Seam SVN: r10638 - in branches/community/Seam_2_1/examples/restbay: src/org/jboss/seam/example/restbay/resteasy and 1 other directories.
7:08 p.m.
Author: jharting
Date: 2009-04-24 20:08:12 -0400 (Fri, 24 Apr 2009)
New Revision: 10638
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
Modified:
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
Log:
security test for restbay example
Modified: branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
===================================================================
---
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-04-24
23:28:28 UTC (rev 10637)
+++
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-04-25
00:08:12 UTC (rev 10638)
@@ -13,9 +13,9 @@
"http://jboss.com/products/seam/core
http://jboss.com/products/seam/core-2.1.xsd
http://jboss.com/products/seam/persistence
http://jboss.com/products/seam/persistence-2.1.xsd
http://jboss.com/products/seam/components
http://jboss.com/products/seam/components-2.1.xsd
- http://jboss.com/products/seam/security
http://jboss.com/products/seam/security-2.1.xsd
http://jboss.com/products/seam/async
http://jboss.com/products/seam/async-2.1.xsd
http://jboss.com/products/seam/web
http://jboss.com/products/seam/web-2.1.xsd
+ http://jboss.com/products/seam/security
http://jboss.com/products/seam/security-2.1.xsd
http://jboss.com/products/seam/resteasy
http://jboss.com/products/seam/resteasy-2.1.xsd
http://jboss.com/products/seam/framework
http://jboss.com/products/seam/framework-2.1.xsd
http://jboss.com/products/seam/drools
http://jboss.com/products/seam/drools-2.1.xsd">
@@ -48,5 +48,10 @@
<resteasy:resource-query path="/configuredCategory"
name="configuredCategoryResourceQuery"
entity-class="org.jboss.seam.example.restbay.Category"
media-types="application/xml
application/json"/>
+
+ <web:authentication-filter url-pattern="/seam/resource/restv1/secured/*"
+ auth-type="basic" realm="Seam RestBay Application" />
+
+ <security:identity authenticate-method="#{authenticator.authenticate}"
/>
</components>
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
===================================================================
---
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
(rev 0)
+++
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java 2009-04-25
00:08:12 UTC (rev 10638)
@@ -0,0 +1,39 @@
+package org.jboss.seam.example.restbay.resteasy;
+
+
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Logger;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.log.Log;
+import org.jboss.seam.security.Credentials;
+import org.jboss.seam.security.Identity;
+
+@Name("authenticator")
+(a)Scope(ScopeType.EVENT)
+public class Authenticator
+{
+
+ @In
+ private Identity identity;
+ @In
+ private Credentials credentials;
+ @Logger
+ private Log log;
+
+ public boolean authenticate()
+ {
+ if (credentials.getUsername().equals(credentials.getPassword())) {
+ log.info("Authenticated {0}", credentials.getUsername());
+
+ if (credentials.getUsername().equals("admin")) {
+ identity.addRole("admin");
+ log.info("Admin rights granted for {0}",
credentials.getUsername());
+ }
+ return true;
+ } else {
+ return false;
+ }
+ }
+}
\ No newline at end of file
Property changes on:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
===================================================================
---
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
(rev 0)
+++
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java 2009-04-25
00:08:12 UTC (rev 10638)
@@ -0,0 +1,46 @@
+package org.jboss.seam.example.restbay.resteasy;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.security.Restrict;
+import org.jboss.seam.security.Identity;
+
+/**
+ *
+ * @author Jozef Hartinger
+ *
+ */
+
+@Path("/secured/resource")
+@Name("securedResource")
+@Produces("text/plain")
+public class SecuredResource
+{
+
+ @In
+ private Identity identity;
+
+ @GET
+ public String getHello()
+ {
+ return "Hello world!";
+ }
+
+ @GET
+ @Path("/admin")
+ public boolean isAdmin() {
+ return identity.hasRole("admin");
+ }
+
+ @GET
+ @Path("/restrictedAdmin")
+ @Restrict("#{s:hasRole('admin')}")
+ public boolean restrictedIsAdmin() {
+ return identity.hasRole("admin");
+ }
+
+}
Property changes on:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
===================================================================
---
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
(rev 0)
+++
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java 2009-04-25
00:08:12 UTC (rev 10638)
@@ -0,0 +1,108 @@
+package org.jboss.seam.example.restbay.test;
+
+import static org.testng.Assert.assertEquals;
+
+import org.jboss.seam.example.restbay.test.fwk.MockHttpServletRequest;
+import org.jboss.seam.example.restbay.test.fwk.MockHttpServletResponse;
+import org.jboss.seam.example.restbay.test.fwk.ResourceSeamTest;
+import org.testng.annotations.Test;
+
+/**
+ * This class tests RESTEasy integration with together with Seam Security
+ * @author Jozef Hartinger
+ *
+ */
+public class SecurityTest extends ResourceSeamTest
+{
+ @Test
+ public void basicAuthTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v");
// demo:demo
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response
code.");
+ assertEquals(response.getContentAsString(), "false",
"Unexpected response.");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void invalidCredentialsBasicAuthTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC ZGVtbzpvbWVk");
// demo:omed
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 403, "Unexpected response
code.");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void adminRoleTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC
YWRtaW46YWRtaW4="); // admin:admin
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response
code.");
+ assertEquals(response.getContentAsString(), "true");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void adminRoleTestWithRestriction() throws Exception
+ {
+ new ResourceRequest(Method.GET,
"/restv1/secured/resource/restrictedAdmin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC
YWRtaW46YWRtaW4="); // admin:admin
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response
code.");
+ assertEquals(response.getContentAsString(), "true");
+ }
+
+ }.run();
+ }
+
+}
Property changes on:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
===================================================================
---
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-04-24
23:28:28 UTC (rev 10637)
+++
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-04-25
00:08:12 UTC (rev 10638)
@@ -25,4 +25,10 @@
<class
name="org.jboss.seam.example.restbay.test.ResourceQueryTest"/>
</classes>
</test>
+
+ <!-- <test name="RestBay: Security">
+ <classes>
+ <class name="org.jboss.seam.example.restbay.test.SecurityTest"/>
+ </classes>
+ </test>-->
</suite>
\ No newline at end of file
6209
days inactive
6209
days old
0 comments
1 participants
participants (1)
-
seam-commits@lists.jboss.org