[seam-commits] Seam SVN: r10638 - in branches/community/Seam_2_1/examples/restbay: src/org/jboss/seam/example/restbay/resteasy and 1 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Fri Apr 24 20:08:12 EDT 2009
Author: jharting
Date: 2009-04-24 20:08:12 -0400 (Fri, 24 Apr 2009)
New Revision: 10638
Added:
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
Modified:
branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
Log:
security test for restbay example
Modified: branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml
===================================================================
--- branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-04-24 23:28:28 UTC (rev 10637)
+++ branches/community/Seam_2_1/examples/restbay/resources/WEB-INF/components.xml 2009-04-25 00:08:12 UTC (rev 10638)
@@ -13,9 +13,9 @@
"http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.1.xsd
http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.1.xsd
http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.1.xsd
- http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.1.xsd
http://jboss.com/products/seam/async http://jboss.com/products/seam/async-2.1.xsd
http://jboss.com/products/seam/web http://jboss.com/products/seam/web-2.1.xsd
+ http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.1.xsd
http://jboss.com/products/seam/resteasy http://jboss.com/products/seam/resteasy-2.1.xsd
http://jboss.com/products/seam/framework http://jboss.com/products/seam/framework-2.1.xsd
http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.1.xsd">
@@ -48,5 +48,10 @@
<resteasy:resource-query path="/configuredCategory" name="configuredCategoryResourceQuery"
entity-class="org.jboss.seam.example.restbay.Category"
media-types="application/xml application/json"/>
+
+ <web:authentication-filter url-pattern="/seam/resource/restv1/secured/*"
+ auth-type="basic" realm="Seam RestBay Application" />
+
+ <security:identity authenticate-method="#{authenticator.authenticate}" />
</components>
Added: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java (rev 0)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java 2009-04-25 00:08:12 UTC (rev 10638)
@@ -0,0 +1,39 @@
+package org.jboss.seam.example.restbay.resteasy;
+
+
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Logger;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.log.Log;
+import org.jboss.seam.security.Credentials;
+import org.jboss.seam.security.Identity;
+
+ at Name("authenticator")
+ at Scope(ScopeType.EVENT)
+public class Authenticator
+{
+
+ @In
+ private Identity identity;
+ @In
+ private Credentials credentials;
+ @Logger
+ private Log log;
+
+ public boolean authenticate()
+ {
+ if (credentials.getUsername().equals(credentials.getPassword())) {
+ log.info("Authenticated {0}", credentials.getUsername());
+
+ if (credentials.getUsername().equals("admin")) {
+ identity.addRole("admin");
+ log.info("Admin rights granted for {0}", credentials.getUsername());
+ }
+ return true;
+ } else {
+ return false;
+ }
+ }
+}
\ No newline at end of file
Property changes on: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/Authenticator.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java (rev 0)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java 2009-04-25 00:08:12 UTC (rev 10638)
@@ -0,0 +1,46 @@
+package org.jboss.seam.example.restbay.resteasy;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.security.Restrict;
+import org.jboss.seam.security.Identity;
+
+/**
+ *
+ * @author Jozef Hartinger
+ *
+ */
+
+ at Path("/secured/resource")
+ at Name("securedResource")
+ at Produces("text/plain")
+public class SecuredResource
+{
+
+ @In
+ private Identity identity;
+
+ @GET
+ public String getHello()
+ {
+ return "Hello world!";
+ }
+
+ @GET
+ @Path("/admin")
+ public boolean isAdmin() {
+ return identity.hasRole("admin");
+ }
+
+ @GET
+ @Path("/restrictedAdmin")
+ @Restrict("#{s:hasRole('admin')}")
+ public boolean restrictedIsAdmin() {
+ return identity.hasRole("admin");
+ }
+
+}
Property changes on: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/resteasy/SecuredResource.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java (rev 0)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java 2009-04-25 00:08:12 UTC (rev 10638)
@@ -0,0 +1,108 @@
+package org.jboss.seam.example.restbay.test;
+
+import static org.testng.Assert.assertEquals;
+
+import org.jboss.seam.example.restbay.test.fwk.MockHttpServletRequest;
+import org.jboss.seam.example.restbay.test.fwk.MockHttpServletResponse;
+import org.jboss.seam.example.restbay.test.fwk.ResourceSeamTest;
+import org.testng.annotations.Test;
+
+/**
+ * This class tests RESTEasy integration with together with Seam Security
+ * @author Jozef Hartinger
+ *
+ */
+public class SecurityTest extends ResourceSeamTest
+{
+ @Test
+ public void basicAuthTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC ZGVtbzpkZW1v"); // demo:demo
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response code.");
+ assertEquals(response.getContentAsString(), "false", "Unexpected response.");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void invalidCredentialsBasicAuthTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC ZGVtbzpvbWVk"); // demo:omed
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 403, "Unexpected response code.");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void adminRoleTest() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource/admin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC YWRtaW46YWRtaW4="); // admin:admin
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response code.");
+ assertEquals(response.getContentAsString(), "true");
+ }
+
+ }.run();
+ }
+
+ @Test
+ public void adminRoleTestWithRestriction() throws Exception
+ {
+ new ResourceRequest(Method.GET, "/restv1/secured/resource/restrictedAdmin")
+ {
+ @Override
+ protected void prepareRequest(MockHttpServletRequest request)
+ {
+ super.prepareRequest(request);
+ request.addHeader("Accept", "text/plain");
+ request.addHeader("Authorization", "BASIC YWRtaW46YWRtaW4="); // admin:admin
+ }
+
+ @Override
+ protected void onResponse(MockHttpServletResponse response)
+ {
+ assertEquals(response.getStatus(), 200, "Unexpected response code.");
+ assertEquals(response.getContentAsString(), "true");
+ }
+
+ }.run();
+ }
+
+}
Property changes on: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/SecurityTest.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml
===================================================================
--- branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-04-24 23:28:28 UTC (rev 10637)
+++ branches/community/Seam_2_1/examples/restbay/src/org/jboss/seam/example/restbay/test/testng.xml 2009-04-25 00:08:12 UTC (rev 10638)
@@ -25,4 +25,10 @@
<class name="org.jboss.seam.example.restbay.test.ResourceQueryTest"/>
</classes>
</test>
+
+ <!-- <test name="RestBay: Security">
+ <classes>
+ <class name="org.jboss.seam.example.restbay.test.SecurityTest"/>
+ </classes>
+ </test>-->
</suite>
\ No newline at end of file
More information about the seam-commits
mailing list