]
Ondrej Lukas moved JBEAP-2027 to WFLY-5742:
-------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-5742 (was: JBEAP-2027)
Workflow: GIT Pull Request workflow (was: CDW v1)
Component/s: Security
Test Suite
(was: Security)
(was: Test Suite)
Target Release: (was: 7.0.0.GA)
Affects Version/s: 10.0.0.CR4
(was: 7.0.0.DR12)
Fix test coverage for @RunAs in servlets
----------------------------------------
Key: WFLY-5742
URL:
https://issues.jboss.org/browse/WFLY-5742
Project: WildFly
Issue Type: Bug
Components: Security, Test Suite
Affects Versions: 10.0.0.CR4
Reporter: Ondrej Lukas
Assignee: Ondrej Lukas
Test coverage for {{@RunAs}} annotated servlets testing is not sufficient in the server.
The {{WebSecurityRunAsTestCase}} in {{testsuite/integration/basic}} doesn't test the
behavior correctly as mentioned in [this
comment|https://issues.jboss.org/browse/WFLY-5015?focusedCommentId=131008...]
of WFLY-5015.
I suggest to move the coverage to manualmode to be able to test also the behavior of
{{@RunAs}} annotated {{HttpServlet.destroy()}} method during AS server shutdown.
Possible "sun-shine" test scenario:
* prepare deployment
** use init parameter to configure path to a file which will serve as exceptions-counter
for the application
** add EJB annotated with {{@RolesAllowed("Admin")}}
** add {{@RunAs("Admin")}} annotated servlet which calls the EJB in {{init()}},
{{doGet()}} and {{destroy()}} methods - if exception is thrown it increases the counter in
the file (init param)
* start server
* deploy the test deployment
* make call to the servlet
* stop the server
* start the server again
* make call to the servlet
* undeploy test deployment
* check the counter (in file) if the exceptions count is 0
Create "cloudy" scenarios based on modifications of the "sun-shine"
one. (E.g. alter the run-as role name used in servlet and check the EJB call falls in all
cases)