Author: tveronezi
Date: Thu Aug 23 16:15:30 2012
New Revision: 1376573
URL: http://svn.apache.org/viewvc?rev=1376573&view=rev
Log:
https://issues.apache.org/jira/browse/TOMEE-402
Added:
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ScriptLoginModule.java
- copied, changed from r1375749,
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ServiceProviderLoginModule.java
openejb/trunk/openejb/examples/testing-security-4/
openejb/trunk/openejb/examples/testing-security-4/pom.xml
openejb/trunk/openejb/examples/testing-security-4/src/
openejb/trunk/openejb/examples/testing-security-4/src/main/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/LoginBean.java
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movie.java
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movies.java
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/persistence.xml
openejb/trunk/openejb/examples/testing-security-4/src/test/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/MovieTest.java
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/login.config
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/loginscript.js
Modified:
openejb/trunk/openejb/container/openejb-core/src/main/resources/login.config
openejb/trunk/openejb/examples/pom.xml
Copied:
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ScriptLoginModule.java
(from r1375749,
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ServiceProviderLoginModule.java)
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ScriptLoginModule.java?p2=openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ScriptLoginModule.java&p1=openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ServiceProviderLoginModule.java&r1=1375749&r2=1376573&rev=1376573&view=diff
==============================================================================
---
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ServiceProviderLoginModule.java
(original)
+++
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jaas/ScriptLoginModule.java
Thu Aug 23 16:15:30 2012
@@ -19,21 +19,26 @@ package org.apache.openejb.core.security
import org.apache.openejb.util.LogCategory;
import org.apache.openejb.util.Logger;
+import javax.script.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
-import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
+import java.io.File;
+import java.io.FileNotFoundException;
import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URI;
import java.security.Principal;
import java.util.*;
-public class ServiceProviderLoginModule implements LoginModule {
+public class ScriptLoginModule implements LoginModule {
private static Logger log =
Logger.getInstance(LogCategory.OPENEJB_SECURITY,
"org.apache.openejb.util.resources");
private Subject subject;
private CallbackHandler callbackHandler;
- private ServiceLoader<LoginProvider> loader;
+
+ private Map<String, ?> options;
public Set<Principal> principals = new LinkedHashSet<Principal>();
@@ -52,9 +57,9 @@ public class ServiceProviderLoginModule
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options) {
+ this.options = options;
this.subject = subject;
this.callbackHandler = callbackHandler;
- this.loader = ServiceLoader.load(LoginProvider.class);
}
private UserData getUserData() throws LoginException {
@@ -84,20 +89,45 @@ public class ServiceProviderLoginModule
@Override
public boolean login() throws LoginException {
- final Iterator<LoginProvider> loginProviders = loader.iterator();
- if (!loginProviders.hasNext()) {
- throw new FailedLoginException("No LoginProvider defined.");
+ String scriptURI = (String) this.options.get("scriptURI");
+ if(scriptURI == null || "".equals(scriptURI.trim())) {
+ scriptURI =
System.getProperty("openejb.ScriptLoginModule.scriptURI");
+
+ if(scriptURI == null || "".equals(scriptURI.trim())) {
+ throw new LoginException("No login script defined");
+ }
+ }
+
+ final URI uri = URI.create(scriptURI);
+ final String scriptText;
+ try {
+ scriptText = new Scanner(new File(uri)).useDelimiter("\\Z").next();
+ } catch (FileNotFoundException e) {
+ throw new LoginException("Invalid login script URI. Value: " +
scriptURI);
}
this.userData = getUserData();
- while (loginProviders.hasNext()) {
- final LoginProvider loginProvider = loginProviders.next();
- final List<String> myGroups =
loginProvider.authenticate(this.userData.user, this.userData.pass);
- if (myGroups != null) {
- this.userData.groups.addAll(myGroups);
- }
+ final ScriptEngineManager manager = new ScriptEngineManager();
+ final ScriptEngine engine = manager.getEngineByName((String)
this.options.get("engineName"));
+
+ //new context for the execution of this script
+ final ScriptContext newContext = new SimpleScriptContext();
+
+ //creating the bidings object for the current execution
+ final Bindings bindings =
newContext.getBindings(ScriptContext.ENGINE_SCOPE);
+
+ bindings.put("user", this.userData.user);
+ bindings.put("password", this.userData.pass);
+
+ final List<String> myGroups;
+ try {
+ myGroups = (List) engine.eval(scriptText, newContext);
+ } catch (ScriptException e) {
+ throw new LoginException("Cannot execute login script. Msg: " +
e.getMessage());
}
+ this.userData.groups.addAll(myGroups);
+
return true;
}
Modified:
openejb/trunk/openejb/container/openejb-core/src/main/resources/login.config
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/resources/login.config?rev=1376573&r1=1376572&r2=1376573&view=diff
==============================================================================
---
openejb/trunk/openejb/container/openejb-core/src/main/resources/login.config
(original)
+++
openejb/trunk/openejb/container/openejb-core/src/main/resources/login.config
Thu Aug 23 16:15:30 2012
@@ -10,6 +10,11 @@ SQLLogin {
userSelect="SELECT username, password FROM users WHERE username = ?"
groupSelect="SELECT username, grp FROM groups WHERE username = ?";
};
+ScriptLogin {
+ org.apache.openejb.core.security.jaas.ScriptLoginModule required
+ engineName="js"
+ scriptURI="";
+};
ServiceProviderLogin {
org.apache.openejb.core.security.jaas.ServiceProviderLoginModule required;
};
\ No newline at end of file
Modified: openejb/trunk/openejb/examples/pom.xml
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/pom.xml?rev=1376573&r1=1376572&r2=1376573&view=diff
==============================================================================
--- openejb/trunk/openejb/examples/pom.xml (original)
+++ openejb/trunk/openejb/examples/pom.xml Thu Aug 23 16:15:30 2012
@@ -125,6 +125,7 @@
<module>testing-security</module>
<module>testing-security-2</module>
<module>testing-security-3</module>
+ <module>testing-security-4</module>
<module>testing-transactions</module>
<module>testing-transactions-bmt</module>
<module>tomee-jersey-eclipselink</module>
Added: openejb/trunk/openejb/examples/testing-security-4/pom.xml
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/pom.xml?rev=1376573&view=auto
==============================================================================
--- openejb/trunk/openejb/examples/testing-security-4/pom.xml (added)
+++ openejb/trunk/openejb/examples/testing-security-4/pom.xml Thu Aug 23
16:15:30 2012
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!-- $Rev: 636494 $ $Date: 2008-03-12 21:24:02 +0100 (Wed, 12 Mar 2008) $ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.superbiz</groupId>
+ <artifactId>testing-security-4</artifactId>
+ <packaging>jar</packaging>
+ <version>1.1-SNAPSHOT</version>
+ <name>OpenEJB :: Examples :: Testing Security Script Service Provider</name>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+ <build>
+ <defaultGoal>install</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.4</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.12</version>
+ <configuration>
+ <forkMode>pertest</forkMode>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <repositories>
+ <repository>
+ <id>apache-m2-snapshot</id>
+ <name>Apache Snapshot Repository</name>
+ <url>http://repository.apache.org/snapshots</url>
+ </repository>
+ </repositories>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>javaee-api</artifactId>
+ <version>6.0-4</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.10</version>
+ <scope>test</scope>
+ </dependency>
+
+ <!--
+ The <scope>test</scope> guarantees that non of your runtime
+ code is dependent on any OpenEJB classes.
+ -->
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>openejb-core</artifactId>
+ <version>4.1.0-SNAPSHOT</version>
+ <scope>provided</scope>
+ </dependency>
+
+ </dependencies>
+
+ <!--
+ This section allows you to configure where to publish libraries for sharing.
+ It is not required and may be deleted. For more information see:
+ http://maven.apache.org/plugins/maven-deploy-plugin/
+ -->
+ <distributionManagement>
+ <repository>
+ <id>localhost</id>
+ <url>file://${basedir}/target/repo/</url>
+ </repository>
+ <snapshotRepository>
+ <id>localhost</id>
+ <url>file://${basedir}/target/snapshot-repo/</url>
+ </snapshotRepository>
+ </distributionManagement>
+
+</project>
Added:
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/LoginBean.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/LoginBean.java?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/LoginBean.java
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/LoginBean.java
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz.injection.secure;
+
+import javax.ejb.Stateless;
+import javax.security.auth.login.FailedLoginException;
+import java.util.Arrays;
+import java.util.List;
+
+@Stateless
+public class LoginBean {
+
+ public List<String> authenticate(String user, String password) throws
FailedLoginException {
+ if ("paul".equals(user) && "michelle".equals(password)) {
+ return Arrays.asList("Manager", "rockstar", "beatle");
+ }
+
+ if ("eddie".equals(user) && "jump".equals(password)) {
+ return Arrays.asList("Employee", "rockstar", "vanhalen");
+ }
+
+ throw new FailedLoginException("Bad user or password!");
+ }
+}
+
Added:
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movie.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movie.java?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movie.java
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movie.java
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,62 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz.injection.secure;
+
+import javax.persistence.Entity;
+
+@Entity
+public class Movie {
+
+ private String director;
+ private String title;
+ private int year;
+
+ public Movie() {
+ }
+
+ public Movie(String director, String title, int year) {
+ this.director = director;
+ this.title = title;
+ this.year = year;
+ }
+
+ public String getDirector() {
+ return director;
+ }
+
+ public void setDirector(String director) {
+ this.director = director;
+ }
+
+ public String getTitle() {
+ return title;
+ }
+
+ public void setTitle(String title) {
+ this.title = title;
+ }
+
+ public int getYear() {
+ return year;
+ }
+
+ public void setYear(int year) {
+ this.year = year;
+ }
+
+
+}
Added:
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movies.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movies.java?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movies.java
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/main/java/org/superbiz/injection/secure/Movies.java
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz.injection.secure;
+
+//START SNIPPET: code
+
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+import javax.ejb.Stateful;
+import javax.ejb.TransactionAttribute;
+import javax.ejb.TransactionAttributeType;
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.PersistenceContextType;
+import javax.persistence.Query;
+import java.util.List;
+
+@Stateful
+public class Movies {
+
+ @PersistenceContext(unitName = "movie-unit", type =
PersistenceContextType.EXTENDED)
+ private EntityManager entityManager;
+
+ @RolesAllowed({"Employee", "Manager"})
+ public void addMovie(Movie movie) throws Exception {
+ entityManager.persist(movie);
+ }
+
+ @RolesAllowed({"Manager"})
+ public void deleteMovie(Movie movie) throws Exception {
+ entityManager.remove(movie);
+ }
+
+ @PermitAll
+ @TransactionAttribute(TransactionAttributeType.SUPPORTS)
+ public List<Movie> getMovies() throws Exception {
+ Query query = entityManager.createQuery("SELECT m from Movie as m");
+ return query.getResultList();
+ }
+}
+//END SNIPPET: code
Added:
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/persistence.xml
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/persistence.xml?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/persistence.xml
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/main/resources/META-INF/persistence.xml
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<persistence xmlns="http://java.sun.com/xml/ns/persistence"; version="1.0">
+
+ <persistence-unit name="movie-unit">
+ <jta-data-source>movieDatabase</jta-data-source>
+ <non-jta-data-source>movieDatabaseUnmanaged</non-jta-data-source>
+ <class>org.superbiz.injection.secure.Movie</class>
+
+ <properties>
+ <property name="openjpa.jdbc.SynchronizeMappings"
value="buildSchema(ForeignKeys=true)"/>
+ </properties>
+ </persistence-unit>
+</persistence>
\ No newline at end of file
Added:
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/MovieTest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/MovieTest.java?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/MovieTest.java
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/test/java/org/superbiz/injection/secure/MovieTest.java
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz.injection.secure;
+
+import junit.framework.TestCase;
+
+import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
+import javax.ejb.embeddable.EJBContainer;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import java.util.List;
+import java.util.Properties;
+
+//START SNIPPET: code
+public class MovieTest extends TestCase {
+
+ @EJB
+ private Movies movies;
+
+ private Context getContext(String user, String pass) throws
NamingException {
+ Properties p = new Properties();
+ p.put(Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.core.LocalInitialContextFactory");
+ p.setProperty("openejb.authentication.realmName", "MyScriptLogin");
+ p.put(Context.SECURITY_PRINCIPAL, user);
+ p.put(Context.SECURITY_CREDENTIALS, pass);
+
+ return new InitialContext(p);
+ }
+
+ protected void setUp() throws Exception {
+ final ClassLoader ctxCl =
Thread.currentThread().getContextClassLoader();
+ System.setProperty("java.security.auth.login.config",
ctxCl.getResource("login.config").toExternalForm());
+ System.setProperty("openejb.ScriptLoginModule.scriptURI",
ctxCl.getResource("loginscript.js").toExternalForm());
+
+ Properties p = new Properties();
+ p.put("movieDatabase", "new://Resource?type=DataSource");
+ p.put("movieDatabase.JdbcDriver", "org.hsqldb.jdbcDriver");
+ p.put("movieDatabase.JdbcUrl", "jdbc:hsqldb:mem:moviedb");
+
+ EJBContainer.createEJBContainer(p).getContext().bind("inject", this);
+ }
+
+ public void testAsManager() throws Exception {
+ final Context context = getContext("paul", "michelle");
+
+ try {
+ movies.addMovie(new Movie("Quentin Tarantino", "Reservoir Dogs",
1992));
+ movies.addMovie(new Movie("Joel Coen", "Fargo", 1996));
+ movies.addMovie(new Movie("Joel Coen", "The Big Lebowski", 1998));
+
+ List<Movie> list = movies.getMovies();
+ assertEquals("List.size()", 3, list.size());
+
+ for (Movie movie : list) {
+ movies.deleteMovie(movie);
+ }
+
+ assertEquals("Movies.getMovies()", 0, movies.getMovies().size());
+ } finally {
+ context.close();
+ }
+ }
+
+ public void testAsEmployee() throws Exception {
+ final Context context = getContext("eddie", "jump");
+
+ try {
+ movies.addMovie(new Movie("Quentin Tarantino", "Reservoir Dogs",
1992));
+ movies.addMovie(new Movie("Joel Coen", "Fargo", 1996));
+ movies.addMovie(new Movie("Joel Coen", "The Big Lebowski", 1998));
+
+ List<Movie> list = movies.getMovies();
+ assertEquals("List.size()", 3, list.size());
+
+ for (Movie movie : list) {
+ try {
+ movies.deleteMovie(movie);
+ fail("Employees should not be allowed to delete");
+ } catch (EJBAccessException e) {
+ // Good, Employees cannot delete things
+ }
+ }
+
+ // The list should still be three movies long
+ assertEquals("Movies.getMovies()", 3, movies.getMovies().size());
+ } finally {
+ context.close();
+ }
+ }
+
+ public void testUnauthenticated() throws Exception {
+ try {
+ movies.addMovie(new Movie("Quentin Tarantino", "Reservoir Dogs",
1992));
+ fail("Unauthenticated users should not be able to add movies");
+ } catch (EJBAccessException e) {
+ // Good, guests cannot add things
+ }
+
+ try {
+ movies.deleteMovie(null);
+ fail("Unauthenticated users should not be allowed to delete");
+ } catch (EJBAccessException e) {
+ // Good, Unauthenticated users cannot delete things
+ }
+
+ try {
+ // Read access should be allowed
+
+ List<Movie> list = movies.getMovies();
+
+ } catch (EJBAccessException e) {
+ fail("Read access should be allowed");
+ }
+
+ }
+
+ public void testLoginFailure() throws NamingException {
+ try {
+ getContext("eddie", "panama");
+ fail("supposed to have a login failure here");
+ } catch (javax.naming.AuthenticationException e) {
+ //expected
+ }
+
+ try {
+ getContext("jimmy", "foxylady");
+ fail("supposed to have a login failure here");
+ } catch (javax.naming.AuthenticationException e) {
+ //expected
+ }
+ }
+}
+//END SNIPPET: code
Added:
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/login.config
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/test/resources/login.config?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/login.config
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/login.config
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,5 @@
+MyScriptLogin {
+ org.apache.openejb.core.security.jaas.ScriptLoginModule required
+ engineName="js"
+ scriptURI="";
+};
\ No newline at end of file
Added:
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/loginscript.js
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb/examples/testing-security-4/src/test/resources/loginscript.js?rev=1376573&view=auto
==============================================================================
---
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/loginscript.js
(added)
+++
openejb/trunk/openejb/examples/testing-security-4/src/test/resources/loginscript.js
Thu Aug 23 16:15:30 2012
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+var myImports = new JavaImporter(
+ java.util.Properties,
+ javax.naming.InitialContext
+);
+
+var result = null;
+
+with (myImports) {
+ var p = new Properties();
+ p.put("java.naming.factory.initial",
"org.apache.openejb.client.LocalInitialContextFactory");
+
+ var ctx = new InitialContext(p);
+ var myBean = ctx.lookup("java:global/testing-security-4/LoginBean");
+ result = myBean.authenticate(user, password);
+}
+
+result;
\ No newline at end of file
