1:29 a.m.
[
https://jira.jboss.org/jira/browse/EJBTHREE-1795?page=com.atlassian.jira....
]
jaikiran pai updated EJBTHREE-1795:
-----------------------------------
Description:
During the current EJB3 1.1.3 release, it was observed that
org.jboss.ejb3.test.changexml.ChangeXMLUnitTestCase fails when run with other tests
(particularly involving a security/security domain test). Running only this specific
testcase gets it passing. The testcase is not very robust, the way it currently is:
...
SecurityClient client = SecurityClientFactory.getSecurityClient();
client.setSimple("somebody", "password");
client.login();
....
// bean = jboss metadata
bean.setSecurityDomain("other");
// Now this shouldn't work
try
{
local.doSomething("bad");
}
catch (EJBAccessException expected)
{
return;
}
throw new RuntimeException("Should not be here!");
From the comments of this testcase, it appears to be testing that
changing to session bean metadata to add a security domain dynamically, works as expected.
The issue with this is that when this test is run along with other tests, the
"other" security domain and the corresponding user/roles properties, which are
already loaded as part of some other testcase get picked up. Incidentally, those
properties files have the login credentials for "somebody". Effectively, the
security authentication succeeds and the method on the bean is successfully invoked. Thus
the test failure. Note that when run as a single test, the users/roles properties (for the
"other" domain) are not found and hence the EJBAccessException is caught as
expected and the test case passes.
To make this test more robust, here's what has to be done:
1) Configure a custom unique security domain for this testcase (ex:
changexml-security-domain).
2) Use custom unique users/roles properties file to ensure that these will be picked and
not some random/stray property files.
Both these steps are easy to accomplish in the testcase.
was:
During the current EJB3 1.1.3 release, it was observed that
org.jboss.ejb3.test.changexml.ChangeXMLUnitTestCase fails when run with other tests
(particularly involving a security/security domain test). Running only this specific
testcase gets it passing. The testcase is not very robust, the way it currently is:
Fix the ChangeXMLUnitTestCase to be more robust
-----------------------------------------------
Key: EJBTHREE-1795
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1795
Project: EJB 3.0
Issue Type: Bug
Components: testsuite
Affects Versions: 1.1.3
Reporter: jaikiran pai
Assignee: jaikiran pai
During the current EJB3 1.1.3 release, it was observed that
org.jboss.ejb3.test.changexml.ChangeXMLUnitTestCase fails when run with other tests
(particularly involving a security/security domain test). Running only this specific
testcase gets it passing. The testcase is not very robust, the way it currently is:
...
SecurityClient client = SecurityClientFactory.getSecurityClient();
client.setSimple("somebody", "password");
client.login();
....
// bean = jboss metadata
bean.setSecurityDomain("other");
// Now this shouldn't work
try
{
local.doSomething("bad");
}
catch (EJBAccessException expected)
{
return;
}
throw new RuntimeException("Should not be here!");
From the comments of this testcase, it appears to be testing that changing to session
bean metadata to add a security domain dynamically, works as expected.
The issue with this is that when this test is run along with other tests, the
"other" security domain and the corresponding user/roles properties, which are
already loaded as part of some other testcase get picked up. Incidentally, those
properties files have the login credentials for "somebody". Effectively, the
security authentication succeeds and the method on the bean is successfully invoked. Thus
the test failure. Note that when run as a single test, the users/roles properties (for the
"other" domain) are not found and hence the EJBAccessException is caught as
expected and the test case passes.
To make this test more robust, here's what has to be done:
1) Configure a custom unique security domain for this testcase (ex:
changexml-security-domain).
2) Use custom unique users/roles properties file to ensure that these will be picked and
not some random/stray property files.
Both these steps are easy to accomplish in the testcase.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira