User: starksm
Date: 01/06/15 01:48:25
Modified: src/resources/security/META-INF ejb-jar.xml jboss-spec.xml
Log:
Add tests of the EJB2.0 security-identity/run-as element
Revision Changes Path
1.7 +85 -4 jbosstest/src/resources/security/META-INF/ejb-jar.xml
Index: ejb-jar.xml
===================================================================
RCS file: /cvsroot/jboss/jbosstest/src/resources/security/META-INF/ejb-jar.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ejb-jar.xml 2001/06/14 23:57:13 1.6
+++ ejb-jar.xml 2001/06/15 08:48:25 1.7
@@ -55,13 +55,41 @@
<remote>org.jboss.test.security.interfaces.StatelessSession</remote>
<ejb-link>StatelessSession</ejb-link>
</ejb-ref>
- <security-role-ref>
- <role-name>Echo</role-name>
- <role-link>Echo</role-link>
- </security-role-ref>
</session>
<session>
+ <description>A secured trival echo session bean that uses PrivateEntity,
+ StatelessSession and itself via a runAs identity</description>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <home>org.jboss.test.security.interfaces.StatelessSessionHome</home>
+ <remote>org.jboss.test.security.interfaces.StatelessSession</remote>
+ <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean3</ejb-class>
+ <session-type>Stateless</session-type>
+ <transaction-type>Container</transaction-type>
+ <ejb-ref>
+ <ejb-ref-name>ejb/Entity</ejb-ref-name>
+ <ejb-ref-type>Entity</ejb-ref-type>
+ <home>org.jboss.test.security.interfaces.EntityHome</home>
+ <remote>org.jboss.test.security.interfaces.Entity</remote>
+ <ejb-link>PrivateEntity</ejb-link>
+ </ejb-ref>
+ <ejb-ref>
+ <ejb-ref-name>ejb/Session</ejb-ref-name>
+ <ejb-ref-type>Session</ejb-ref-type>
+ <home>org.jboss.test.security.interfaces.StatelessSessionHome</home>
+ <remote>org.jboss.test.security.interfaces.StatelessSession</remote>
+ <ejb-link>StatelessSession</ejb-link>
+ </ejb-ref>
+ <security-identity>
+ <description>Use a role that is not assigned to any users to
+ access restricted server side functionallity</description>
+ <run-as>
+ <role-name>InternalRole</role-name>
+ </run-as>
+ </security-identity>
+ </session>
+
+ <session>
<description>An unsecured trival echo session bean</description>
<ejb-name>UnsecureStatelessSession</ejb-name>
<home>org.jboss.test.security.interfaces.StatelessSessionHome</home>
@@ -104,6 +132,17 @@
<prim-key-class>java.lang.String</prim-key-class>
<reentrant>False</reentrant>
</entity>
+ <entity>
+ <description>A trival echo entity bean that should only be
+ accessible via other beans</description>
+ <ejb-name>PrivateEntity</ejb-name>
+ <home>org.jboss.test.security.interfaces.EntityHome</home>
+ <remote>org.jboss.test.security.interfaces.Entity</remote>
+ <ejb-class>org.jboss.test.security.ejb.EntityBeanImpl</ejb-class>
+ <persistence-type>Bean</persistence-type>
+ <prim-key-class>java.lang.String</prim-key-class>
+ <reentrant>False</reentrant>
+ </entity>
</enterprise-beans>
<assembly-descriptor>
@@ -111,6 +150,12 @@
<description>The role required to invoke the echo method</description>
<role-name>Echo</role-name>
</security-role>
+ <security-role>
+ <description>The role used to prevent access to the PrivateEntity
+ bean from external users.
+ </description>
+ <role-name>InternalRole</role-name>
+ </security-role>
<!-- The methods the Echo role can access -->
<method-permission>
@@ -141,6 +186,42 @@
<method>
<ejb-name>Entity</ejb-name>
<method-name>*</method-name>
+ </method>
+
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>create</method-name>
+ </method>
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>remove</method-name>
+ </method>
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>echo</method-name>
+ </method>
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>forward</method-name>
+ </method>
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>noop</method-name>
+ </method>
+ </method-permission>
+
+ <!-- The methods the InternalRole role can access -->
+ <method-permission>
+ <role-name>InternalRole</role-name>
+
+ <method>
+ <ejb-name>PrivateEntity</ejb-name>
+ <method-name>*</method-name>
+ </method>
+
+ <method>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <method-name>excluded</method-name>
</method>
</method-permission>
1.5 +21 -1 jbosstest/src/resources/security/META-INF/jboss-spec.xml
Index: jboss-spec.xml
===================================================================
RCS file: /cvsroot/jboss/jbosstest/src/resources/security/META-INF/jboss-spec.xml,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- jboss-spec.xml 2001/06/13 04:54:06 1.4
+++ jboss-spec.xml 2001/06/15 08:48:25 1.5
@@ -1,6 +1,9 @@
<?xml version="1.0"?>
-<!-- The jboss.xml descriptor for the security-spec.jar ejb unit -->
+<!-- The jboss.xml descriptor for the security-spec.jar ejb unit.
+This descriptor redefines the JNDI names of the beans in the ejb-jar.xml
+descriptor so that there is no conflict with the security.jar deployment.
+-->
<jboss>
<container-configurations>
<!-- StatelessSession beans are secure by default -->
@@ -49,6 +52,10 @@
<jndi-name>spec.Entity</jndi-name>
</session>
<session>
+ <ejb-name>PrivateEntity</ejb-name>
+ <jndi-name>spec.PrivateEntity</jndi-name>
+ </session>
+ <session>
<ejb-name>StatelessSession</ejb-name>
<jndi-name>spec.StatelessSession</jndi-name>
<configuration-name>Standard Stateless SessionBean</configuration-name>
@@ -60,6 +67,19 @@
<ejb-ref>
<ejb-ref-name>ejb/Entity</ejb-ref-name>
<jndi-name>spec.Entity</jndi-name>
+ </ejb-ref>
+ <ejb-ref>
+ <ejb-ref-name>ejb/Session</ejb-ref-name>
+ <jndi-name>spec.StatelessSession</jndi-name>
+ </ejb-ref>
+ </session>
+ <session>
+ <ejb-name>RunAsStatelessSession</ejb-name>
+ <jndi-name>spec.RunAsStatelessSession</jndi-name>
+ <configuration-name>Standard Stateless SessionBean</configuration-name>
+ <ejb-ref>
+ <ejb-ref-name>ejb/Entity</ejb-ref-name>
+ <jndi-name>spec.PrivateEntity</jndi-name>
</ejb-ref>
<ejb-ref>
<ejb-ref-name>ejb/Session</ejb-ref-name>
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
