[jbosstools-dev] Deltaspike
Viacheslav Kabanovich
scabanovich at exadel.com
Mon Jan 21 12:22:43 EST 2013
Hi Jaroslav
> Note, I am using deltaspike 0.4 incubation version. May this be a
problem?
Yes, our tool supports 0.3 incubation version. In version 0.4, class
implementing Extension interface
is moved from
org.apache.deltaspike.security.impl.authorization.SecurityExtension
to org.apache.deltaspike.security.impl.extension.SecurityExtension. That
name is registered in META-INF/javax.enterprise.inject.spi.Extension.
Best regards
Slava Kabanovich
On 01/21/2013 12:27 AM, Jaroslav Jankovic wrote:
> Hi Slava,
>
> what triggers CDI Validator to work? I have performed all steps you've
> provided but still no errors nor warnings.
>
> I have CDI enabled project with 4 deltaspike jars on its classpath
> (core-api/impl, secure model-api/impl). What am I missing?
>
> Note, I am using deltaspike 0.4 incubation version. May this be a problem?
>
> J.J.
>
> On 01/15/2013 06:40 PM, Viacheslav Kabanovich wrote:
>>
>>
>>
>> -------- Original Message --------
>> Subject: Re: Deltaspike
>> Date: Tue, 15 Jan 2013 09:32:03 -0800
>> From: Viacheslav Kabanovich <scabanovich at exadel.com>
>> To: Jaroslav Jankovic <jjankovi at redhat.com>
>>
>>
>>
>> Hi Jaroslav
>>
>> Please look at test DeltaspikeValidationTest in plugin
>> org.jboss.tools.cdi.deltaspike.core.test
>> Method testSecurityValidation() tests all situations that our
>> validation supports. It works with test project located at
>> org.jboss.tools.cdi.deltaspike.core.test/projects/DeltaspikeCoreTest
>>
>> For example, in the last assert, it checks that error is added at
>> method SecuredBean1.doSomething3() "No matching authorizer found for
>> security binding type deltaspike.security.CustomSecurityBinding on
>> method doSomething3" because there is no authorized method with
>> binding CustomSecurityBinding(1). Class CustomAuthorizer declares
>> five authorizer methods, but they do not match this binding. On the
>> other hand two authorizer methods match SecuredBean1.doSomething2()
>> so that another assert checks that there is error on that method
>> "Ambiguous authorizers found for security binding type
>> deltaspike.security.CustomSecurityBinding on method doSomething2"
>>
>> So, steps:
>> 1. Annotation type for security binding
>> @SecurityBindingType
>> public @interface CustomSecurityBinding {
>> int value() default 0;
>> }
>>
>> 2. Class providing authorizing methods
>> public class CustomAuthorizer {
>>
>> @Secures
>> @CustomSecurityBinding(4)
>> public boolean check() {
>> return true;
>> }
>>
>> @Secures
>> @CustomSecurityBinding(4)
>> public boolean check1() {
>> return true;
>> }
>>
>> @Secures // error - authorizer method should return boolean
>> @CustomSecurityBinding2
>> public void check3() {
>> }
>>
>> @Secures //error - authorizer method should have a binding annotation
>> public boolean check4() {
>> return true;
>> }
>>
>> }
>>
>> 3. Class with security methods
>> public class SecuredBean1 {
>>
>> @CustomSecurityBinding(4) // error - two authorizer methods match
>> public SecuredBean1 doSomething2() {
>> return null;
>> }
>>
>> @CustomSecurityBinding(1) // error - no matching authorizer method
>> public SecuredBean1 doSomething3() {
>> return null;
>> }
>> }
>>
>> Best regards
>> Slava Kabanovich
>>
>> On 01/15/2013 03:34 AM, Jaroslav Jankovic wrote:
>>> Hi Slava,
>>>
>>> I am implementing integration tests for deltaspike. I have only one
>>> problem - it is security model.
>>> I cannot figure out circumstances under which specific validation
>>> problems appear. I mean I have read all documentation about security
>>> model in deltaspike I had found, but with no success. I have also
>>> read your comment in https://issues.jboss.org/browse/JBIDE-11552,
>>> but also no progress.
>>>
>>> Can you please provide me exact steps to simulate all security
>>> validations situations supported for deltaspike?
>>>
>>> I would really appreciate it.
>>> Thanks
>>>
>>> Best regards
>>> Jaroslav Jankovic
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jbosstools-dev/attachments/20130121/28b42a69/attachment.html
More information about the jbosstools-dev
mailing list