ name="jboss.security:service=SecurityDomain">
+ <constructor>
+ <arg type="java.lang.String" value="jbosstest-ssl"/>
+ </constructor>
+ <attribute name="KeyStoreURL">resource:localhost.keystore</attribute>
+ <attribute name="KeyStorePass">unit-tests-server</attribute>
+ </mbean>
+
+ <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
+ name="jboss.security:service=PBESecurityDomain">
+ <constructor>
+ <arg type="java.lang.String" value="encrypt-keystore-password"/>
+ </constructor>
+ <attribute name="KeyStoreURL">resource:localhost.keystore</attribute>
+ <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/deploy/keystore.password</attribute>
+ <attribute name="Salt">welcometojboss</attribute>
+ <attribute name="IterationCount">13</attribute>
+ </mbean>
+</server>
More information about the jboss-cvs-commits
mailing list