Hi Sanjeewa, Thanks for sharing the very useful web app which can use for testing security scenarios. I am in the process of implementing automated test case for security manager in AS. So I can use this web application. but Need to do some slight changes. I will implement test case for above operations in AS.
Thanks, Nuwanw On Tue, Dec 16, 2014 at 5:51 PM, Sanjeewa Malalgoda <[email protected]> wrote: > > Hi All, > I have created web application which we can use for security manager > tests. With this rest service we can perform basic security tests like file > copy, delete, system property read etc. Also added sample Jmeter test case > to verify its functionality. You need to deploy this in tenant space and > call rest APIs as follows. As we have planned to implement test cases for > security manager and test products with security manager decided to add > this source[1] to git repo. > > [1] > https://github.com/sanjeewa-malalgoda/test-apps/tree/master/security-check > > > Requests should be send with following format: > > HTTP GET - Read file (complete file path) > > https://test.com/t/xxx.xxx/webapps/security-check/directFile?fileName=repository/conf/axis2/axis2.xml > > HTTP POST - Create file (complete file path) > > https://test.com/t/xxx.xxx/webapps/security-check/directFile?fileName=repository/conf/axis2/axis2.xml-dummy > > HTTP DELETE - Delete file in Server (complete file path) > > https://test.com/t/xxx.xxx/webapps/security-check/directFile?fileName=repository/conf/axis2/axis2.xml-dummy > > HTTP GET - Read file (file path from carbon server home) > > https://test.com/t/xxx.xxx/webapps/security-check/file?fileName=repository/conf/axis2/axis2.xml > > HTTP POST - Create file (file path from carbon server home) > > https://test.com/t/xxx.xxx/webapps/security-check/file?fileName=repository/conf/axis2/axis2.xml-dummy > > HTTP DELETE - Delete file in Server (file path from carbon server home) > > https://test.com/t/xxx.xxx/webapps/security-check/file?fileName=repository/conf/axis2/axis2.xml-dummy > > HTTP GET - Read system property > https://test.com/t/xxx.xxx/webapps/security-check/systemProperty/java.home > > HTTP POST - Copy files in server using carbon Utility methods > > https://test.com/t/xxx.xxx/webapps/security-check/fileCopy?source=repository/conf/axis2/axis2.xml&destination=repository/conf/axis2/axis2.xml-dummy > > HTTP POST - Delete files in server using carbon Utils > > https://test.com/t/xxx.xxx/webapps/security-check/fileDelete?path=repository/conf/axis2/axis2.xml_PT > > HTTP POST - Get registryDBConfig as string > https://test.com/t/xxx.xxx/webapps/security-check/registryDBConfig > > HTTP POST - Get userManagerDBConfig config as string > https://test.com/t/xxx.xxx/webapps/security-check/userManagerDBConfig > > HTTP GET - Get network configs as string > https://test.com/t/xxx.xxx/webapps/security-check/networkConfigs > > HTTP GET - Get server configuration as string > https://test.com/t/xxx.xxx/webapps/security-check/serverConfiguration > > HTTP POST - Get network configs as string > > https://test.com/t/xxx.xxx/webapps/security-check/networkConfigs?hostName=test.org&mgtHostName=test1.org > > ============Following operations will not be covered using Java security > Manager========= > HTTP POST - Generate OOM > https://test.com/t/xxx.xxx/webapps/security-check/memory?operation=oom > > HTTP POST - Generate high CPU > https://test.com/t/xxx.xxx/webapps/security-check/memory?operation=cpu > > HTTP POST - Generate system call > https://test.com/t/xxx.xxx/webapps/security-check/memory?operation=kill > > > > Thanks, > sanjeewa. > > -- > > *Sanjeewa Malalgoda* > WSO2 Inc. > Mobile : +94713068779 > > <http://sanjeewamalalgoda.blogspot.com/>blog > :http://sanjeewamalalgoda.blogspot.com/ > <http://sanjeewamalalgoda.blogspot.com/> > > > -- Nuwan Wimalasekara Senior Software Engineer - Test Automation WSO2, Inc.: http://wso2.com lean. enterprise. middleware phone: +94 71 668 4620
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
