Repository: tomee Updated Branches: refs/heads/master cf6a82a91 -> afd8f8062
format Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/afd8f806 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/afd8f806 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/afd8f806 Branch: refs/heads/master Commit: afd8f80624bc4e9e63b37b3b7871f0f2a990d621 Parents: cf6a82a Author: Jean-Louis Monteiro <[email protected]> Authored: Wed Jan 2 22:16:57 2019 +0100 Committer: Jean-Louis Monteiro <[email protected]> Committed: Wed Jan 2 22:16:57 2019 +0100 ---------------------------------------------------------------------- examples/simple-remote-tomcatusers/README.adoc | 210 ++++++++++---------- 1 file changed, 105 insertions(+), 105 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/afd8f806/examples/simple-remote-tomcatusers/README.adoc ---------------------------------------------------------------------- diff --git a/examples/simple-remote-tomcatusers/README.adoc b/examples/simple-remote-tomcatusers/README.adoc index 2f65df7..642a2a0 100644 --- a/examples/simple-remote-tomcatusers/README.adoc +++ b/examples/simple-remote-tomcatusers/README.adoc @@ -1,106 +1,106 @@ -index-group=Unrevised -type=page -status=published - -= Simple Remote Tomcatusers - -This is an example on how to use JNDI with security restrictions in TomEE. - - -== Contract - -In our example Contract is an interface annotated with @Remote which indicates that all methods of this interface can be accessed by client code. -[source,java] ----- - - @Remote - public interface Contract { - String hi(); - } ----- -== ContractImpl - -ContractImpl is a concrete implementation of the Contract interface restricting access to the hi method for users with role test. - -[source,java] ----- -public class ContractImpl implements Contract { - @Override - @RolesAllowed("test") - public String hi() { - return "hi"; - } -} ----- - -== ContractTest - -In this class we test the correctness of our application with Arquillian by creating a war with Contract and ContractImpl classes and deploying to -an embedded TomEE server with the war name test.war. In arquillian.xml we specify that arquillian pick tomcat-users.xml from src/test/conf folder. -In tomcat-users.xml there is a single user with username "tomcat", password="users" and role "test". - -To test we lookup for the ContractImpl and call the hi method using different usernames and passwords. - - -[source,java] ----- -@RunWith(Arquillian.class) -public class ContractTest { - @Deployment(testable = false) - public static Archive<?> app() { - return ShrinkWrap.create(WebArchive.class, "test.war") - .addClasses(Contract.class, ContractImpl.class); - } - - @ArquillianResource - private URL base; - - @Test - public void valid() throws NamingException { - assertEquals("hi", hi(new Properties() {{ - setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); - setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); - setProperty(Context.SECURITY_PRINCIPAL, "tomcat"); - setProperty(Context.SECURITY_CREDENTIALS, "users"); - }})); - } - - @Test - public void invalid() throws NamingException { - try { - hi(new Properties() {{ - setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); - setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); - setProperty(Context.SECURITY_PRINCIPAL, "tomcat"); - setProperty(Context.SECURITY_CREDENTIALS, "wrong"); - }}); - fail(); - } catch (final AuthenticationException ae) { - // ok - } - } - - @Test - public void missingCredentials() throws NamingException { - try { - hi(new Properties() {{ - setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); - setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); - }}); - fail(); - } catch (final EJBAccessException eae) { - // no-op - } - } - - private String hi(final Properties clientConfig) throws NamingException { - return Contract.class.cast(new InitialContext(clientConfig).lookup("java:global/test/ContractImpl!org.superbiz.Contract")).hi(); - } -} ----- - -== Run the application: - - mvn install - +index-group=Unrevised +type=page +status=published + += Simple Remote Tomcatusers + +This is an example on how to use JNDI with security restrictions in TomEE. + + +== Contract + +In our example Contract is an interface annotated with @Remote which indicates that all methods of this interface can be accessed by client code. +[source,java] +---- + + @Remote + public interface Contract { + String hi(); + } +---- +== ContractImpl + +ContractImpl is a concrete implementation of the Contract interface restricting access to the hi method for users with role test. + +[source,java] +---- +public class ContractImpl implements Contract { + @Override + @RolesAllowed("test") + public String hi() { + return "hi"; + } +} +---- + +== ContractTest + +In this class we test the correctness of our application with Arquillian by creating a war with Contract and ContractImpl classes and deploying to +an embedded TomEE server with the war name test.war. In arquillian.xml we specify that arquillian pick tomcat-users.xml from src/test/conf folder. +In tomcat-users.xml there is a single user with username "tomcat", password="users" and role "test". + +To test we lookup for the ContractImpl and call the hi method using different usernames and passwords. + + +[source,java] +---- +@RunWith(Arquillian.class) +public class ContractTest { + @Deployment(testable = false) + public static Archive<?> app() { + return ShrinkWrap.create(WebArchive.class, "test.war") + .addClasses(Contract.class, ContractImpl.class); + } + + @ArquillianResource + private URL base; + + @Test + public void valid() throws NamingException { + assertEquals("hi", hi(new Properties() {{ + setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); + setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); + setProperty(Context.SECURITY_PRINCIPAL, "tomcat"); + setProperty(Context.SECURITY_CREDENTIALS, "users"); + }})); + } + + @Test + public void invalid() throws NamingException { + try { + hi(new Properties() {{ + setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); + setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); + setProperty(Context.SECURITY_PRINCIPAL, "tomcat"); + setProperty(Context.SECURITY_CREDENTIALS, "wrong"); + }}); + fail(); + } catch (final AuthenticationException ae) { + // ok + } + } + + @Test + public void missingCredentials() throws NamingException { + try { + hi(new Properties() {{ + setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName()); + setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb";, base.getPort())); + }}); + fail(); + } catch (final EJBAccessException eae) { + // no-op + } + } + + private String hi(final Properties clientConfig) throws NamingException { + return Contract.class.cast(new InitialContext(clientConfig).lookup("java:global/test/ContractImpl!org.superbiz.Contract")).hi(); + } +} +---- + +== Run the application: + + mvn install + All test cases will pass. \ No newline at end of file
