[jboss-cvs] JBossAS SVN: r68595 - in trunk: testsuite/src/main/org/jboss/test/jacc/test and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jan 2 19:06:18 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-01-02 19:06:18 -0500 (Wed, 02 Jan 2008)
New Revision: 68595
Added:
trunk/testsuite/src/main/org/jboss/test/jacc/test/EJBPermissionsValidationTestCase.java
trunk/testsuite/src/resources/security/jacc/ejbperm/
trunk/testsuite/src/resources/security/jacc/ejbperm/jacc_ejb_jar.xml
Modified:
trunk/server/src/main/org/jboss/ejb/EJBPermissionMapping.java
Log:
JBAS-5054: null methodparams array check for excluded methods also
Modified: trunk/server/src/main/org/jboss/ejb/EJBPermissionMapping.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EJBPermissionMapping.java 2008-01-02 22:53:21 UTC (rev 68594)
+++ trunk/server/src/main/org/jboss/ejb/EJBPermissionMapping.java 2008-01-03 00:06:18 UTC (rev 68595)
@@ -106,6 +106,8 @@
String[] params = {};
if(mmd.getMethodParams() != null)
params = mmd.getMethodParams().toArray(params);
+ else
+ params = null;
String methodName = mmd.getMethodName();
if( methodName != null && methodName.equals("*") )
methodName = null;
Added: trunk/testsuite/src/main/org/jboss/test/jacc/test/EJBPermissionsValidationTestCase.java
===================================================================
--- trunk/testsuite/src/main/org/jboss/test/jacc/test/EJBPermissionsValidationTestCase.java (rev 0)
+++ trunk/testsuite/src/main/org/jboss/test/jacc/test/EJBPermissionsValidationTestCase.java 2008-01-03 00:06:18 UTC (rev 68595)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.jacc.test;
+
+import java.io.InputStream;
+import java.net.URL;
+import java.security.Permissions;
+
+import javax.security.jacc.EJBMethodPermission;
+
+import org.jboss.ejb.EJBPermissionMapping;
+import org.jboss.metadata.ejb.jboss.JBoss50MetaData;
+import org.jboss.metadata.ejb.jboss.JBossEnterpriseBeansMetaData;
+import org.jboss.metadata.ejb.spec.EjbJar21MetaData;
+import org.jboss.test.JBossTestCase;
+import org.jboss.util.xml.JBossEntityResolver;
+import org.jboss.xb.binding.JBossXBException;
+import org.jboss.xb.binding.Unmarshaller;
+import org.jboss.xb.binding.UnmarshallerFactory;
+import org.jboss.xb.binding.sunday.unmarshalling.SchemaBinding;
+import org.jboss.xb.builder.JBossXBBuilder;
+
+//$Id$
+
+/**
+ * Validate the parsing of ejb-jar.xml and the creation of JACC Permissions
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since Dec 18, 2006
+ * @version $Revision$
+ */
+public class EJBPermissionsValidationTestCase extends JBossTestCase
+{
+ public EJBPermissionsValidationTestCase(String name)
+ {
+ super(name);
+ }
+
+ public EjbJar21MetaData getEJBMetaData(InputStream ejbJarXml)
+ throws JBossXBException
+ {
+ UnmarshallerFactory unmarshallerFactory = UnmarshallerFactory.newInstance();
+ Unmarshaller unmarshaller = unmarshallerFactory.newUnmarshaller();
+ SchemaBinding schema = JBossXBBuilder.build(EjbJar21MetaData.class);
+ JBossEntityResolver entityResolver = new JBossEntityResolver();
+ unmarshaller.setEntityResolver(entityResolver);
+
+ return (EjbJar21MetaData) unmarshaller.unmarshal(ejbJarXml, schema);
+ }
+
+ public void testEJBPermissions() throws Exception
+ {
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ URL ejbxml = cl.getResource("security/jacc/ejbperm/jacc_ejb_jar.xml");
+ assertNotNull("ejb-jar.xml exists?", ejbxml);
+ EjbJar21MetaData emd = getEJBMetaData(ejbxml.openStream());
+
+ JBoss50MetaData jmd = new JBoss50MetaData();
+ jmd.merge(null, emd);
+ TestJBossPolicyConfiguration tpc = new TestJBossPolicyConfiguration("dummy");
+
+ JBossEnterpriseBeansMetaData jes = jmd.getEnterpriseBeans();
+ assertEquals(jes.size(), 2);
+ EJBPermissionMapping.createPermissions(jes.get("JACCSession"), tpc);
+ EJBPermissionMapping.createPermissions(jes.get("JACCEntity"), tpc);
+
+ checkUncheckedPermissions(tpc.getUncheckedPolicy());
+ checkExcludedPermissions(tpc.getExcludedPolicy());
+ checkAddToRoleForAdministrator(tpc.getPermissionsForRole("Administrator"));
+ checkAddToRoleForEmployee(tpc.getPermissionsForRole("Employee"));
+ }
+
+
+ private void checkUncheckedPermissions(Permissions p)
+ {
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "findByPrimaryKey,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "create,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getEJBMetaData,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "remove,Home,java.lang.Object")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "remove,Home,javax.ejb.Handle")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getHomeHandle,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getPrimaryKey,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getEJBHome,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getArg2,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "accessJACCSession_getCallerName,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "remove,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "isIdentical,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getHandle,Remote")));
+
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "create,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "remove,Home,java.lang.Object")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "remove,Home,javax.ejb.Handle")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getEJBMetaData,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getHomeHandle,Home")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getEJBHome,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getPrimaryKey,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "remove,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "isIdentical,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getCallerName,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getHandle,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getArg2,Remote")));
+ }
+
+ private void checkExcludedPermissions(Permissions p)
+ {
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getArg3,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getArg3,Remote")));
+ }
+
+ private void checkAddToRoleForAdministrator(Permissions p)
+ {
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getArg1,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getArg1,Remote")));
+ }
+
+ private void checkAddToRoleForEmployee(Permissions p)
+ {
+ assertTrue(p.implies(new EJBMethodPermission("JACCSession", "getArg1,Remote")));
+ assertTrue(p.implies(new EJBMethodPermission("JACCEntity", "getArg1,Remote")));
+ }
+}
Added: trunk/testsuite/src/resources/security/jacc/ejbperm/jacc_ejb_jar.xml
===================================================================
--- trunk/testsuite/src/resources/security/jacc/ejbperm/jacc_ejb_jar.xml (rev 0)
+++ trunk/testsuite/src/resources/security/jacc/ejbperm/jacc_ejb_jar.xml 2008-01-03 00:06:18 UTC (rev 68595)
@@ -0,0 +1,336 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ejb-jar version="2.1" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/ejb-jar_2_1.xsd">
+ <display-name>Ejb10</display-name>
+ <enterprise-beans>
+ <entity>
+ <ejb-name>JACCEntity</ejb-name>
+ <home>JACCEntityHome</home>
+ <remote>JACCEntity</remote>
+ <ejb-class>JACCEntityBean</ejb-class>
+ <persistence-type>Container</persistence-type>
+ <prim-key-class>JACCEntityKey</prim-key-class>
+ <reentrant>false</reentrant>
+ <cmp-version>2.x</cmp-version>
+ <abstract-schema-name>JACCEntity</abstract-schema-name>
+ <cmp-field>
+ <field-name>arg1</field-name>
+ </cmp-field>
+ <cmp-field>
+ <field-name>arg2</field-name>
+ </cmp-field>
+ <cmp-field>
+ <field-name>arg3</field-name>
+ </cmp-field>
+ <security-role-ref>
+ <role-name>ADMIN</role-name>
+ <role-link>Administrator</role-link>
+ </security-role-ref>
+ <security-role-ref>
+ <role-name>EMP</role-name>
+ <role-link>Employee</role-link>
+ </security-role-ref>
+ <security-identity>
+ <use-caller-identity/>
+ </security-identity>
+ </entity>
+ <session>
+ <ejb-name>JACCSession</ejb-name>
+ <home>JACCSessionHome</home>
+ <remote>JACCSession</remote>
+ <ejb-class>JACCSessionBean</ejb-class>
+ <session-type>Stateful</session-type>
+ <transaction-type>Container</transaction-type>
+ <security-role-ref>
+ <role-name>ADMIN</role-name>
+ <role-link>Administrator</role-link>
+ </security-role-ref>
+ <security-role-ref>
+ <role-name>EMP</role-name>
+ <role-link>Employee</role-link>
+ </security-role-ref>
+ <security-identity>
+ <use-caller-identity/>
+ </security-identity>
+ </session>
+ </enterprise-beans>
+ <assembly-descriptor>
+ <security-role>
+ <role-name>Administrator</role-name>
+ </security-role>
+ <security-role>
+ <role-name>Employee</role-name>
+ </security-role>
+ <method-permission>
+ <unchecked></unchecked>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>findByPrimaryKey</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getPrimaryKey</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>getEJBMetaData</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getEJBHome</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg2</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>create</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>accessJACCSession_getCallerName</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>remove</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>remove</method-name>
+ <method-params>
+ <method-param>java.lang.Object</method-param>
+ </method-params>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>remove</method-name>
+ <method-params>
+ <method-param>javax.ejb.Handle</method-param>
+ </method-params>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>getHomeHandle</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getHandle</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>isIdentical</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getPrimaryKey</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getEJBHome</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>remove</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>remove</method-name>
+ <method-params>
+ <method-param>java.lang.Object</method-param>
+ </method-params>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>remove</method-name>
+ <method-params>
+ <method-param>javax.ejb.Handle</method-param>
+ </method-params>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>isIdentical</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>getEJBMetaData</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>getHomeHandle</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>create</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getHandle</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg2</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getCallerName</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <role-name>Employee</role-name>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg1</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <role-name>Administrator</role-name>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg1</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <role-name>Employee</role-name>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg1</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
+ <role-name>Administrator</role-name>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg1</method-name>
+ </method>
+ </method-permission>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Home</method-intf>
+ <method-name>create</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>accessJACCSession_getCallerName</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-name>getArg3</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-name>getArg2</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-name>findByPrimaryKey</method-name>
+ <method-params>
+ <method-param>JACCEntityKey</method-param>
+ </method-params>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-name>getArg1</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-name>create</method-name>
+ <method-params>
+ <method-param>java.lang.String</method-param>
+ <method-param>int</method-param>
+ <method-param>long</method-param>
+ </method-params>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-name>getArg3</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-name>getArg2</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-name>getArg1</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <container-transaction>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getCallerName</method-name>
+ </method>
+ <trans-attribute>Required</trans-attribute>
+ </container-transaction>
+ <exclude-list>
+ <method>
+ <ejb-name>JACCEntity</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg3</method-name>
+ </method>
+ <method>
+ <ejb-name>JACCSession</ejb-name>
+ <method-intf>Remote</method-intf>
+ <method-name>getArg3</method-name>
+ </method>
+ </exclude-list>
+ </assembly-descriptor>
+</ejb-jar>
More information about the jboss-cvs-commits
mailing list