Author: alessio.soldano(a)jboss.com
Date: 2012-10-18 12:36:30 -0400 (Thu, 18 Oct 2012)
New Revision: 16918
Added:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint.java
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint1Impl.java
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint2Impl.java
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllTestCase.java
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-roles.properties
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
Modified:
shared-testsuite/trunk/testsuite/src/test/ant-import/build-samples-jaxws.xml
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpoint.java
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpointImpl.java
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecurityDomainTestCase.java
Log:
* Improving @SecurityDomain testcase
* [AS7-5784] Adding testcase (PermitAllTestCase)
Modified: shared-testsuite/trunk/testsuite/src/test/ant-import/build-samples-jaxws.xml
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/ant-import/build-samples-jaxws.xml 2012-10-16
18:37:47 UTC (rev 16917)
+++
shared-testsuite/trunk/testsuite/src/test/ant-import/build-samples-jaxws.xml 2012-10-18
16:36:30 UTC (rev 16918)
@@ -273,6 +273,13 @@
</fileset>
</jar>
+ <!-- jaxws-samples-securityDomain-permitall -->
+ <jar
destfile="${tests.output.dir}/test-libs/jaxws-samples-securityDomain-permitall.jar">
+ <fileset dir="${tests.output.dir}/test-classes">
+ <include
name="org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint*Impl.class"/>
+ </fileset>
+ </jar>
+
<!-- jaxws-samples-serviceref -->
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-serviceref.war"
webxml="${tests.output.dir}/test-resources/jaxws/samples/serviceref/WEB-INF/web.xml">
<classes dir="${tests.output.dir}/test-classes">
Added:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint.java
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.securityDomain;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.jws.soap.SOAPBinding.Style;
+
+@WebService(name = "PermitAllSecureEndpoint", targetNamespace =
"http://org.jboss.ws/securityDomain")
+@SOAPBinding(style = Style.RPC)
+public interface PermitAllSecureEndpoint
+{
+
+ @WebMethod
+ @WebResult(targetNamespace = "http://org.jboss.ws/securityDomain", partName
= "return")
+ public String echo(@WebParam(name = "arg0", partName = "arg0")
String arg0);
+}
Added:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint1Impl.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint1Impl.java
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint1Impl.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,66 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.securityDomain;
+
+import javax.annotation.security.PermitAll;
+import javax.ejb.Stateless;
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.jws.soap.SOAPBinding.Style;
+
+import org.jboss.ejb3.annotation.SecurityDomain;
+import org.jboss.logging.Logger;
+import org.jboss.ws.api.annotation.AuthMethod;
+import org.jboss.ws.api.annotation.TransportGuarantee;
+import org.jboss.ws.api.annotation.WebContext;
+
+@Stateless(name = "PermitAllSecureEndpoint1")
+@SOAPBinding(style = Style.RPC)
+@WebService
+(
+ name = "PermitAllSecureEndpoint1",
+ serviceName = "PermitAllSecureEndpoint1Service",
+ targetNamespace = "http://org.jboss.ws/securityDomain"
+)
+@WebContext
+(
+ contextRoot="/jaxws-securityDomain-permitall",
+ urlPattern="/one",
+ authMethod = AuthMethod.BASIC,
+ transportGuarantee = TransportGuarantee.NONE,
+ secureWSDLAccess = false
+)
+@PermitAll
+@SecurityDomain("JBossWSSecurityDomainPermitAllTest")
+public class PermitAllSecureEndpoint1Impl
+{
+ // Provide logging
+ private static Logger log = Logger.getLogger(PermitAllSecureEndpoint1Impl.class);
+
+ @WebMethod
+ public String echo(String input)
+ {
+ log.info(input);
+ return input;
+ }
+}
Added:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint2Impl.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint2Impl.java
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllSecureEndpoint2Impl.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,68 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.securityDomain;
+
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+import javax.ejb.Stateless;
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.jws.soap.SOAPBinding.Style;
+
+import org.jboss.ejb3.annotation.SecurityDomain;
+import org.jboss.logging.Logger;
+import org.jboss.ws.api.annotation.AuthMethod;
+import org.jboss.ws.api.annotation.TransportGuarantee;
+import org.jboss.ws.api.annotation.WebContext;
+
+@Stateless(name = "PermitAllSecureEndpoint2")
+@SOAPBinding(style = Style.RPC)
+@WebService
+(
+ name = "PermitAllSecureEndpoint2",
+ serviceName = "PermitAllSecureEndpoint2Service",
+ targetNamespace = "http://org.jboss.ws/securityDomain"
+)
+@WebContext
+(
+ contextRoot="/jaxws-securityDomain-permitall",
+ urlPattern="/two",
+ authMethod = AuthMethod.BASIC,
+ transportGuarantee = TransportGuarantee.NONE,
+ secureWSDLAccess = false
+)
+@PermitAll
+@SecurityDomain("JBossWSSecurityDomainPermitAllTest")
+public class PermitAllSecureEndpoint2Impl
+{
+ // Provide logging
+ private static Logger log = Logger.getLogger(PermitAllSecureEndpoint2Impl.class);
+
+ @WebMethod
+ @RolesAllowed("friend")
+ public String echo(String input)
+ {
+ log.info(input);
+ return input;
+ }
+}
Added:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllTestCase.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllTestCase.java
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/PermitAllTestCase.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,124 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.securityDomain;
+
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ * Test secure EJB3 endpoints using @SecurityDomain and @PermitAll, @RolesAllowed
annotations.
+ *
+ * The security domain the application is associated with comes with a
UsersRolesLoginModule and has the following users:
+ *
+ * username password roles
+ * --------- ----------- -----------------
+ * bob foo user
+ * john bar user,friend
+ * kate theprincess user,friend,royal
+ *
+ *
+ * @author alessio.soldano(a)jboss.com
+ *
+ */
+public class PermitAllTestCase extends JBossWSTest
+{
+ public final String TARGET_ENDPOINT_ADDRESS_1 = "http://" + getServerHost()
+ ":8080/jaxws-securityDomain-permitall/one";
+ public final String TARGET_ENDPOINT_ADDRESS_2 = "http://" + getServerHost()
+ ":8080/jaxws-securityDomain-permitall/two";
+
+ public static Test suite()
+ {
+ JBossWSTestSetup testSetup = new JBossWSTestSetup(PermitAllTestCase.class,
"jaxws-samples-securityDomain-permitall.jar");
+ Map<String, String> authenticationOptions = new HashMap<String,
String>();
+ authenticationOptions.put("usersProperties",
+
getResourceFile("jaxws/samples/securityDomain/jbossws-users.properties").getAbsolutePath());
+ authenticationOptions.put("rolesProperties",
+
getResourceFile("jaxws/samples/securityDomain/jbossws-roles.properties").getAbsolutePath());
+
testSetup.addSecurityDomainRequirement("JBossWSSecurityDomainPermitAllTest",
authenticationOptions);
+ return testSetup;
+ }
+
+ public void testPortOne() throws Exception
+ {
+ URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS_1 + "?wsdl");
+ QName serviceName = new QName("http://org.jboss.ws/securityDomain",
"PermitAllSecureEndpoint1Service");
+ QName portName = new QName("http://org.jboss.ws/securityDomain",
"PermitAllSecureEndpoint1Port");
+ PermitAllSecureEndpoint port = Service.create(wsdlURL,
serviceName).getPort(portName, PermitAllSecureEndpoint.class);
+
+ try {
+ port.echo("Hello");
+ fail("Authentication exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("401: Unauthorized"));
+ }
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"bob");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"foo");
+ assertEquals("Hello", port.echo("Hello"));
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"john");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"bar");
+ assertEquals("Hello", port.echo("Hello"));
+ }
+
+ public void testPortTwo() throws Exception
+ {
+ URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS_2 + "?wsdl");
+ QName serviceName = new QName("http://org.jboss.ws/securityDomain",
"PermitAllSecureEndpoint2Service");
+ QName portName = new QName("http://org.jboss.ws/securityDomain",
"PermitAllSecureEndpoint2Port");
+ PermitAllSecureEndpoint port = Service.create(wsdlURL,
serviceName).getPort(portName, PermitAllSecureEndpoint.class);
+
+ try {
+ port.echo("Hello");
+ fail("Authentication exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("401: Unauthorized"));
+ }
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"bob");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"foo");
+ try {
+ port.echo("Hello");
+ fail("Authorization exception expected!");
+ } catch (Exception e) {
+ //expected EJB3 layer authorization exception
+ assertTrue(e.getMessage().contains("not allowed"));
+ }
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"john");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"bar");
+ assertEquals("Hello", port.echo("Hello"));
+ }
+}
Modified:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpoint.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpoint.java 2012-10-16
18:37:47 UTC (rev 16917)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpoint.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -35,6 +35,14 @@
@WebMethod
@WebResult(targetNamespace = "http://org.jboss.ws/securityDomain", partName
= "return")
+ public String echoForAll(@WebParam(name = "arg0", partName =
"arg0") String arg0);
+
+ @WebMethod
+ @WebResult(targetNamespace = "http://org.jboss.ws/securityDomain", partName
= "return")
public String echo(@WebParam(name = "arg0", partName = "arg0")
String arg0);
+ @WebMethod
+ @WebResult(targetNamespace = "http://org.jboss.ws/securityDomain", partName
= "return")
+ public String restrictedEcho(@WebParam(name = "arg0", partName =
"arg0") String arg0);
+
}
Modified:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpointImpl.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpointImpl.java 2012-10-16
18:37:47 UTC (rev 16917)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecureEndpointImpl.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -1,6 +1,6 @@
/*
* JBoss, Home of Professional Open Source.
- * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
* as indicated by the @author tags. See the copyright.txt file in the
* distribution for a full listing of individual contributors.
*
@@ -21,7 +21,9 @@
*/
package org.jboss.test.ws.jaxws.samples.securityDomain;
+import javax.annotation.security.DeclareRoles;
import javax.annotation.security.RolesAllowed;
+import javax.annotation.security.PermitAll;
import javax.ejb.Stateless;
import javax.jws.WebMethod;
import javax.jws.WebService;
@@ -45,22 +47,39 @@
@WebContext
(
contextRoot="/jaxws-securityDomain",
- urlPattern="/*",
+ urlPattern="/authz",
authMethod = AuthMethod.BASIC,
transportGuarantee = TransportGuarantee.NONE,
secureWSDLAccess = false
)
-@SecurityDomain("JBossWS")
-@RolesAllowed("friend")
+@DeclareRoles({"friend", "royal"})
+@SecurityDomain("JBossWSSecurityDomainTest")
public class SecureEndpointImpl
{
// Provide logging
private static Logger log = Logger.getLogger(SecureEndpointImpl.class);
+ @PermitAll
@WebMethod
+ public String echoForAll(String input)
+ {
+ log.info(input);
+ return input;
+ }
+
+ @RolesAllowed("friend")
+ @WebMethod
public String echo(String input)
{
log.info(input);
return input;
}
+
+ @RolesAllowed("royal")
+ @WebMethod
+ public String restrictedEcho(String input)
+ {
+ log.info(input);
+ return input;
+ }
}
Modified:
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecurityDomainTestCase.java
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecurityDomainTestCase.java 2012-10-16
18:37:47 UTC (rev 16917)
+++
shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/samples/securityDomain/SecurityDomainTestCase.java 2012-10-18
16:36:30 UTC (rev 16918)
@@ -1,6 +1,6 @@
/*
* JBoss, Home of Professional Open Source.
- * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * Copyright 2012, Red Hat Middleware LLC, and individual contributors
* as indicated by the @author tags. See the copyright.txt file in the
* distribution for a full listing of individual contributors.
*
@@ -22,12 +22,12 @@
package org.jboss.test.ws.jaxws.samples.securityDomain;
import java.net.URL;
+import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
-import javax.xml.ws.WebServiceException;
import junit.framework.Test;
@@ -35,53 +35,134 @@
import org.jboss.wsf.test.JBossWSTestSetup;
/**
- * Secure endpoint using
+ * Test secure EJB3 endpoints using @SecurityDomain and @RolesAllowed, @DeclaredRoles
annotations.
*
- * @SecurityDomain
+ * The security domain the application is associated with comes with a
UsersRolesLoginModule and has the following users:
*
+ * username password roles
+ * --------- ----------- -----------------
+ * bob foo user
+ * john bar user,friend
+ * kate theprincess user,friend,royal
+ *
+ *
* @author alessio.soldano(a)jboss.com
* @author <a href="mailto:richard.opalka@jboss.org">Richard
Opalka</a>
*/
public class SecurityDomainTestCase extends JBossWSTest
{
- public final String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-securityDomain";
+ public final String TARGET_ENDPOINT_ADDRESS = "http://" + getServerHost() +
":8080/jaxws-securityDomain/authz";
public static Test suite()
{
- return new JBossWSTestSetup(SecurityDomainTestCase.class,
"jaxws-samples-securityDomain.jar", true);
+ JBossWSTestSetup testSetup = new JBossWSTestSetup(SecurityDomainTestCase.class,
"jaxws-samples-securityDomain.jar");
+ Map<String, String> authenticationOptions = new HashMap<String,
String>();
+ authenticationOptions.put("usersProperties",
+
getResourceFile("jaxws/samples/securityDomain/jbossws-users.properties").getAbsolutePath());
+ authenticationOptions.put("rolesProperties",
+
getResourceFile("jaxws/samples/securityDomain/jbossws-roles.properties").getAbsolutePath());
+ testSetup.addSecurityDomainRequirement("JBossWSSecurityDomainTest",
authenticationOptions);
+ return testSetup;
}
- private SecureEndpoint getPort() throws Exception
+ private SecureEndpoint getAuthzPort() throws Exception
{
URL wsdlURL = new URL(TARGET_ENDPOINT_ADDRESS + "?wsdl");
QName serviceName = new QName("http://org.jboss.ws/securityDomain",
"SecureEndpointService");
- SecureEndpoint port = Service.create(wsdlURL,
serviceName).getPort(SecureEndpoint.class);
- return port;
+ return Service.create(wsdlURL, serviceName).getPort(SecureEndpoint.class);
}
- public void testNegative() throws Exception
+ public void testAuthorizedAccess() throws Exception
{
- SecureEndpoint port = getPort();
- try
- {
+ SecureEndpoint port = getAuthzPort();
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"john");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"bar");
+ assertEquals("Hello", port.echoForAll("Hello"));
+ assertEquals("Hello", port.echo("Hello"));
+
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"kate");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"theprincess");
+ assertEquals("Greetings", port.echoForAll("Greetings"));
+ assertEquals("Greetings", port.echo("Greetings"));
+ assertEquals("Greetings", port.restrictedEcho("Greetings"));
+ }
+
+ public void testUndeclaredRole() throws Exception
+ {
+ SecureEndpoint port = getAuthzPort();
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"bob");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"foo");
+ try {
+ port.echoForAll("Hello");
+ fail("Authorization exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("403: Forbidden"));
+ }
+ try {
port.echo("Hello");
- fail("Expected: Invalid HTTP server response [401] - Unauthorized");
+ fail("Authorization exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("403: Forbidden"));
}
- catch (WebServiceException ex)
- {
- // all good
+ try {
+ port.restrictedEcho("Hello");
+ fail("Authorization exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("403: Forbidden"));
}
}
-
- public void testPositive() throws Exception
+
+ public void testUnauthenticated() throws Exception
{
- SecureEndpoint port = getPort();
-
- Map<String, Object> reqContext =
((BindingProvider)port).getRequestContext();
- reqContext.put(BindingProvider.USERNAME_PROPERTY, "kermit");
- reqContext.put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
-
- String retObj = port.echo("Hello");
- assertEquals("Hello", retObj);
+ SecureEndpoint port = getAuthzPort();
+
+ try {
+ port.echoForAll("Hello");
+ fail("Authentication exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("401: Unauthorized"));
+ }
+
+ try {
+ port.echo("Hello");
+ fail("Authentication exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("401: Unauthorized"));
+ }
+
+ try {
+ port.restrictedEcho("Hello");
+ fail("Authentication exception expected!");
+ } catch (Exception e) {
+ //expected web layer exception
+ assertTrue(e.getMessage().contains("Could not send Message"));
+ assertTrue(e.getCause().getMessage().contains("401: Unauthorized"));
+ }
}
+
+ public void testUnauthorized() throws Exception
+ {
+ SecureEndpoint port = getAuthzPort();
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"john");
+ ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"bar");
+ try {
+ port.restrictedEcho("Hello");
+ fail("Authorization exception expected!");
+ } catch (Exception e) {
+ //expected EJB3 layer authorization exception
+ assertTrue(e.getMessage().contains("not allowed"));
+ }
+ }
+
}
Added:
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-roles.properties
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-roles.properties
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-roles.properties 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,4 @@
+# A sample roles.properties file for use with the UsersRolesLoginModule
+bob=user
+john=user,friend
+kate=user,friend,royal
\ No newline at end of file
Added:
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
===================================================================
---
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
(rev 0)
+++
shared-testsuite/trunk/testsuite/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties 2012-10-18
16:36:30 UTC (rev 16918)
@@ -0,0 +1,4 @@
+# A sample users.properties file for use with the UsersRolesLoginModule
+bob=foo
+john=bar
+kate=theprincess
\ No newline at end of file