Search in sources :

Example 1 with JNDIManagedRuntime

use of org.apache.openjpa.ee.JNDIManagedRuntime in project eap-additional-testsuite by jboss-set.

the class JaxbProviderDeserializationSecurityCheckTestCase method testOpenjpaService.

@ATTest({ "modules/testcases/jdkAll/Wildfly/jaxrs/src/main/java#16.0.0.Beta1", "modules/testcases/jdkAll/WildflyRelease-17.0.0.Final/jaxrs/src/main/java", "modules/testcases/jdkAll/Eap72x/jaxrs/src/main/java#7.2.1", "modules/testcases/jdkAll/Eap72x-Proposed/jaxrs/src/main/java#7.2.1", "modules/testcases/jdkAll/Eap71x/jaxrs/src/main/java#7.1.6", "modules/testcases/jdkAll/Eap71x-Proposed/jaxrs/src/main/java#7.1.6" })
@Test
public void testOpenjpaService() throws Exception {
    String result = performCall("rest/jaxb/openjpa");
    try {
        JNDIManagedRuntime jaxbModel = new ObjectMapper().configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false).readValue(result, JNDIManagedRuntime.class);
        Assert.fail("Should prevente json deserialization because of security reasons.");
    } catch (JsonMappingException e) {
        Assert.assertTrue("Should prevente json deserialization because of security reasons.", e.getMessage().contains("Illegal type"));
    }
}
Also used : JNDIManagedRuntime(org.apache.openjpa.ee.JNDIManagedRuntime) JsonMappingException(com.fasterxml.jackson.databind.JsonMappingException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ATTest(org.jboss.eap.additional.testsuite.annotations.ATTest) Test(org.junit.Test) ATTest(org.jboss.eap.additional.testsuite.annotations.ATTest)

Example 2 with JNDIManagedRuntime

use of org.apache.openjpa.ee.JNDIManagedRuntime in project eap-additional-testsuite by jboss-set.

the class JaxbProviderDeserializationSecurityCheck5TestCase method testOpenjpaService.

@Test
public void testOpenjpaService() throws Exception {
    String result = performCall("rest/jaxb/openjpa");
    try {
        JNDIManagedRuntime jaxbModel = new ObjectMapper().configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false).readValue(result, JNDIManagedRuntime.class);
        Assert.fail("Should prevente json deserialization because of security reasons.");
    } catch (JsonMappingException e) {
        Assert.assertTrue("Should prevente json deserialization because of security reasons.", e.getMessage().contains("Illegal type"));
    }
}
Also used : JNDIManagedRuntime(org.apache.openjpa.ee.JNDIManagedRuntime) JsonMappingException(com.fasterxml.jackson.databind.JsonMappingException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ATTest(org.jboss.eap.additional.testsuite.annotations.ATTest) Test(org.junit.Test)

Aggregations

JsonMappingException (com.fasterxml.jackson.databind.JsonMappingException)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 JNDIManagedRuntime (org.apache.openjpa.ee.JNDIManagedRuntime)2 ATTest (org.jboss.eap.additional.testsuite.annotations.ATTest)2 Test (org.junit.Test)2