[jboss-cvs] JBossAS SVN: r96943 - in projects/ejb3/trunk: testsuite/src/test/java/org/jboss/ejb3/test and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Nov 25 05:55:59 EST 2009
Author: jaikiran
Date: 2009-11-25 05:55:59 -0500 (Wed, 25 Nov 2009)
New Revision: 96943
Added:
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/CallerPrincipalNotAvailableException.java
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/SessionBeanWithoutSecurityDomain.java
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/UserManagerRemote.java
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/unit/
projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/unit/CallerPrincipalTestCase.java
Modified:
projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java
Log:
EJBTHREE-1962 Fixed the NPE in EJBContextHelper when a call to SessionContext.getCallerPrincipal was made in the absence of a security domain
Modified: projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java
===================================================================
--- projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java 2009-11-25 10:36:03 UTC (rev 96942)
+++ projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java 2009-11-25 10:55:59 UTC (rev 96943)
@@ -64,42 +64,44 @@
Principal callerPrincipal = null;
- if(sc == null)
+ // if we have the security context, then try to
+ // get the caller principal out of that
+ if (sc != null)
{
- String unauth = domain.unauthenticatedPrincipal();
- if(unauth != null && unauth.length() > 0)
- if(domain.unauthenticatedPrincipal() != null)
- callerPrincipal = new SimplePrincipal(unauth);
- }
- else
- {
AbstractEJBAuthorizationHelper helper;
try
{
- helper = SecurityHelperFactory.getEJBAuthorizationHelper(sc);
+ helper = SecurityHelperFactory.getEJBAuthorizationHelper(sc);
helper.setPolicyRegistration(getPolicyRegistration());
}
catch (Exception e)
{
throw new RuntimeException(e);
}
- callerPrincipal = helper.getCallerPrincipal();
+ callerPrincipal = helper.getCallerPrincipal();
+
+ if (callerPrincipal == null)
+ {
+ //try the incoming principal
+ callerPrincipal = sc.getUtil().getUserPrincipal();
+ if (rm != null)
+ callerPrincipal = rm.getPrincipal(callerPrincipal);
+ }
}
-
- if(callerPrincipal == null)
+ // either security context was absent or
+ // could not get the caller principal from security context.
+ // So let's try the unauthenticated principal, if the domain
+ // is present
+ if (callerPrincipal == null)
{
- //try the incoming principal
- callerPrincipal = sc.getUtil().getUserPrincipal();
- if(rm != null)
- callerPrincipal = rm.getPrincipal(callerPrincipal);
- }
-
- if(callerPrincipal == null)
- {
- String unauth = domain.unauthenticatedPrincipal();
- if(unauth != null && unauth.length() > 0)
- if(domain.unauthenticatedPrincipal() != null)
- callerPrincipal = new SimplePrincipal(unauth);
+ if (domain != null)
+ {
+ String unauth = domain.unauthenticatedPrincipal();
+ if (unauth != null && unauth.length() > 0)
+ {
+ callerPrincipal = new SimplePrincipal(unauth);
+ }
+ }
}
return callerPrincipal;
}
Added: projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/CallerPrincipalNotAvailableException.java
===================================================================
--- projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/CallerPrincipalNotAvailableException.java (rev 0)
+++ projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/CallerPrincipalNotAvailableException.java 2009-11-25 10:55:59 UTC (rev 96943)
@@ -0,0 +1,40 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb3.test.ejbthree1962;
+
+import javax.ejb.ApplicationException;
+
+/**
+ * CallerPrincipalNotAvailableException
+ *
+ * @author Jaikiran Pai
+ * @version $Revision: $
+ */
+ at ApplicationException
+public class CallerPrincipalNotAvailableException extends Exception
+{
+
+ public CallerPrincipalNotAvailableException()
+ {
+ super ("Caller principal not associated in the current invocation");
+ }
+}
Added: projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/SessionBeanWithoutSecurityDomain.java
===================================================================
--- projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/SessionBeanWithoutSecurityDomain.java (rev 0)
+++ projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/SessionBeanWithoutSecurityDomain.java 2009-11-25 10:55:59 UTC (rev 96943)
@@ -0,0 +1,70 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb3.test.ejbthree1962;
+
+import java.security.Principal;
+
+import javax.annotation.Resource;
+import javax.ejb.ApplicationException;
+import javax.ejb.Remote;
+import javax.ejb.SessionContext;
+import javax.ejb.Stateless;
+
+import org.jboss.ejb3.annotation.RemoteBinding;
+
+/**
+ * SessionBeanWithoutSecurityDomain
+ *
+ * @author Jaikiran Pai
+ * @version $Revision: $
+ */
+ at Stateless
+ at Remote (UserManagerRemote.class)
+ at RemoteBinding (jndiBinding = SessionBeanWithoutSecurityDomain.JNDI_NAME)
+public class SessionBeanWithoutSecurityDomain implements UserManagerRemote
+{
+
+ public static final String JNDI_NAME = "ejbthree1962-slsb-without-security-domain";
+
+
+ @Resource
+ private SessionContext sessContext;
+
+ /**
+ * {@inheritDoc}
+ */
+ public Principal getCallerPrincipal() throws CallerPrincipalNotAvailableException
+ {
+ // as per the API, the getCallerPrincipal never returns null.
+ // if there is no principal associated then an IllegalStateException is thrown
+ try
+ {
+ return this.sessContext.getCallerPrincipal();
+ }
+ catch (IllegalStateException ise)
+ {
+ throw new CallerPrincipalNotAvailableException();
+ }
+
+ }
+
+}
Added: projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/UserManagerRemote.java
===================================================================
--- projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/UserManagerRemote.java (rev 0)
+++ projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/UserManagerRemote.java 2009-11-25 10:55:59 UTC (rev 96943)
@@ -0,0 +1,43 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb3.test.ejbthree1962;
+
+import java.security.Principal;
+
+import javax.ejb.SessionContext;
+
+/**
+ * UserManagerRemote
+ *
+ * @author Jaikiran Pai
+ * @version $Revision: $
+ */
+public interface UserManagerRemote
+{
+
+ /**
+ * Returns the principal name through a call to {@link SessionContext#getCallerPrincipal()}
+ * @return Returns the caller principal name
+ * @throws CallerPrincipalNotAvailableException If there is no caller principal associated
+ */
+ Principal getCallerPrincipal() throws CallerPrincipalNotAvailableException;
+}
Added: projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/unit/CallerPrincipalTestCase.java
===================================================================
--- projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/unit/CallerPrincipalTestCase.java (rev 0)
+++ projects/ejb3/trunk/testsuite/src/test/java/org/jboss/ejb3/test/ejbthree1962/unit/CallerPrincipalTestCase.java 2009-11-25 10:55:59 UTC (rev 96943)
@@ -0,0 +1,90 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb3.test.ejbthree1962.unit;
+
+import java.security.Principal;
+
+import javax.ejb.SessionContext;
+
+import junit.framework.Test;
+
+import org.jboss.ejb3.security.helpers.EJBContextHelper;
+import org.jboss.ejb3.test.ejbthree1962.CallerPrincipalNotAvailableException;
+import org.jboss.ejb3.test.ejbthree1962.SessionBeanWithoutSecurityDomain;
+import org.jboss.ejb3.test.ejbthree1962.UserManagerRemote;
+import org.jboss.test.JBossTestCase;
+
+/**
+ * CallerPrincipalTestCase
+ *
+ * Tests the fix for https://jira.jboss.org/jira/browse/EJBTHREE-1962
+ *
+ * A NullPointerException was being thrown from {@link EJBContextHelper}, on a call to {@link SessionContext#getCallerPrincipal()}
+ * when the bean was not configured with @SecurityDomain (or security-domain xml equivalent).
+ *
+ * @author Jaikiran Pai
+ * @version $Revision: $
+ */
+public class CallerPrincipalTestCase extends JBossTestCase
+{
+
+ /**
+ * @param name
+ */
+ public CallerPrincipalTestCase(String name)
+ {
+ super(name);
+ }
+
+ /**
+ *
+ * @return
+ * @throws Exception
+ */
+ public static Test suite() throws Exception
+ {
+ return getDeploySetup(CallerPrincipalTestCase.class, "ejbthree1962.jar");
+ }
+
+ /**
+ * Tests that in the absence of a @SecurityDomain (or security-domain xml equivalent)
+ * on a bean, the call to {@link SessionContext#getCallerPrincipal()} doesn't fail
+ * with a NullPointerException.
+ * @see https://jira.jboss.org/jira/browse/EJBTHREE-1962
+ * @throws Exception
+ */
+ public void testCallerPrincipalInAbsenceOfSecurityDomain() throws Exception
+ {
+ UserManagerRemote bean = (UserManagerRemote) this.getInitialContext().lookup(
+ SessionBeanWithoutSecurityDomain.JNDI_NAME);
+ try
+ {
+ Principal callerPrincipal = bean.getCallerPrincipal();
+ fail("Caller principal was *not* associated, but no CallerPrincipalNotAvailableException was thrown");
+ }
+ catch (CallerPrincipalNotAvailableException cpnae)
+ {
+ // expected, since when no caller principal is associated an IllegalStateException is thrown
+ }
+
+ }
+}
More information about the jboss-cvs-commits
mailing list