I got the 2.4.1a/Tomcat bundle to pass all the tests by copying a javac.jar
into lib/ext.
Would you confirm whether your 2.4.1a is the same as the simple 2.4.1 release
available from SF - I need to decide what to make my next release on top of..
I have done some more testing and it looks like my troubles boil down to
changed behaviour in Jetty.
Thanks for the help,
Jules
Scott M Stark wrote:
> 2.4.1 tomcat bundle had a bug in it. The 2.4.1a bundle which is the only
> bundle available from sourceforge currently passes all tests. Complete
> security integration cannot be done at the AbstractWebContainer level as
> every
> web container has its own security api.
>
> The AbstractWebContainer makes the security manager associated with the
> jboss-web.xml/security-domain element available to the web application via
> JNDI under the name java:comp/env/security.
>
> This is how the org.jboss.jetty.JBossUserRealm integrates with the JBossSX
> api.
>
> ----- Original Message -----
> From: "Julian Gosnell" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, September 24, 2001 1:56 PM
> Subject: [JBoss-dev] 2.4.1 : jbosstest - web tests - changes ?
>
> >
> > I'm gearing up for a new JBoss/Jetty release.
> >
> > When I run the web tests from jbosstest I get the following :
> >
> > run-testcase:
> > [junit] Running org.jboss.test.web.test.TestWebIntegration
> > [junit] Found warDeployer named: :service=Jetty
> > [junit] Deploying: jbosstest-web.ear...Done
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/restricted/SecureServlet
> > [junit] responseCode=403, response=Forbidden
> > [junit] <HTML>
> > [junit] <HEAD>
> > [junit] <TITLE>Error 403 Forbidden</TITLE>
> > [junit] <BODY>
> > [junit] <H2>HTTP ERROR: 403 Forbidden</H2>
> > [junit] <P>RequestURI=/jbosstest/restricted/SecureServlet<!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE -->
> > [junit] </BODY>
> > [junit] </HTML>
> > [junit]
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/ClientLoginServlet
> > [junit] responseCode=200, response=OK
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/EJBOnStartupServlet
> > [junit] responseCode=200, response=OK
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/EJBServlet
> > [junit] responseCode=200, response=OK
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/ENCServlet
> > [junit] responseCode=200, response=OK
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/restricted/include_ejb.jsp
> >
> > [junit] responseCode=403, response=Forbidden
> > [junit] <HTML>
> > [junit] <HEAD>
> > [junit] <TITLE>Error 403 Forbidden</TITLE>
> > [junit] <BODY>
> > [junit] <H2>HTTP ERROR: 403 Forbidden</H2>
> > [junit] <P>RequestURI=/jbosstest/restricted/include_ejb.jsp<!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE -->
> > [junit] </BODY>
> > [junit] </HTML>
> > [junit]
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/restricted/SecureEJBAccess
> >
> > [junit] responseCode=403, response=Forbidden
> > [junit] <HTML>
> > [junit] <HEAD>
> > [junit] <TITLE>Error 403 Forbidden</TITLE>
> > [junit] <BODY>
> > [junit] <H2>HTTP ERROR: 403 Forbidden</H2>
> > [junit] <P>RequestURI=/jbosstest/restricted/SecureEJBAccess<!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE -->
> > [junit] </BODY>
> > [junit] </HTML>
> > [junit]
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/restricted/SecureServlet
> > [junit] responseCode=403, response=Forbidden
> > [junit] <HTML>
> > [junit] <HEAD>
> > [junit] <TITLE>Error 403 Forbidden</TITLE>
> > [junit] <BODY>
> > [junit] <H2>HTTP ERROR: 403 Forbidden</H2>
> > [junit] <P>RequestURI=/jbosstest/restricted/SecureServlet<!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE --><!--
> > Padding for IE -->
> > [junit] </BODY>
> > [junit] </HTML>
> > [junit]
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/snoop.jsp
> > [junit] responseCode=200, response=OK
> > [junit] Connecting to:
> > http://jduke:theduke@localhost:8080/jbosstest/UnsecureEJBAccess
> > [junit] responseCode=200, response=OK
> > [junit] Tests run: 11, Failures: 4, Errors: 0, Time elapsed: 8.229
> > sec
> > [junit] TEST org.jboss.test.web.test.TestWebIntegration FAILED
> >
> > BUILD SUCCESSFUL
> >
> > Total time: 9 seconds
> > [jules@zeuglodon jetty]$
> >
> >
> > It looks as there are still some gaps in the security integration.
> >
> > I ran the same test on the latest JBoss/Tomcat bundle - it failed
> > aswell, although I think it passed a couple more tests than Jetty.
> > I have been trying to figure out when the tests stopped running on
> > Jetty.
> >
> > Can anyone tell me what the integration or web-container should be doing
> > in order to pass these tests ? Perhaps this is something that should be
> > in AbstractWebContainer ?
> >
> > I have had a look through jbosstest and it seems to boil dow to the
> > contents of the roles.properties file which ships in the ejb-jar of the
> > test ear, whilst security is also set up in the war's web.xml.
> >
> > If there are servlets being deployed into a restricted context, but the
> > security information is only made available to the ejb container, how is
> > this intended to work ?
> >
> > I'm afraid that the security stuff is something that I still haven't
> > quite come to grips with, so if someone could help me out here I would
> > really appreciate it.
> >
> > Perhaps 2.4.1 based distributions are not expected to pass this
> > testsuite anymore as it now contains 2.4.2-isms ?
> >
> >
> >
> > Jules
> >
>
> _______________________________________________
> Jboss-development mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-development
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
