[jboss-cvs] JBossAS SVN: r114674 - in branches/JBPAPP_5/testsuite: src/main/org/jboss/test/security/test/mapping and 3 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jan 20 09:01:33 EST 2014
Author: simkam
Date: 2014-01-20 09:01:32 -0500 (Mon, 20 Jan 2014)
New Revision: 114674
Added:
branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/test/mapping/DeploymentRoleToRolesMappingTestCase.java
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/application.xml
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/ejb-jar.xml
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/jboss-app.xml
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/web.xml
branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml
Modified:
branches/JBPAPP_5/testsuite/imports/sections/securityspi.xml
Log:
[JBQA-8614] test for JBPAPP-10875 Backport Role Mapping Module for EAP5
Modified: branches/JBPAPP_5/testsuite/imports/sections/securityspi.xml
===================================================================
--- branches/JBPAPP_5/testsuite/imports/sections/securityspi.xml 2014-01-20 13:52:10 UTC (rev 114673)
+++ branches/JBPAPP_5/testsuite/imports/sections/securityspi.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -1,51 +1,85 @@
<project name="tests-security-spi-jars">
- <target name="_jars-security-spi">
- <mkdir dir="${build.lib}"/>
+ <target name="_jars-security-spi">
+ <mkdir dir="${build.lib}"/>
- <!--web-role-map.war -->
- <jar destfile="${build.lib}/web-role-map.war">
- <zipfileset prefix="WEB-INF" dir="${build.resources}/security-spi/rolemapping/web/WEB-INF">
- <include name="web.xml" />
- <include name="jboss-web.xml" />
- </zipfileset>
- <fileset dir="${build.resources}/security-spi/rolemapping/web">
- <include name="*html"/>
- <include name="*jsp"/>
- </fileset>
- </jar>
+ <!--web-role-map.war -->
+ <jar destfile="${build.lib}/web-role-map.war">
+ <zipfileset prefix="WEB-INF" dir="${build.resources}/security-spi/rolemapping/web/WEB-INF">
+ <include name="web.xml"/>
+ <include name="jboss-web.xml"/>
+ </zipfileset>
+ <fileset dir="${build.resources}/security-spi/rolemapping/web">
+ <include name="*html"/>
+ <include name="*jsp"/>
+ </fileset>
+ </jar>
- <!-- Build an ear to test deployment level role mapping -->
- <!-- EJB Jar-->
- <jar destfile="${build.lib}/deployment-rolemapping.jar">
- <fileset dir="${build.resources}/security-spi/deploymentlevel">
- <include name="META-INF/ejb-jar.xml"/>
- </fileset>
- <fileset dir="${build.resources}/security">
- <include name="users.properties"/>
- <include name="roles.properties"/>
- </fileset>
- <fileset dir="${build.classes}">
- <include name="org/jboss/test/security/ejb/UncheckedSession*"/>
- <include name="org/jboss/test/security/interfaces/Stateless*"/>
- </fileset>
- </jar>
- <!-- WAR file-->
- <war warfile="${build.lib}/deployment-rolemapping.war"
- webxml="${build.resources}/security-spi/deploymentlevel/META-INF/web.xml">
- <classes dir="${build.classes}">
- <include name="org/jboss/test/web/servlets/Req*"/>
- </classes>
- </war>
- <jar destfile="${build.lib}/deployment-rolemapping.ear">
- <zipfileset prefix="META-INF"
- dir="${build.resources}/security-spi/deploymentlevel/META-INF">
- <include name="application.xml" />
- <include name="jboss-app.xml" />
- </zipfileset>
- <fileset dir="${build.lib}">
- <include name="deployment-rolemapping.war"/>
- <include name="deployment-rolemapping.jar"/>
- </fileset>
- </jar>
- </target>
+ <!-- Build an ear to test deployment level role mapping -->
+ <!-- EJB Jar-->
+ <jar destfile="${build.lib}/deployment-rolemapping.jar">
+ <fileset dir="${build.resources}/security-spi/deploymentlevel">
+ <include name="META-INF/ejb-jar.xml"/>
+ </fileset>
+ <fileset dir="${build.resources}/security">
+ <include name="users.properties"/>
+ <include name="roles.properties"/>
+ </fileset>
+ <fileset dir="${build.classes}">
+ <include name="org/jboss/test/security/ejb/UncheckedSession*"/>
+ <include name="org/jboss/test/security/interfaces/Stateless*"/>
+ </fileset>
+ </jar>
+ <!-- WAR file-->
+ <war warfile="${build.lib}/deployment-rolemapping.war"
+ webxml="${build.resources}/security-spi/deploymentlevel/META-INF/web.xml">
+ <classes dir="${build.classes}">
+ <include name="org/jboss/test/web/servlets/Req*"/>
+ </classes>
+ </war>
+ <jar destfile="${build.lib}/deployment-rolemapping.ear">
+ <zipfileset prefix="META-INF"
+ dir="${build.resources}/security-spi/deploymentlevel/META-INF">
+ <include name="application.xml"/>
+ <include name="jboss-app.xml"/>
+ </zipfileset>
+ <fileset dir="${build.lib}">
+ <include name="deployment-rolemapping.war"/>
+ <include name="deployment-rolemapping.jar"/>
+ </fileset>
+ </jar>
+ <!-- Build an ear to test deployment level role to roles mapping -->
+ <!-- EJB Jar-->
+ <jar destfile="${build.lib}/deployment-roletorolesmapping.jar">
+ <fileset dir="${build.resources}/security-spi/deploymentlevel-roletorolesmapping">
+ <include name="META-INF/ejb-jar.xml"/>
+ </fileset>
+ <fileset dir="${build.resources}/security">
+ <include name="users.properties"/>
+ <include name="roles.properties"/>
+ </fileset>
+ <fileset dir="${build.classes}">
+ <include name="org/jboss/test/security/ejb/UncheckedSession*"/>
+ <include name="org/jboss/test/security/interfaces/Stateless*"/>
+ </fileset>
+ </jar>
+ <!-- WAR file-->
+ <war warfile="${build.lib}/deployment-roletorolesmapping.war"
+ webxml="${build.resources}/security-spi/deploymentlevel-roletorolesmapping/META-INF/web.xml">
+ <classes dir="${build.classes}">
+ <include name="org/jboss/test/web/servlets/Req*"/>
+ </classes>
+ </war>
+ <!-- EAR file -->
+ <jar destfile="${build.lib}/deployment-roletorolesmapping.ear">
+ <zipfileset prefix="META-INF"
+ dir="${build.resources}/security-spi/deploymentlevel-roletorolesmapping/META-INF">
+ <include name="application.xml"/>
+ <include name="jboss-app.xml"/>
+ </zipfileset>
+ <fileset dir="${build.lib}">
+ <include name="deployment-roletorolesmapping.war"/>
+ <include name="deployment-roletorolesmapping.jar"/>
+ </fileset>
+ </jar>
+ </target>
</project>
Copied: branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/test/mapping/DeploymentRoleToRolesMappingTestCase.java (from rev 114657, branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/test/mapping/DeploymentRoleMappingTestCase.java)
===================================================================
--- branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/test/mapping/DeploymentRoleToRolesMappingTestCase.java (rev 0)
+++ branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/test/mapping/DeploymentRoleToRolesMappingTestCase.java 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,169 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.test.mapping;
+
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.rmi.RemoteException;
+
+import javax.rmi.PortableRemoteObject;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+
+import junit.extensions.TestSetup;
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.jboss.security.auth.login.XMLLoginConfigImpl;
+import org.jboss.test.JBossTestCase;
+import org.jboss.test.JBossTestSetup;
+import org.jboss.test.security.interfaces.StatelessSession;
+import org.jboss.test.security.interfaces.StatelessSessionHome;
+import org.jboss.test.util.AppCallbackHandler;
+import org.jboss.test.util.web.HttpUtils;
+
+/**
+ * Tests deployment level role to roles mapping
+ * Define security roles in jboss-app.xml that get merged with
+ * roles for the web/ejb layers
+ * Test for JBPAPP-10875
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @author <a href="mailto:msimka at redhat.com">Martin Simka</a>
+ * @since Jan 09, 2014
+ * @version $Revision$
+ */
+public class DeploymentRoleToRolesMappingTestCase extends JBossTestCase
+{
+ static String username = "jduke";
+ static char[] password = "theduke".toCharArray();
+
+ LoginContext lc;
+ boolean loggedIn;
+
+ public DeploymentRoleToRolesMappingTestCase(String name)
+ {
+ super(name);
+ }
+
+ public void testEJBApplication() throws Exception
+ {
+ Object obj = getInitialContext().lookup("DeploymentLevelRoleToRolesMappingBean");
+ obj = PortableRemoteObject.narrow(obj, StatelessSessionHome.class);
+ StatelessSessionHome home = (StatelessSessionHome) obj;
+ log.debug("Found Unsecure StatelessSessionHome");
+ StatelessSession bean = null;
+ try
+ {
+ bean = home.create();
+ log.debug("Created spec.UnsecureStatelessSession2");
+ bean.echo("Hello from nobody?");
+ fail("Should not be allowed");
+ }
+ catch(RemoteException re)
+ {
+ }
+ finally
+ {
+ if(bean != null)
+ bean.remove();
+ }
+
+ login();
+ obj = getInitialContext().lookup("DeploymentLevelRoleToRolesMappingBean");
+ obj = PortableRemoteObject.narrow(obj, StatelessSessionHome.class);
+ home = (StatelessSessionHome) obj;
+ log.debug("Found spec.StatelessSession2");
+ bean = home.create();
+ log.debug("Created spec.StatelessSession2");
+ // Test that the Entity bean sees username as its principal
+ String echo = bean.echo("jduke");
+ log.debug("bean.echo(username) = "+echo);
+ assertTrue("username == echo", echo.equals("jduke"));
+ bean.remove();
+ logout();
+ }
+
+ public void testWebApplication() throws Exception
+ {
+ String baseURL = HttpUtils.getBaseURL("jduke", "theduke");
+ URL url = new URL(baseURL + "deployment-roletorolesmapping/RequestInfoServlet");
+ HttpUtils.accessURL(url, "JBoss Realm", HttpURLConnection.HTTP_OK);
+ }
+
+ private void login() throws Exception
+ {
+ login("jduke", "theduke".toCharArray());
+ }
+ private void login(String username, char[] password) throws Exception
+ {
+ if( loggedIn )
+ return;
+
+ lc = null;
+ String confName = System.getProperty("conf.name", "other");
+ AppCallbackHandler handler = new AppCallbackHandler(username, password);
+ log.debug("Creating LoginContext("+confName+")");
+ lc = new LoginContext(confName, handler);
+ lc.login();
+ log.debug("Created LoginContext, subject="+lc.getSubject());
+ loggedIn = true;
+ }
+ private void logout() throws Exception
+ {
+ if( loggedIn )
+ {
+ loggedIn = false;
+ lc.logout();
+ }
+ }
+
+ /**
+ * Setup the test suite.
+ */
+ public static Test suite() throws Exception
+ {
+ TestSuite suite = new TestSuite();
+ suite.addTest(new TestSuite(DeploymentRoleToRolesMappingTestCase.class));
+
+ // Create an initializer for the test suite
+ TestSetup wrapper = new JBossTestSetup(suite)
+ {
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+ Configuration.setConfiguration(XMLLoginConfigImpl.getInstance());
+ String url = getResourceURL("security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml");
+ deploy(url);
+ redeploy("deployment-roletorolesmapping.ear");
+ flushAuthCache();
+ }
+ protected void tearDown() throws Exception
+ {
+ undeploy(getResourceURL("security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml"));
+ undeploy("deployment-roletorolesmapping.ear");
+ super.tearDown();
+
+ }
+ };
+ return wrapper;
+ }
+}
Added: branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/application.xml
===================================================================
--- branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/application.xml (rev 0)
+++ branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/application.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE application PUBLIC
+ "-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN"
+ "http://java.sun.com/dtd/application_1_3.dtd">
+
+<application>
+ <display-name>Tests for deployment level role to roles mapping</display-name>
+ <module>
+ <web>
+ <web-uri>deployment-roletorolesmapping.war</web-uri>
+ <context-root>/deployment-roletorolesmapping</context-root>
+ </web>
+ </module>
+ <module>
+ <ejb>deployment-roletorolesmapping.jar</ejb>
+ </module>
+</application>
Added: branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/ejb-jar.xml
===================================================================
--- branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/ejb-jar.xml (rev 0)
+++ branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/ejb-jar.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ejb-jar xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
+ http://java.sun.com/xml/ns/j2ee/ejb-jar_2_1.xsd"
+ version="2.1">
+ <enterprise-beans>
+ <!-- Session Beans -->
+ <session >
+ <description>Deployment level role to roles mapping test</description>
+ <ejb-name>DeploymentLevelRoleToRolesMappingBean</ejb-name>
+ <home>org.jboss.test.security.interfaces.StatelessSessionHome</home>
+ <remote>org.jboss.test.security.interfaces.StatelessSession</remote>
+ <ejb-class>org.jboss.test.security.ejb.UncheckedSessionBean</ejb-class>
+ <session-type>Stateless</session-type>
+ <transaction-type>Container</transaction-type>
+ </session>
+ </enterprise-beans>
+
+ <!-- Assembly Descriptor -->
+ <assembly-descriptor >
+ <security-role>
+ <description>The role required to invoke the echo method</description>
+ <role-name>GoodUser</role-name>
+ </security-role>
+ <!-- The methods the Echo role can access -->
+ <method-permission>
+ <role-name>GoodUser</role-name>
+ <method>
+ <ejb-name>DeploymentLevelRoleToRolesMappingBean</ejb-name>
+ <method-name>*</method-name>
+ </method>
+ </method-permission>
+ </assembly-descriptor>
+</ejb-jar>
Added: branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/jboss-app.xml
===================================================================
--- branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/jboss-app.xml (rev 0)
+++ branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/jboss-app.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE jboss-app PUBLIC "-//JBoss//DTD Java EE Application 5.0//EN" "http://www.jboss.org/j2ee/dtd/jboss-app_5_0.dtd">
+
+<jboss-app>
+ <security-domain>java:/jaas/cts</security-domain>
+ <security-role>
+ <role-name>Echo</role-name>
+ <principal-name>j2ee</principal-name>
+ </security-role>
+ <security-role>
+ <role-name>GoodUser</role-name>
+ <principal-name>Role1</principal-name>
+ </security-role>
+ <security-role>
+ <role-name>AuthorizedUser</role-name>
+ <principal-name>Role2</principal-name>
+ </security-role>
+</jboss-app>
Added: branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/web.xml
===================================================================
--- branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/web.xml (rev 0)
+++ branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/META-INF/web.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app
+ xmlns="http://java.sun.com/xml/ns/j2ee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
+ version="2.4">
+
+ <description>Security Test for role to roles mapping at deployment level logic</description>
+
+ <servlet>
+ <servlet-name>RequestInfoServlet</servlet-name>
+ <servlet-class>org.jboss.test.web.servlets.RequestInfoServlet</servlet-class>
+ </servlet>
+
+ <!-- The servlet and jsp page mappings -->
+ <servlet-mapping>
+ <servlet-name>RequestInfoServlet</servlet-name>
+ <url-pattern>/RequestInfoServlet</url-pattern>
+ </servlet-mapping>
+
+ <!-- ### Security -->
+ <security-constraint>
+ <display-name>JBoss Realm</display-name>
+ <web-resource-collection>
+ <web-resource-name>Restricted</web-resource-name>
+ <description>Declarative security tests</description>
+ <url-pattern>/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <description>Only authenticated users can access secure content</description>
+ <role-name>AuthorizedUser</role-name>
+ </auth-constraint>
+
+ <user-data-constraint>
+ <description>no description</description>
+ <transport-guarantee>NONE</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBoss Realm</realm-name>
+ </login-config>
+
+ <security-role>
+ <description>An AuthorizedUser is one with a valid username and password</description>
+ <role-name>AuthorizedUser</role-name>
+ </security-role>
+
+</web-app>
Added: branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml
===================================================================
--- branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml (rev 0)
+++ branches/JBPAPP_5/testsuite/src/resources/security-spi/deploymentlevel-roletorolesmapping/roletorolesmapping-test-service.xml 2014-01-20 14:01:32 UTC (rev 114674)
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server>
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
+ name="jboss.security.tests:service=DynamicLoginConfig,test=deploymentroletorolesmapping">
+ <attribute name="PolicyConfig" serialDataType="jbxb">
+ <jbsx:policy xsi:schemaLocation="urn:jboss:security-config:5.0 resource:security-config_5_0.xsd" xmlns:jbsx="urn:jboss:security-config:5.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <jbsx:application-policy name="cts">
+ <jbsx:authentication>
+ <jbsx:login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
+ <jbsx:module-option name="usersProperties">users.properties</jbsx:module-option>
+ <jbsx:module-option name="rolesProperties">roles.properties</jbsx:module-option>
+ <jbsx:module-option name="password-stacking">useFirstPass</jbsx:module-option>
+ <jbsx:module-option name="unauthenticatedIdentity">cts-user</jbsx:module-option>
+ </jbsx:login-module>
+ </jbsx:authentication>
+ <jbsx:rolemapping>
+ <jbsx:mapping-module code="org.jboss.security.mapping.providers.DeploymentRoleToRolesMappingProvider"/>
+ </jbsx:rolemapping>
+ </jbsx:application-policy>
+ </jbsx:policy>
+ </attribute>
+ <depends optional-attribute-name="LoginConfigService">
+ jboss.security:service=XMLLoginConfig
+ </depends>
+ <depends optional-attribute-name="SecurityManagerService">
+ jboss.security:service=JaasSecurityManager
+ </depends>
+ </mbean>
+</server>
More information about the jboss-cvs-commits
mailing list