use of javax.ejb.EJBAccessException in project wildfly by wildfly.
the class AnnotationAuthorizationTestCase method testDenyAllOverride_User1.
@Test
public void testDenyAllOverride_User1() throws Exception {
LoginContext lc = Util.getCLMLoginContext("user1", "password1");
lc.login();
try {
try {
denyAllOverrideBean.defaultEcho("1");
fail("Expected EJBAccessException not thrown");
} catch (EJBAccessException ignored) {
}
String response = denyAllOverrideBean.permitAllEcho("2");
assertEquals("2", response);
response = denyAllOverrideBean.role1Echo("3");
assertEquals("3", response);
} finally {
lc.logout();
}
}
use of javax.ejb.EJBAccessException in project wildfly by wildfly.
the class AnnotationAuthorizationTestCase method testRolesAllowedOverridenInBaseClass_Admin.
@Test
public void testRolesAllowedOverridenInBaseClass_Admin() throws Exception {
LoginContext lc = Util.getCLMLoginContext("admin", "admin");
lc.login();
try {
try {
rolesAllowedOverridenBean.aMethod("aMethod");
fail("Expected EJBAccessException not thrown");
} catch (EJBAccessException ignored) {
}
String response = rolesAllowedOverridenBean.bMethod("bMethod");
assertEquals("bMethod", response);
} finally {
lc.logout();
}
}
use of javax.ejb.EJBAccessException in project wildfly by wildfly.
the class SingletonSecurityTestCase method testInvocationOnSecuredMethodWithInCorrectRole.
/**
* Test a method invocation on a singleton bean with an incorrect role.
*
* @throws Exception
*/
@Test
public void testInvocationOnSecuredMethodWithInCorrectRole() throws Exception {
final SingletonSecurity securedSingleton = InitialContext.doLookup("java:module/" + SecuredSingletonBean.class.getSimpleName());
final SecurityClient securityClient = SecurityClientFactory.getSecurityClient();
securityClient.setSimple("user2", "password2");
try {
// login
securityClient.login();
try {
// expects role1, so should fail
securedSingleton.allowedForRole1();
Assert.fail("Call to secured method, with incorrect role, was expected to fail");
} catch (EJBAccessException ejbae) {
// expected
}
} finally {
securityClient.logout();
}
}
use of javax.ejb.EJBAccessException in project wildfly by wildfly.
the class AuthenticationTestCase method testAuthentication_TwoBeans_ReAuth_BadPwd.
// TODO - Similar test with first bean @RunAs - does it make sense to also manually switch?
@Test
public void testAuthentication_TwoBeans_ReAuth_BadPwd() throws Exception {
LoginContext lc = Util.getCLMLoginContext("user1", "password1");
lc.login();
try {
entryBean.doubleWhoAmI("user2", "wrong_password");
fail("Expected EJBAccessException due to bad password not thrown. (EJB 3.1 FR 17.6.9)");
} catch (EJBAccessException ignored) {
} finally {
lc.logout();
}
}
use of javax.ejb.EJBAccessException in project wildfly by wildfly.
the class EJBSecurityTestCase method testExcludeList.
@Test
public void testExcludeList() throws Exception {
final Context ctx = new InitialContext();
final FullAccess fullAccessDDBean = (FullAccess) ctx.lookup("java:module/" + DDBasedSLSB.class.getSimpleName() + "!" + FullAccess.class.getName());
fullAccessDDBean.doAnything();
final DDBasedSLSB ddBasedSLSB = (DDBasedSLSB) ctx.lookup("java:module/" + DDBasedSLSB.class.getSimpleName() + "!" + DDBasedSLSB.class.getName());
try {
ddBasedSLSB.accessDenied();
Assert.fail("Call to accessDenied() method was expected to fail");
} catch (EJBAccessException ejbae) {
// expected
}
try {
ddBasedSLSB.onlyTestRoleCanAccess();
Assert.fail("Call to onlyTestRoleCanAccess() method was expected to fail");
} catch (EJBAccessException ejbae) {
// expected since only TestRole can call that method
}
}
Aggregations