001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.security.test;
023:
024: import java.rmi.RemoteException;
025: import javax.naming.InitialContext;
026: import javax.rmi.PortableRemoteObject;
027: import javax.security.auth.login.Configuration;
028: import javax.security.auth.login.LoginContext;
029:
030: import org.jboss.security.auth.login.XMLLoginConfigImpl;
031: import org.jboss.test.JBossTestCase;
032: import org.jboss.test.JBossTestSetup;
033: import org.jboss.test.security.interfaces.IOSession;
034: import org.jboss.test.security.interfaces.IOSessionHome;
035: import org.jboss.test.security.interfaces.ReadAccessException;
036: import org.jboss.test.util.AppCallbackHandler;
037:
038: import junit.extensions.TestSetup;
039: import junit.framework.Test;
040: import junit.framework.TestSuite;
041:
042: /** Tests of the EJB security proxy.
043:
044: @author Scott.Stark@jboss.org
045: @version $Revision: 57211 $
046: */
047: public class SecurityProxyUnitTestCase extends JBossTestCase {
048: LoginContext lc;
049: boolean loggedIn;
050:
051: public SecurityProxyUnitTestCase(String name) {
052: super (name);
053: }
054:
055: /** Test that the echo method is accessible by an Echo
056: role. Since the noop() method of the StatelessSession
057: bean was not assigned any permissions it should not be
058: accessible by any user.
059: */
060: public void testMethodAccess() throws Exception {
061: log.debug("+++ testMethodAccess");
062: login();
063: Object obj = getInitialContext().lookup(
064: "security-proxy/ProxiedStatelessBean");
065: obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
066: IOSessionHome home = (IOSessionHome) obj;
067: log.debug("Found IOSessionHome");
068: IOSession bean = home.create();
069: log.debug("Created IOSession");
070:
071: try {
072: // This should not be allowed
073: bean.read("/restricted/pgp.keys");
074: fail("Was able to call read(/restricted/pgp.keys)");
075: } catch (RemoteException e) {
076: log.debug("IOSession.read failed as expected");
077: }
078: bean.read("/public/pgp.keys");
079:
080: try {
081: // This should not be allowed
082: bean.retryableRead("/restricted/pgp.keys");
083: fail("Was able to call read(/restricted/pgp.keys)");
084: } catch (ReadAccessException e) {
085: log
086: .debug("IOSession.read failed as expected with ReadAccessException");
087: bean.read("/public/pgp.keys");
088: }
089:
090: try {
091: // This should not be allowed
092: bean.write("/restricted/pgp.keys");
093: fail("Was able to call write(/restricted/pgp.keys)");
094: } catch (RemoteException e) {
095: log.debug("IOSession.write failed as expected");
096: }
097: bean.write("/public/pgp.keys");
098:
099: bean.remove();
100: }
101:
102: /** Login as user scott using the conf.name login config or
103: 'spec-test' if conf.name is not defined.
104: */
105: private void login() throws Exception {
106: login("jduke", "theduke".toCharArray());
107: }
108:
109: private void login(String username, char[] password)
110: throws Exception {
111: if (loggedIn)
112: return;
113:
114: lc = null;
115: String confName = System.getProperty("conf.name", "spec-test");
116: AppCallbackHandler handler = new AppCallbackHandler(username,
117: password);
118: log.debug("Creating LoginContext(" + confName + ")");
119: lc = new LoginContext(confName, handler);
120: lc.login();
121: log.debug("Created LoginContext, subject=" + lc.getSubject());
122: loggedIn = true;
123: }
124:
125: private void logout() throws Exception {
126: if (loggedIn) {
127: loggedIn = false;
128: lc.logout();
129: }
130: }
131:
132: /**
133: * Setup the test suite.
134: */
135: public static Test suite() throws Exception {
136: TestSuite suite = new TestSuite();
137: suite.addTest(new TestSuite(SecurityProxyUnitTestCase.class));
138:
139: // Create an initializer for the test suite
140: TestSetup wrapper = new JBossTestSetup(suite) {
141: protected void setUp() throws Exception {
142: super .setUp();
143: Configuration
144: .setConfiguration(new XMLLoginConfigImpl());
145: redeploy("security-proxy.jar");
146: flushAuthCache();
147: }
148:
149: protected void tearDown() throws Exception {
150: undeploy("security-proxy.jar");
151: super.tearDown();
152:
153: }
154: };
155: return wrapper;
156: }
157:
158: }
|