use of jakarta.ejb.EJBAccessException in project tomee by apache.
the class RunAsServlet method doGet.
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/plain");
ServletOutputStream out = response.getOutputStream();
out.println("Servlet");
Principal principal = request.getUserPrincipal();
if (principal != null) {
out.println("Servlet.getUserPrincipal()=" + principal + " [" + principal.getName() + "]");
} else {
out.println("Servlet.getUserPrincipal()=<null>");
}
out.println("Servlet.isCallerInRole(\"user\")=" + request.isUserInRole("user"));
out.println("Servlet.isCallerInRole(\"manager\")=" + request.isUserInRole("manager"));
out.println("Servlet.isCallerInRole(\"fake\")=" + request.isUserInRole("fake"));
out.println();
out.println("@EJB=" + secureEJBLocal);
if (secureEJBLocal != null) {
principal = secureEJBLocal.getCallerPrincipal();
if (principal != null) {
out.println("@EJB.getCallerPrincipal()=" + principal + " [" + principal.getName() + "]");
} else {
out.println("@EJB.getCallerPrincipal()=<null>");
}
out.println("@EJB.isCallerInRole(\"user\")=" + secureEJBLocal.isCallerInRole("user"));
out.println("@EJB.isCallerInRole(\"manager\")=" + secureEJBLocal.isCallerInRole("manager"));
out.println("@EJB.isCallerInRole(\"fake\")=" + secureEJBLocal.isCallerInRole("fake"));
try {
secureEJBLocal.allowUserMethod();
out.println("@EJB.allowUserMethod() ALLOWED");
} catch (EJBAccessException e) {
out.println("@EJB.allowUserMethod() DENIED");
}
try {
secureEJBLocal.allowManagerMethod();
out.println("@EJB.allowManagerMethod() ALLOWED");
} catch (EJBAccessException e) {
out.println("@EJB.allowManagerMethod() DENIED");
}
try {
secureEJBLocal.allowFakeMethod();
out.println("@EJB.allowFakeMethod() ALLOWED");
} catch (EJBAccessException e) {
out.println("@EJB.allowFakeMethod() DENIED");
}
try {
secureEJBLocal.denyAllMethod();
out.println("@EJB.denyAllMethod() ALLOWED");
} catch (EJBAccessException e) {
out.println("@EJB.denyAllMethod() DENIED");
}
}
out.println();
}
use of jakarta.ejb.EJBAccessException in project tomee by apache.
the class MovieTest method testAsEmployee.
@Test
public void testAsEmployee() throws Exception {
final Context context = getContext("eddie", "jump");
try {
movies.addMovie(new Movie("Quentin Tarantino", "Reservoir Dogs", 1992));
movies.addMovie(new Movie("Joel Coen", "Fargo", 1996));
movies.addMovie(new Movie("Joel Coen", "The Big Lebowski", 1998));
List<Movie> list = movies.getMovies();
Assert.assertEquals("List.size()", 3, list.size());
for (Movie movie : list) {
try {
movies.deleteMovie(movie);
Assert.fail("Employees should not be allowed to delete");
} catch (EJBAccessException e) {
// Good, Employees cannot delete things
}
}
// The list should still be three movies long
Assert.assertEquals("Movies.getMovies()", 3, movies.getMovies().size());
} finally {
context.close();
}
}
use of jakarta.ejb.EJBAccessException in project tomee by apache.
the class ContractTest method missingCredentials.
@Test
public void missingCredentials() throws NamingException {
try {
hi(new Properties() {
{
setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName());
setProperty(Context.PROVIDER_URL, String.format("http://localhost:%s/tomee/ejb", base.getPort()));
}
});
fail();
} catch (final EJBAccessException eae) {
// no-op
}
}
use of jakarta.ejb.EJBAccessException in project tomee by apache.
the class CmpContainer method invoke.
@Override
public Object invoke(final Object deployID, InterfaceType type, final Class callInterface, final Method callMethod, final Object[] args, final Object primKey) throws OpenEJBException {
final BeanContext beanContext = this.getBeanContext(deployID);
if (beanContext == null) {
throw new OpenEJBException("Deployment does not exist in this container. Deployment(id='" + deployID + "'), Container(id='" + containerID + "')");
}
// Use the backup way to determine call type if null was supplied.
if (type == null) {
type = beanContext.getInterfaceType(callInterface);
}
final ThreadContext callContext = new ThreadContext(beanContext, primKey);
final ThreadContext oldCallContext = ThreadContext.enter(callContext);
try {
final boolean authorized = securityService.isCallerAuthorized(callMethod, type);
if (!authorized) {
throw new ApplicationException(new EJBAccessException("Unauthorized Access by Principal Denied"));
}
final Class declaringClass = callMethod.getDeclaringClass();
final String methodName = callMethod.getName();
if (EJBHome.class.isAssignableFrom(declaringClass) || EJBLocalHome.class.isAssignableFrom(declaringClass)) {
if (declaringClass != EJBHome.class && declaringClass != EJBLocalHome.class) {
if (methodName.startsWith("create")) {
return createEJBObject(callMethod, args, callContext, type);
} else if (methodName.equals("findByPrimaryKey")) {
return findByPrimaryKey(callMethod, args, callContext, type);
} else if (methodName.startsWith("find")) {
return findEJBObject(callMethod, args, callContext, type);
} else {
return homeMethod(callMethod, args, callContext, type);
}
} else if (methodName.equals("remove")) {
removeEJBObject(callMethod, callContext, type);
return null;
}
} else if ((EJBObject.class == declaringClass || EJBLocalObject.class == declaringClass) && methodName.equals("remove")) {
removeEJBObject(callMethod, callContext, type);
return null;
}
// business method
callContext.setCurrentOperation(Operation.BUSINESS);
final Method runMethod = beanContext.getMatchingBeanMethod(callMethod);
callContext.set(Method.class, runMethod);
return businessMethod(callMethod, runMethod, args, callContext, type);
} finally {
ThreadContext.exit(oldCallContext);
}
}
use of jakarta.ejb.EJBAccessException in project tomee by apache.
the class StatefulSecurityPermissionsTest method test.
public void test() throws Exception {
System.setProperty(javax.naming.Context.INITIAL_CONTEXT_FACTORY, InitContextFactory.class.getName());
final Assembler assembler = new Assembler();
final ConfigurationFactory config = new ConfigurationFactory();
assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class));
assembler.createTransactionManager(config.configureService(TransactionServiceInfo.class));
final SecurityServiceInfo securityServiceInfo = config.configureService(SecurityServiceInfo.class);
securityServiceInfo.className = TestSecurityService.class.getName();
assembler.createSecurityService(securityServiceInfo);
final TestSecurityService securityService = (TestSecurityService) SystemInstance.get().getComponent(SecurityService.class);
securityService.login("foo", "Jazz", "Rock", "Reggae", "HipHop");
final EjbJar ejbJar = new EjbJar();
ejbJar.addEnterpriseBean(new StatefulBean(Color.class));
final List<MethodPermission> permissions = ejbJar.getAssemblyDescriptor().getMethodPermission();
permissions.add(new MethodPermission("*", "Color", "*", "Foo"));
permissions.add(new MethodPermission("*", "Color", "create").setUnchecked());
permissions.add(new MethodPermission("*", "Color", "ejbCreate").setUnchecked());
final EjbJarInfo ejbJarInfo = config.configureApplication(ejbJar);
assembler.createApplication(ejbJarInfo);
final InitialContext context = new InitialContext();
{
final ColorLocal color = (ColorLocal) context.lookup("ColorLocal");
assertEquals("Jazz", color.color());
try {
color.color((Object) null);
} catch (final EJBAccessException e) {
assertEquals("Excluded", actual.get());
}
assertEquals("Rock", color.color((String) null));
assertEquals("Unchecked", color.color((Boolean) null));
assertEquals("Reggae", color.color((Integer) null));
}
}
Aggregations