[jboss-cvs] JBossAS SVN: r88424 - in branches/JBPAPP_4_2_0_GA_CP/ejb3: src/main/org/jboss/ejb3/security and 8 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri May 8 08:00:24 EDT 2009
Author: wolfc
Date: 2009-05-08 08:00:24 -0400 (Fri, 08 May 2009)
New Revision: 88424
Added:
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/META-INF/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/META-INF/jboss.xml
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/roles.properties
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/users.properties
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/AnonymousMDB.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/ReplierMDB.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/RunAsRootMDB.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmI.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmIBean.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/unit/
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/unit/CallerPrincipalTestCase.java
Modified:
branches/JBPAPP_4_2_0_GA_CP/ejb3/build-test.xml
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptor.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/SecurityActions.java
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml
branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/common/EJB3TestCase.java
Log:
JBPAPP-1951: establish a security context with a MDB
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/build-test.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/build-test.xml 2009-05-08 11:44:20 UTC (rev 88423)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/build-test.xml 2009-05-08 12:00:24 UTC (rev 88424)
@@ -2167,6 +2167,16 @@
<build-simple-jar name="jbpapp1224"/>
</target>
+ <target name="jbpapp1951" depends="compile-classes">
+ <mkdir dir="${build.lib}"/>
+ <jar jarfile="${build.lib}/jbpapp1951.jar">
+ <fileset dir="${build.classes}">
+ <include name="org/jboss/ejb3/test/jbpapp1951/*.class"/>
+ </fileset>
+ <fileset dir="${resources}/test/jbpapp1951"/>
+ </jar>
+ </target>
+
<target name="jaxws"
description="Builds a simple jar."
depends="compile-classes">
@@ -3865,6 +3875,7 @@
jbpapp999,
jbpapp1186,
jbpapp1224,
+ jbpapp1951,
jbas4489, epcpropagation, jaccpropagation,
aspectdomain, ejbcontext, schema, mail, scopedclassloader, dependency, jaxws,
pkg, securitydomain, enventry, externalpersistenceunit,
@@ -4509,6 +4520,9 @@
<antcall target="test" inheritRefs="true">
<param name="test" value="jbpapp1224"/>
</antcall>
+ <antcall target="test" inheritRefs="true">
+ <param name="test" value="jbpapp1951"/>
+ </antcall>
</target>
<target name="entity-tests" depends="init" description="Execute all tests">
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptor.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptor.java 2009-05-08 11:44:20 UTC (rev 88423)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptor.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -22,21 +22,20 @@
package org.jboss.ejb3.security;
import java.security.GeneralSecurityException;
-import java.security.Principal;
+import java.security.Principal;
import javax.ejb.EJBAccessException;
+import javax.security.auth.Subject;
-import org.jboss.ejb3.Container;
-import org.jboss.ejb3.EJBContainer;
-import org.jboss.logging.Logger;
-
import org.jboss.annotation.security.SecurityDomain;
import org.jboss.aop.joinpoint.MethodInvocation;
-
import org.jboss.aspects.security.AuthenticationInterceptor;
import org.jboss.aspects.security.SecurityContext;
+import org.jboss.ejb3.Container;
+import org.jboss.ejb3.EJBContainer;
+import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
-import org.jboss.security.RealmMapping;
+import org.jboss.security.RealmMapping;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SecurityRolesAssociation;
import org.jboss.security.SimplePrincipal;
@@ -70,6 +69,11 @@
throw eae;
}
+ private static boolean hasRunAsIdentity()
+ {
+ return SecurityActions.peekRunAsIdentity() != null;
+ }
+
public Object invoke(org.jboss.aop.joinpoint.Invocation invocation) throws Throwable
{
MethodInvocation mi = (MethodInvocation)invocation;
@@ -80,17 +84,38 @@
Principal principal = (Principal)invocation.getMetaData("security", "principal");
if (principal == null)
principal = SecurityAssociation.getPrincipal();
-
- if (principal == null)
+
+ // JBPAPP-1951: if we are the unauthenticated principal, then no authentication is needed
+ Principal unauthenticatedPrincipal = new SimplePrincipal(domain.unauthenticatedPrincipal());
+ if (principal == null || principal.equals(unauthenticatedPrincipal))
{
- invocation.getMetaData().addMetaData("security", "principal", new SimplePrincipal(domain.unauthenticatedPrincipal()));
+ if(principal == null)
+ {
+ principal = unauthenticatedPrincipal;
+ invocation.getMetaData().addMetaData("security", "principal", principal);
+ }
Object oldDomain = SecurityContext.getCurrentDomain().get();
-
try
{
SecurityContext.getCurrentDomain().set(authenticationManager);
- return invocation.invokeNext();
+
+ // JBPAPP-1951: we must establish a security context
+
+ Object credential = null;
+ Subject subject = null;
+ // JBPAPP-1951: this is just crock, run-as-identity is a mess in the security framework
+ //if(!hasRunAsIdentity())
+ SecurityActions.pushSubjectContext(principal, credential, subject);
+ try
+ {
+ return invocation.invokeNext();
+ }
+ finally
+ {
+ //if(!hasRunAsIdentity())
+ SecurityActions.popSubjectContext();
+ }
}
finally
{
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/SecurityActions.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/SecurityActions.java 2009-05-08 11:44:20 UTC (rev 88423)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/SecurityActions.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -27,10 +27,11 @@
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
-
+
import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityAssociation;
@@ -216,6 +217,25 @@
}
}
+ static void popSubjectContext()
+ {
+ privileged(new PrivilegedAction<Void>() {
+ public Void run()
+ {
+ SecurityAssociation.popSubjectContext();
+ return null;
+ }
+ });
+ }
+
+ private static <T> T privileged(PrivilegedAction<T> action)
+ {
+ if(System.getSecurityManager() == null)
+ return action.run();
+ else
+ return AccessController.doPrivileged(action);
+ }
+
static void pushRunAsIdentity(RunAsIdentity principal)
{
if(System.getSecurityManager() == null)
@@ -228,6 +248,17 @@
}
}
+ static void pushSubjectContext(final Principal principal, final Object credential, final Subject subject)
+ {
+ privileged(new PrivilegedAction<Void>() {
+ public Void run()
+ {
+ SecurityAssociation.pushSubjectContext(subject, principal, credential);
+ return null;
+ }
+ });
+ }
+
static RunAsIdentity popRunAsIdentity()
{
if(System.getSecurityManager() == null)
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml 2009-05-08 11:44:20 UTC (rev 88423)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml 2009-05-08 12:00:24 UTC (rev 88424)
@@ -281,6 +281,10 @@
</domain>
<domain name="Message Driven Bean">
+ <bind pointcut="execution(public * *->*(..))">
+ <!-- JBPAPP-1951: establish a security context -->
+ <interceptor-ref name="org.jboss.ejb3.security.AuthenticationInterceptorFactory"/>
+ </bind>
<bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
<interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
</bind>
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/META-INF/jboss.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/META-INF/jboss.xml (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/META-INF/jboss.xml 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss
+ xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://www.jboss.org/j2ee/schema/jboss_5_0.xsd"
+ version="3.0">
+ <security-domain>java:/jaas/other</security-domain>
+ <unauthenticated-principal>anonymous</unauthenticated-principal>
+</jboss>
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/roles.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/roles.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/roles.properties 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1 @@
+somebody=allowed
\ No newline at end of file
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/users.properties
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/users.properties (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/test/jbpapp1951/users.properties 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1 @@
+somebody=password
Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/common/EJB3TestCase.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/common/EJB3TestCase.java 2009-05-08 11:44:20 UTC (rev 88423)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/common/EJB3TestCase.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -21,6 +21,9 @@
*/
package org.jboss.ejb3.test.common;
+import javax.jms.QueueConnectionFactory;
+import javax.naming.NamingException;
+
import org.jboss.test.JBossTestCase;
/**
@@ -34,6 +37,18 @@
super(name);
}
+ protected QueueConnectionFactory getQueueConnectionFactory() throws Exception
+ {
+ try
+ {
+ return (QueueConnectionFactory) getInitialContext().lookup("ConnectionFactory");
+ }
+ catch (NamingException e)
+ {
+ return (QueueConnectionFactory) getInitialContext().lookup("java:/ConnectionFactory");
+ }
+ }
+
protected <T> T lookup(String name, Class<T> expectedType) throws Exception
{
return expectedType.cast(getInitialContext().lookup(name));
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/AnonymousMDB.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/AnonymousMDB.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/AnonymousMDB.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951;
+
+import javax.ejb.ActivationConfigProperty;
+import javax.ejb.MessageDriven;
+
+/**
+ * Case #287560
+ *
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+ at MessageDriven(activationConfig = {
+ @ActivationConfigProperty(propertyName = "destination", propertyValue = "queue/Anonymous"),
+ @ActivationConfigProperty(propertyName = "destinationType", propertyValue = "javax.jms.Queue")
+ })
+public class AnonymousMDB extends ReplierMDB
+{
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/ReplierMDB.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/ReplierMDB.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/ReplierMDB.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,136 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951;
+
+import java.io.Serializable;
+
+import javax.annotation.PostConstruct;
+import javax.annotation.PreDestroy;
+import javax.annotation.Resource;
+import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
+import javax.ejb.MessageDrivenContext;
+import javax.jms.Destination;
+import javax.jms.JMSException;
+import javax.jms.Message;
+import javax.jms.MessageListener;
+import javax.jms.QueueConnection;
+import javax.jms.QueueConnectionFactory;
+import javax.jms.QueueSender;
+import javax.jms.QueueSession;
+import javax.jms.TextMessage;
+
+import org.jboss.logging.Logger;
+
+/**
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+public class ReplierMDB implements MessageListener
+{
+ private static final Logger log = Logger.getLogger(ReplierMDB.class);
+
+ @Resource
+ private MessageDrivenContext ctx;
+
+ @Resource(mappedName="java:/ConnectionFactory")
+ private QueueConnectionFactory factory;
+
+ private QueueConnection connection;
+ private QueueSession session;
+ private QueueSender sender;
+
+ @EJB
+ private WhoAmI bean;
+
+ public void onMessage(Message message)
+ {
+ log.info("callerPrincipal = " + ctx.getCallerPrincipal());
+ boolean isCallerInRoleRoot;
+ try
+ {
+ isCallerInRoleRoot = bean.isCallerInRoleRoot();
+ }
+ catch(EJBAccessException e)
+ {
+ log.info("not allowed " + e.getMessage());
+ isCallerInRoleRoot = false;
+ }
+ log.info("isCallerInRoleRoot = " + isCallerInRoleRoot);
+ try
+ {
+ String text = ((TextMessage) message).getText();
+
+ try
+ {
+ sendReply(message.getJMSReplyTo(), bean.getCallerPrincipal().getName() + ": " + text + ": " + bean.isCallerInRole("root"));
+ }
+ catch(Exception e)
+ {
+ sendReply(message.getJMSReplyTo(), e);
+ }
+ }
+ catch(JMSException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ protected void sendReply(Destination destination, Serializable obj) throws JMSException
+ {
+ Message message = session.createObjectMessage(obj);
+ sender.send(destination, message);
+ }
+
+ @PostConstruct
+ public void postConstruct()
+ {
+ try
+ {
+ connection = factory.createQueueConnection();
+ session = connection.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
+ sender = session.createSender(null);
+ }
+ catch(JMSException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ @PreDestroy
+ public void preDestroy()
+ {
+ try
+ {
+ if(sender != null)
+ sender.close();
+ if(session != null)
+ session.close();
+ if(connection != null)
+ connection.close();
+ }
+ catch(JMSException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/RunAsRootMDB.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/RunAsRootMDB.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/RunAsRootMDB.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,51 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951;
+
+import javax.annotation.security.RunAs;
+import javax.ejb.ActivationConfigProperty;
+import javax.ejb.MessageDriven;
+import javax.jms.Message;
+
+import org.jboss.annotation.security.RunAsPrincipal;
+
+/**
+ * Case #287560
+ *
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+ at MessageDriven(activationConfig = {
+ @ActivationConfigProperty(propertyName = "destination", propertyValue = "queue/RunAsRoot"),
+ @ActivationConfigProperty(propertyName = "destinationType", propertyValue = "javax.jms.Queue")
+ })
+ at RunAsPrincipal("root-principal")
+ at RunAs("root")
+public class RunAsRootMDB extends ReplierMDB
+{
+ @Override
+ public void onMessage(Message message)
+ {
+ // TODO Auto-generated method stub
+ super.onMessage(message);
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmI.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmI.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmI.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951;
+
+import java.security.Principal;
+
+/**
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+public interface WhoAmI
+{
+ Principal getCallerPrincipal();
+
+ boolean isCallerInRole(String roleName);
+
+ boolean isCallerInRoleRoot();
+}
+
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmIBean.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmIBean.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/WhoAmIBean.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,64 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951;
+
+import java.security.Principal;
+
+import javax.annotation.Resource;
+import javax.annotation.security.RolesAllowed;
+import javax.annotation.security.RunAs;
+import javax.ejb.SessionContext;
+import javax.ejb.Stateless;
+
+import org.jboss.logging.Logger;
+
+/**
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+ at Stateless
+// FIXME: this should not be needed
+ at RunAs("broken")
+public class WhoAmIBean implements WhoAmI
+{
+ private static Logger log = Logger.getLogger(WhoAmIBean.class);
+
+ @Resource
+ private SessionContext ctx;
+
+ public Principal getCallerPrincipal()
+ {
+ log.info("callerPrincipal = " + ctx.getCallerPrincipal());
+ return ctx.getCallerPrincipal();
+ }
+
+ public boolean isCallerInRole(String roleName)
+ {
+ return ctx.isCallerInRole(roleName);
+ }
+
+ @RolesAllowed("root")
+ public boolean isCallerInRoleRoot()
+ {
+ return ctx.isCallerInRole("root");
+ }
+}
Added: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/unit/CallerPrincipalTestCase.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/unit/CallerPrincipalTestCase.java (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/test/org/jboss/ejb3/test/jbpapp1951/unit/CallerPrincipalTestCase.java 2009-05-08 12:00:24 UTC (rev 88424)
@@ -0,0 +1,120 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2009, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.ejb3.test.jbpapp1951.unit;
+
+import java.io.Serializable;
+
+import javax.jms.DeliveryMode;
+import javax.jms.Message;
+import javax.jms.ObjectMessage;
+import javax.jms.Queue;
+import javax.jms.QueueConnection;
+import javax.jms.QueueConnectionFactory;
+import javax.jms.QueueReceiver;
+import javax.jms.QueueSender;
+import javax.jms.QueueSession;
+import javax.jms.TemporaryQueue;
+import javax.jms.TextMessage;
+
+import junit.framework.Test;
+
+import org.jboss.ejb3.test.common.EJB3TestCase;
+
+/**
+ * Case #287560
+ *
+ * @author <a href="mailto:cdewolf at redhat.com">Carlo de Wolf</a>
+ * @version $Revision: $
+ */
+public class CallerPrincipalTestCase extends EJB3TestCase
+{
+ public CallerPrincipalTestCase(String name)
+ {
+ super(name);
+ }
+
+ public String sendMessage(String queueName, String text) throws Exception
+ {
+ Queue queue = lookup("queue/" + queueName, Queue.class);
+ QueueConnectionFactory factory = getQueueConnectionFactory();
+ QueueConnection conn = factory.createQueueConnection();
+ try
+ {
+ QueueSession session = conn.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
+ TemporaryQueue replyQueue = session.createTemporaryQueue();
+ QueueReceiver receiver = session.createReceiver(replyQueue);
+ QueueSender sender = session.createSender(queue);
+ conn.start();
+ try
+ {
+ TextMessage msg = session.createTextMessage(text);
+ msg.setJMSReplyTo(replyQueue);
+ msg.setJMSDeliveryMode(DeliveryMode.NON_PERSISTENT);
+ msg.setIntProperty("JMS_JBOSS_REDELIVERY_LIMIT", 1);
+
+ sender.send(msg);
+
+ Message reply = receiver.receive(5000);
+ assertNotNull(reply);
+
+ Serializable obj = ((ObjectMessage) reply).getObject();
+ if(obj instanceof String)
+ {
+ String result = (String) obj;
+ return result;
+ }
+ else if(obj instanceof Exception)
+ throw (Exception) obj;
+ else
+ throw new IllegalArgumentException(obj.toString());
+ }
+ finally
+ {
+ conn.stop();
+ sender.close();
+ receiver.close();
+ session.close();
+ }
+ }
+ finally
+ {
+ conn.close();
+ }
+ }
+
+ public void testAnonymous() throws Exception
+ {
+ String result = sendMessage("Anonymous", "Knock knock");
+ assertEquals("anonymous: Knock knock: false", result);
+ }
+
+ public void testRunAsRoot() throws Exception
+ {
+ String result = sendMessage("RunAsRoot", "Who's there?");
+ assertEquals("root-principal: Who's there?: true", result);
+ }
+
+ public static Test suite() throws Exception
+ {
+ return getDeploySetup(CallerPrincipalTestCase.class, "jbpapp1951.jar");
+ }
+}
More information about the jboss-cvs-commits
mailing list