Repository: tomee Updated Branches: refs/heads/tomee-1.7.x c9075f34f -> 0f3ae49a1
Slightly improve CDI event realm and remove any JAXRS deps Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/0f3ae49a Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/0f3ae49a Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/0f3ae49a Branch: refs/heads/tomee-1.7.x Commit: 0f3ae49a1960f3ba1b8370225c2422ff681914cd Parents: c9075f3 Author: Jean-Louis Monteiro <[email protected]> Authored: Thu Jan 8 19:01:06 2015 +0100 Committer: Jean-Louis Monteiro <[email protected]> Committed: Thu Jan 8 19:01:06 2015 +0100 ---------------------------------------------------------------------- .../arquillian-tomee-webprofile-tests/pom.xml | 6 -- .../tests/realm/CdiEventRealmIntegTest.java | 83 +++++--------------- .../tests/realm/MultiAuthenticator.java | 28 +++++++ .../arquillian/tests/realm/MyService.java | 42 ++++++++++ .../tomee/catalina/realm/CdiEventRealm.java | 20 +++-- 5 files changed, 103 insertions(+), 76 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/0f3ae49a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/pom.xml ---------------------------------------------------------------------- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/pom.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/pom.xml index c47e955..a081f41 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/pom.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/pom.xml @@ -41,12 +41,6 @@ <version>1.9.5</version> <scope>test</scope> </dependency> - <dependency> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-rt-frontend-jaxrs</artifactId> - <version>${cxf.version}</version> - <scope>test</scope> - </dependency> </dependencies> <build> http://git-wip-us.apache.org/repos/asf/tomee/blob/0f3ae49a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/CdiEventRealmIntegTest.java ---------------------------------------------------------------------- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/CdiEventRealmIntegTest.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/CdiEventRealmIntegTest.java index 136caba..3baa3b5 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/CdiEventRealmIntegTest.java +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/CdiEventRealmIntegTest.java @@ -16,12 +16,9 @@ */ package org.apache.openejb.arquillian.tests.realm; -import jdk.nashorn.internal.ir.annotations.Ignore; import org.apache.catalina.authenticator.BasicAuthenticator; -import org.apache.catalina.realm.GenericPrincipal; -import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.openejb.loader.IO; import org.apache.tomee.catalina.realm.CdiEventRealm; -import org.apache.tomee.catalina.realm.event.UserPasswordAuthenticationEvent; import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.junit.Arquillian; import org.jboss.arquillian.test.api.ArquillianResource; @@ -33,27 +30,21 @@ import org.jboss.shrinkwrap.api.spec.WebArchive; import org.junit.Test; import org.junit.runner.RunWith; -import javax.annotation.security.RolesAllowed; -import javax.ejb.Singleton; -import javax.enterprise.context.RequestScoped; -import javax.enterprise.event.Observes; -import javax.inject.Inject; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.core.Response; +import javax.xml.bind.DatatypeConverter; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.net.HttpURLConnection; import java.net.URL; -import java.util.Arrays; import static org.junit.Assert.assertEquals; @RunWith(Arquillian.class) -@Ignore public class CdiEventRealmIntegTest { @Deployment(testable = false) public static Archive<?> war() { return ShrinkWrap.create(WebArchive.class, "realm-test.war") .addClasses(MultiAuthenticator.class, MyService.class) - .addAsWebResource(EmptyAsset.INSTANCE, "beans.xml") + .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml") .addAsManifestResource(new StringAsset("<Context preemptiveAuthentication=\"true\" antiJARLocking=\"true\">\n" + "<Valve className=\"" + BasicAuthenticator.class.getName() + "\" />\n" + "<Realm className=\"" + CdiEventRealm.class.getName() + "\" />\n" + @@ -64,61 +55,29 @@ public class CdiEventRealmIntegTest { private URL webapp; @Test - public void success() { - final String val = WebClient.create(webapp.toExternalForm(), "admin", "secret", null) - .path("/test").get(String.class); - - assertEquals("ok", val); + public void success() throws IOException { + ByteArrayOutputStream res = new ByteArrayOutputStream(); + IO.copy(connection("test", "admin", "secret").getInputStream(), res); + assertEquals("ok", new String(res.toByteArray())); } @Test - public void notAuthorized() { - final Response val = WebClient.create(webapp.toExternalForm(), "user", "secret", null) - .path("/test").get(); - - assertEquals(403, val.getStatus()); + public void notAuthorized() throws IOException { + assertEquals(403, connection("test", "user", "secret").getResponseCode()); } @Test - public void notAuthenticated() { - final Response val = WebClient.create(webapp.toExternalForm(), "admin", "bla bla", null) - .path("/test").get(); - - assertEquals(401, val.getStatus()); - } - - - @Path("/test") - @Singleton - public static class MyService { - @Inject - private MultiAuthenticator authenticator; - - @GET - @RolesAllowed("admin") - public String hello() { - return authenticator.isStacked() ? "ok" : "ko"; - } + public void notAuthenticated() throws IOException { + assertEquals(401, connection("test", "admin", "bla bla").getResponseCode()); } - @RequestScoped - public static class MultiAuthenticator { - private boolean stacked = false; - - public void authenticate(@Observes final UserPasswordAuthenticationEvent event) { - if (!"secret".equals(event.getCredential())) { - return; // not authenticated - } - event.setPrincipal(new GenericPrincipal(event.getUsername(), "", Arrays.asList(event.getUsername()))); - } - - public void stacked(@Observes final UserPasswordAuthenticationEvent event) { - stacked = true; - } - - public boolean isStacked() { - return stacked; - } + private HttpURLConnection connection(final String path, final String username, final String password) throws IOException { + final HttpURLConnection con = (HttpURLConnection) new URL(webapp.toExternalForm() + path).openConnection(); + String userCredentials = username + ":" + password; + String basicAuth = "Basic " + DatatypeConverter.printBase64Binary(userCredentials.getBytes()); + con.setRequestProperty("Authorization", basicAuth); + con.setUseCaches(false); + return con; } } http://git-wip-us.apache.org/repos/asf/tomee/blob/0f3ae49a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MultiAuthenticator.java ---------------------------------------------------------------------- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MultiAuthenticator.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MultiAuthenticator.java new file mode 100644 index 0000000..8d9e49b --- /dev/null +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MultiAuthenticator.java @@ -0,0 +1,28 @@ +package org.apache.openejb.arquillian.tests.realm; + +import org.apache.catalina.realm.GenericPrincipal; +import org.apache.tomee.catalina.realm.event.UserPasswordAuthenticationEvent; + +import javax.enterprise.context.RequestScoped; +import javax.enterprise.event.Observes; +import java.util.Arrays; + +@RequestScoped +public class MultiAuthenticator { + private boolean stacked = false; + + public void authenticate(@Observes final UserPasswordAuthenticationEvent event) { + if (!"secret".equals(event.getCredential())) { + return; // not authenticated + } + event.setPrincipal(new GenericPrincipal(event.getUsername(), "", Arrays.asList(event.getUsername()))); + } + + public void stacked(@Observes final UserPasswordAuthenticationEvent event) { + stacked = true; + } + + public boolean isStacked() { + return stacked; + } +} http://git-wip-us.apache.org/repos/asf/tomee/blob/0f3ae49a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MyService.java ---------------------------------------------------------------------- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MyService.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MyService.java new file mode 100644 index 0000000..47b2513 --- /dev/null +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/realm/MyService.java @@ -0,0 +1,42 @@ +package org.apache.openejb.arquillian.tests.realm; + +import javax.annotation.security.RolesAllowed; +import javax.ejb.Singleton; +import javax.inject.Inject; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +@WebServlet("/test") +public class MyService extends HttpServlet { + @Inject + private MultiAuthenticator authenticator; + + @Inject + private MyAwesomeEjb ejb; + + @Override + protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + // invoke the ejb to make sure security is applied + try { + ejb.hello(); + } catch (Exception e) { + resp.sendError(403); + } + + final String result = authenticator.isStacked() ? "ok" : "ko"; + resp.setContentType("text/plain"); + resp.getWriter().write(result); + } + + @Singleton + public static class MyAwesomeEjb { + @RolesAllowed("admin") + public String hello() { + return "hello"; + } + } +} http://git-wip-us.apache.org/repos/asf/tomee/blob/0f3ae49a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/realm/CdiEventRealm.java ---------------------------------------------------------------------- diff --git a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/realm/CdiEventRealm.java b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/realm/CdiEventRealm.java index ab76781..2588820 100644 --- a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/realm/CdiEventRealm.java +++ b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/realm/CdiEventRealm.java @@ -42,47 +42,51 @@ public class CdiEventRealm extends RealmBase { @Override public Principal authenticate(final String username, final String credentials) { - if (beanManager() == null) { + final BeanManager beanManager = beanManager(); + if (beanManager == null) { return null; } final UserPasswordAuthenticationEvent event = new UserPasswordAuthenticationEvent(username, credentials); - beanManager().fireEvent(event); + beanManager.fireEvent(event); return event.getPrincipal(); } @Override public Principal authenticate(final String username, final String digest, final String nonce, final String nc, final String cnonce, final String qop, final String realm, final String md5a2) { - if (beanManager() == null) { + final BeanManager beanManager = beanManager(); + if (beanManager == null) { return null; } final DigestAuthenticationEvent event = new DigestAuthenticationEvent(username, digest, nonce, nc, cnonce, qop, realm, md5a2); - beanManager().fireEvent(event); + beanManager.fireEvent(event); return event.getPrincipal(); } @Override public Principal authenticate(final GSSContext gssContext, final boolean storeCreds) { - if (beanManager() == null) { + final BeanManager beanManager = beanManager(); + if (beanManager == null) { return null; } final GssAuthenticationEvent event = new GssAuthenticationEvent(gssContext, storeCreds); - beanManager().fireEvent(event); + beanManager.fireEvent(event); return event.getPrincipal(); } @Override public Principal authenticate(final X509Certificate[] certs) { - if (beanManager() == null) { + final BeanManager beanManager = beanManager(); + if (beanManager == null) { return null; } final SslAuthenticationEvent event = new SslAuthenticationEvent(certs); - beanManager().fireEvent(event); + beanManager.fireEvent(event); return event.getPrincipal(); }
