Author: jgallimore
Date: Mon May 19 11:14:12 2014
New Revision: 1595830
URL: http://svn.apache.org/r1595830
Log:
TOMEE-1213 propagate security-role-ref from EnterpriseBeanInfo to BeanContext.
Use this when checking callerInRole()
Added:
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
URL:
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
---
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
(original)
+++
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/BeanContext.java
Mon May 19 11:14:12 2014
@@ -246,6 +246,8 @@ public class BeanContext extends Deploym
private Stateful stateful;
private Cmp cmp;
private LegacyView legacyView;
+
+ private final Map<String, String> securityRoleReferences = new
HashMap<String, String>();
/**
* TODO: Move to MethodContext
@@ -1773,6 +1775,15 @@ public class BeanContext extends Deploym
((EjbTimerServiceImpl) ejbTimerService).stop();
}
}
+
+ public void addSecurityRoleReference(final String roleName, final String
roleLink) {
+ securityRoleReferences.put(roleName, roleLink);
+ }
+
+ public String getSecurityRoleReference(final String roleName) {
+ final String roleLink = securityRoleReferences.get(roleName);
+ return roleLink != null ? roleLink : roleName;
+ }
private static class Cmp {
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
URL:
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
---
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
(original)
+++
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/EnterpriseBeanBuilder.java
Mon May 19 11:14:12 2014
@@ -319,6 +319,10 @@ class EnterpriseBeanBuilder {
deployment.createAsynchronousMethodSet();
}
+ for (final SecurityRoleReferenceInfo securityRoleReference :
bean.securityRoleReferences) {
+
deployment.addSecurityRoleReference(securityRoleReference.roleName,
securityRoleReference.roleLink);
+ }
+
return deployment;
}
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
URL:
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java?rev=1595830&r1=1595829&r2=1595830&view=diff
==============================================================================
---
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
(original)
+++
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/BaseContext.java
Mon May 19 11:14:12 2014
@@ -116,7 +116,12 @@ public abstract class BaseContext implem
protected boolean isCallerInRole(final SecurityService securityService,
final String roleName) {
check(Call.isCallerInRole);
- return securityService.isCallerInRole(roleName);
+
+ final ThreadContext threadContext = ThreadContext.getThreadContext();
+ final BeanContext di = threadContext.getBeanContext();
+ final String roleLink = di.getSecurityRoleReference(roleName);
+
+ return securityService.isCallerInRole(roleLink);
}
@Override
Added:
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
URL:
http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java?rev=1595830&view=auto
==============================================================================
---
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
(added)
+++
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/EjbSecurityRoleRefTest.java
Mon May 19 11:14:12 2014
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.assembler.classic;
+
+import java.util.Properties;
+
+import javax.annotation.Resource;
+import javax.ejb.SessionContext;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+
+import junit.framework.TestCase;
+
+import org.apache.openejb.config.AppModule;
+import org.apache.openejb.config.ConfigurationFactory;
+import org.apache.openejb.config.EjbModule;
+import org.apache.openejb.core.LocalInitialContextFactory;
+import org.apache.openejb.jee.EjbJar;
+import org.apache.openejb.jee.SecurityRoleRef;
+import org.apache.openejb.jee.StatelessBean;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.ContainerSystem;
+
+/**
+ * Test to ensure that the role-name/role-link elements in security-role-ref
work correctly
+ */
+public class EjbSecurityRoleRefTest extends TestCase {
+ private InitialContext context;
+ private Assembler assembler;
+ private ConfigurationFactory config;
+
+ protected void setUp() throws Exception {
+ config = new ConfigurationFactory();
+ assembler = new Assembler();
+
+
assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class));
+
assembler.createTransactionManager(config.configureService(TransactionServiceInfo.class));
+
assembler.createSecurityService(config.configureService(SecurityServiceInfo.class));
+
assembler.createContainer(config.configureService(StatelessSessionContainerInfo.class));
+
+ final Properties props = new Properties();
+ props.setProperty(Context.SECURITY_PRINCIPAL, "jonathan");
+ props.setProperty(Context.SECURITY_CREDENTIALS, "secret");
+ props.setProperty(Context.INITIAL_CONTEXT_FACTORY,
LocalInitialContextFactory.class.getName());
+ context = new InitialContext(props);
+ }
+
+ protected void tearDown() throws Exception {
+ for (AppInfo appInfo : assembler.getDeployedApplications()) {
+ assembler.destroyApplication(appInfo.path);
+ }
+ SystemInstance.get().setComponent(Assembler.class, null);
+ SystemInstance.get().setComponent(ContainerSystem.class, null);
+ super.tearDown();
+ }
+
+ public void testShouldCheckUserRole() throws Exception {
+ EjbJar ejbJar = new EjbJar();
+ StatelessBean statelessBean = new StatelessBean(UserBean.class);
+ SecurityRoleRef securityRoleRef = new SecurityRoleRef();
+ securityRoleRef.setRoleName("TEST");
+ securityRoleRef.setRoleLink("committer");
+ statelessBean.getSecurityRoleRef().add(securityRoleRef);
+ ejbJar.addEnterpriseBean(statelessBean);
+
+ AppModule app = new AppModule(this.getClass().getClassLoader(),
"classpath-" + ejbJar.hashCode());
+ app.getEjbModules().add(new EjbModule(ejbJar));
+ assembler.createApplication(config.configureApplication(app));
+
+ User user = (User) context.lookup("UserBeanLocal");
+ assertTrue(user.isUserInRole());
+ }
+
+ public static interface User {
+ public boolean isUserInRole();
+ }
+
+ public static class UserBean implements User {
+
+ @Resource
+ private SessionContext context;
+
+ @Override
+ public boolean isUserInRole() {
+ return context.isCallerInRole("TEST");
+ }
+ }
+}
