Example 16 with ElytronPermission
use of org.wildfly.security.permission.ElytronPermission in project wildfly by wildfly.
the class IIOPSecurityInvocationTestCase method clientDeployment.
@Deployment(name = "client", testable = true)
@TargetsContainer("iiop-client")
public static Archive<?> clientDeployment() {
/*
* The @EJB annotation doesn't allow to specify the address dynamically. So, istead of
* @EJB(lookup = "corbaname:iiop:localhost:3628#IIOPTransactionalStatelessBean")
* private IIOPTransactionalHome home;
* we need to do this trick to get the ${node0} sys prop into ejb-jar.xml
* and have it injected that way.
*/
String ejbJar = FileUtils.readFile(IIOPSecurityInvocationTestCase.class, "ejb-jar.xml");
final Properties properties = new Properties();
properties.putAll(System.getProperties());
if (properties.containsKey("node1")) {
properties.put("node1", NetworkUtils.formatPossibleIpv6Address((String) properties.get("node1")));
}
final JavaArchive jar = ShrinkWrap.create(JavaArchive.class, "client.jar");
jar.addClasses(ClientEjb.class, IIOPSecurityStatelessHome.class, IIOPSecurityStatelessRemote.class, IIOPSecurityInvocationTestCase.class, Util.class).addAsManifestResource(IIOPSecurityInvocationTestCase.class.getPackage(), "jboss-ejb3.xml", "jboss-ejb3.xml").addAsManifestResource(new StringAsset(PropertiesValueResolver.replaceProperties(ejbJar, properties)), "ejb-jar.xml").addAsManifestResource(PermissionUtils.createPermissionsXmlAsset(new ElytronPermission("authenticate"), new ElytronPermission("getSecurityDomain"), new ElytronPermission("getPrivateCredentials")), "permissions.xml");
return jar;
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
Util(org.jboss.as.test.shared.integration.ejb.security.Util)
Properties(java.util.Properties)
ElytronPermission(org.wildfly.security.permission.ElytronPermission)
JavaArchive(org.jboss.shrinkwrap.api.spec.JavaArchive)
OperateOnDeployment(org.jboss.arquillian.container.test.api.OperateOnDeployment)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
TargetsContainer(org.jboss.arquillian.container.test.api.TargetsContainer)
Example 17 with ElytronPermission
use of org.wildfly.security.permission.ElytronPermission in project wildfly by wildfly.
the class RemoteIdentityTestCase method createDeployment.
/**
* Creates a deployment application for this test.
*
* @return
* @throws IOException
*/
@Deployment
public static JavaArchive createDeployment() throws IOException {
final JavaArchive jar = ShrinkWrap.create(JavaArchive.class, EJBUtil.APPLICATION_NAME + ".jar");
jar.addClasses(SecurityInformation.class, IntermediateAccess.class, EntryBean.class, SecuredBean.class, Util.class);
jar.addAsManifestResource(createPermissionsXmlAsset(// testSwitched(), i.e. org.jboss.as.test.shared.integration.ejb.security.Util#getCLMLoginContext(username, password), needs the following
new AuthPermission("modifyPrincipals"), // testSwitched(), i.e. org.jboss.as.test.shared.integration.ejb.security.Util#switchIdentity(String, String, Callable<T>, boolean), i.e. SecurityDomain.getCurrent(), needs the following
new ElytronPermission("getSecurityDomain"), // and testSwitched() -> Util.switchIdentity() -> securityDomain.authenticate(...) needs the following
new ElytronPermission("authenticate")), "permissions.xml");
return jar;
}
Also used :
AuthPermission(javax.security.auth.AuthPermission)
ElytronPermission(org.wildfly.security.permission.ElytronPermission)
JavaArchive(org.jboss.shrinkwrap.api.spec.JavaArchive)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
Example 18 with ElytronPermission
use of org.wildfly.security.permission.ElytronPermission in project wildfly by wildfly.
the class RunAsPrincipalTestCase method runAsDeployment.
@Deployment
public static Archive<?> runAsDeployment() {
// using JavaArchive doesn't work, because of a bug in Arquillian, it only deploys wars properly
final WebArchive war = ShrinkWrap.create(WebArchive.class, DEPLOYMENT + ".war").addPackage(WhoAmI.class.getPackage()).addClass(SimpleSingletonBean.class).addClass(StatelessSingletonUseBean.class).addClass(Util.class).addClass(Entry.class).addClass(RunAsPrincipalTestCase.class).addClass(TestLogHandlerSetupTask.class).addClass(LoggingUtil.class).addClasses(AbstractSecurityDomainSetup.class, EjbSecurityDomainSetup.class).addAsWebInfResource(RunAsPrincipalTestCase.class.getPackage(), "jboss-ejb3.xml", "jboss-ejb3.xml").addAsManifestResource(new StringAsset("Dependencies: org.jboss.as.controller-client,org.jboss.dmr\n"), "MANIFEST.MF").addAsManifestResource(createPermissionsXmlAsset(new ElytronPermission("getSecurityDomain"), new PropertyPermission("jboss.server.log.dir", "read"), PermissionUtils.createFilePermission("read", "standalone", "log", TEST_LOG_FILE_NAME), new ElytronPermission("authenticate"), new ElytronPermission("getIdentity"), new ElytronPermission("createAdHocIdentity"), new ChangeRoleMapperPermission("ejb"), new ElytronPermission("setRunAsPrincipal")), "permissions.xml");
war.addPackage(CommonCriteria.class.getPackage());
return war;
}
Also used :
TestLogHandlerSetupTask(org.jboss.as.test.shared.TestLogHandlerSetupTask)
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
PropertyPermission(java.util.PropertyPermission)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
CommonCriteria(org.jboss.as.test.categories.CommonCriteria)
StatelessSingletonUseBean(org.jboss.as.test.integration.ejb.security.runasprincipal.transitive.StatelessSingletonUseBean)
ElytronPermission(org.wildfly.security.permission.ElytronPermission)
ChangeRoleMapperPermission(org.wildfly.security.auth.permission.ChangeRoleMapperPermission)
AbstractSecurityDomainSetup(org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup)
OperateOnDeployment(org.jboss.arquillian.container.test.api.OperateOnDeployment)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
Example 19 with ElytronPermission
use of org.wildfly.security.permission.ElytronPermission in project wildfly by wildfly.
the class AuthenticationTestCase method deployment.
@Deployment
public static Archive<?> deployment() {
final String SERVER_HOST_PORT = TestSuiteEnvironment.getHttpAddress() + ":" + TestSuiteEnvironment.getHttpPort();
final Package currentPackage = AuthenticationTestCase.class.getPackage();
// using JavaArchive doesn't work, because of a bug in Arquillian, it only deploys wars properly
final WebArchive war = ShrinkWrap.create(WebArchive.class, "ejb3security.war").addPackage(WhoAmIBean.class.getPackage()).addPackage(EntryBean.class.getPackage()).addClass(WhoAmI.class).addClass(Util.class).addClass(Entry.class).addClasses(WhoAmIServlet.class, AuthenticationTestCase.class).addClasses(AbstractSecurityDomainSetup.class, EjbSecurityDomainSetup.class).addAsResource(currentPackage, "users.properties", "users.properties").addAsResource(currentPackage, "roles.properties", "roles.properties").addAsWebInfResource(currentPackage, "web.xml", "web.xml").addAsWebInfResource(currentPackage, "jboss-web.xml", "jboss-web.xml").addAsWebInfResource(currentPackage, "jboss-ejb3.xml", "jboss-ejb3.xml").addAsManifestResource(new StringAsset("Manifest-Version: 1.0\nDependencies: org.jboss.as.controller-client,org.jboss.dmr\n"), "MANIFEST.MF").addAsManifestResource(createPermissionsXmlAsset(// login module needs to modify principal to commit logging in
new AuthPermission("modifyPrincipals"), // AuthenticationTestCase#execute calls ExecutorService#shutdownNow
new RuntimePermission("modifyThread"), // AuthenticationTestCase#execute calls sun.net.www.http.HttpClient#openServer under the hood
new SocketPermission(SERVER_HOST_PORT, "connect,resolve"), new ElytronPermission("getSecurityDomain"), new ElytronPermission("authenticate")), "permissions.xml");
war.addPackage(CommonCriteria.class.getPackage());
return war;
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
AuthPermission(javax.security.auth.AuthPermission)
WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive)
SocketPermission(java.net.SocketPermission)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
EntryBean(org.jboss.as.test.integration.ejb.security.authentication.EntryBean)
CommonCriteria(org.jboss.as.test.categories.CommonCriteria)
ElytronPermission(org.wildfly.security.permission.ElytronPermission)
AbstractSecurityDomainSetup(org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
Example 20 with ElytronPermission
use of org.wildfly.security.permission.ElytronPermission in project wildfly by wildfly.
the class RunAsEjbMdbTestCase method runAsEJB3.
@Deployment(testable = false, managed = true, name = "ejb3", order = 2)
public static Archive<?> runAsEJB3() {
final JavaArchive jar = ShrinkWrap.create(JavaArchive.class, "runasmdbejb-ejb3.jar").addClasses(HelloBean.class, Hello.class, HolaBean.class, Hola.class, Howdy.class, HowdyBean.class, HelloMDB.class, TimeoutUtil.class);
// TODO WFLY-15289 Should these permissions be required?
jar.addAsResource(createPermissionsXmlAsset(new PropertyPermission("ts.timeout.factor", "read"), new ElytronPermission("setRunAsPrincipal"), new ElytronPermission("handleSecurityEvent"), new ChangeRoleMapperPermission("ejb")), "META-INF/jboss-permissions.xml");
jar.addAsManifestResource(new StringAsset("Dependencies: deployment.runasmdbejb-ejb2.jar \n"), "MANIFEST.MF");
return jar;
}
Also used :
StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset)
PropertyPermission(java.util.PropertyPermission)
ElytronPermission(org.wildfly.security.permission.ElytronPermission)
JavaArchive(org.jboss.shrinkwrap.api.spec.JavaArchive)
ChangeRoleMapperPermission(org.wildfly.security.auth.permission.ChangeRoleMapperPermission)
Deployment(org.jboss.arquillian.container.test.api.Deployment)
Aggregations
Deployment (org.jboss.arquillian.container.test.api.Deployment)27
ElytronPermission (org.wildfly.security.permission.ElytronPermission)27
OperateOnDeployment (org.jboss.arquillian.container.test.api.OperateOnDeployment)17
JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)15
CommonCriteria (org.jboss.as.test.categories.CommonCriteria)13
StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)13
WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)12
AbstractSecurityDomainSetup (org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup)6
ChangeRoleMapperPermission (org.wildfly.security.auth.permission.ChangeRoleMapperPermission)6
AuthPermission (javax.security.auth.AuthPermission)5
TargetsContainer (org.jboss.arquillian.container.test.api.TargetsContainer)4
Properties (java.util.Properties)3
PropertyPermission (java.util.PropertyPermission)3
Util (org.jboss.as.test.shared.integration.ejb.security.Util)3
SocketPermission (java.net.SocketPermission)2
EjbElytronDomainSetup (org.wildfly.test.security.common.elytron.EjbElytronDomainSetup)2
ElytronDomainSetup (org.wildfly.test.security.common.elytron.ElytronDomainSetup)2
ServletElytronDomainSetup (org.wildfly.test.security.common.elytron.ServletElytronDomainSetup)2
FilePermission (java.io.FilePermission)1
SecurityPermission (java.security.SecurityPermission)1
