001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.security.test;
023:
024: import org.jboss.test.JBossTestCase;
025: import org.jboss.test.security.interfaces.SubjectSessionHome;
026: import org.jboss.test.security.interfaces.SubjectSession;
027: import org.jboss.test.security.interfaces.CalledSession;
028: import org.jboss.test.security.interfaces.CalledSessionHome;
029: import org.jboss.security.SimplePrincipal;
030:
031: import javax.naming.Context;
032: import javax.naming.InitialContext;
033: import javax.rmi.PortableRemoteObject;
034: import java.util.Properties;
035: import java.util.HashSet;
036: import java.rmi.AccessException;
037:
038: import junit.framework.Test;
039:
040: /** Tests missing-method-permissions-excluded-mode
041:
042: @author Scott.Stark@jboss.org
043: @version $Revision: 57211 $
044: */
045: public class MissingMethodUnitTestCase extends JBossTestCase {
046: public MissingMethodUnitTestCase(String name) {
047: super (name);
048: }
049:
050: /** Test that methods without a method-permission behave as unchecked
051: */
052: public void testMissingIsUnchecked() throws Exception {
053: log.debug("+++ testMissingIsUnchecked()");
054: Properties env = new Properties();
055: env
056: .setProperty(Context.INITIAL_CONTEXT_FACTORY,
057: "org.jboss.security.jndi.JndiLoginInitialContextFactory");
058: env.setProperty(Context.SECURITY_PRINCIPAL, "jduke");
059: env.setProperty(Context.SECURITY_CREDENTIALS, "theduke");
060: InitialContext ctx = new InitialContext(env);
061: Object obj = ctx.lookup("unchecked/MissingMethodBean");
062: obj = PortableRemoteObject.narrow(obj, CalledSessionHome.class);
063: CalledSessionHome home = (CalledSessionHome) obj;
064: log.debug("Found CalledSessionHome");
065: CalledSession bean = home.create();
066: log.debug("Created CalledSession");
067:
068: // This should pass due to login role
069: bean.invokeEcho("testMissingIsUnchecked");
070: // This should pass due to unchecked for missing method-permission
071: bean.callEcho();
072: bean.remove();
073: }
074:
075: /** Test that methods without a method-permission behave as excluded
076: */
077: public void testMissingIsExcluded() throws Exception {
078: log.debug("+++ testMissingIsExcluded()");
079: Properties env = new Properties();
080: env
081: .setProperty(Context.INITIAL_CONTEXT_FACTORY,
082: "org.jboss.security.jndi.JndiLoginInitialContextFactory");
083: env.setProperty(Context.SECURITY_PRINCIPAL, "jduke");
084: env.setProperty(Context.SECURITY_CREDENTIALS, "theduke");
085: InitialContext ctx = new InitialContext(env);
086: Object obj = ctx.lookup("excluded/MissingMethodBean");
087: obj = PortableRemoteObject.narrow(obj, CalledSessionHome.class);
088: CalledSessionHome home = (CalledSessionHome) obj;
089: log.debug("Found CalledSessionHome");
090: CalledSession bean = home.create();
091: log.debug("Created CalledSession");
092:
093: // This should pass due to login role
094: bean.invokeEcho("testMissingIsExcluded");
095: // This should faile due to excluded for missing method-permission
096: try {
097: bean.callEcho();
098: fail("Was able to invoke callEcho");
099: } catch (AccessException e) {
100: log.debug("Failed with AccessException");
101: }
102: bean.remove();
103: }
104:
105: public static Test suite() throws Exception {
106: return JBossTestCase
107: .getDeploySetup(MissingMethodUnitTestCase.class,
108: "missing-methods-excluded.jar,missing-methods-unchecked.jar");
109: }
110:
111: }
|