You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Overview

Builds upon the Injection of EntityManager Example but adds the use of @RolesAllowed and @PermitAll in the @Stateful bean to restrict who can perform create, persist and remove operations on the EntityManager. Shows a TestCase using the @RunAs annotation to execute and test the bean code as various users.

In this example we restrict the ability to create Movie Entities to a Manager or an Employee. Reads are open to anyone, logged in or not. And delete operations are only allowed by a Manager.

See the Security Annotations page for a full description of how the security annotations work.

The source for this example is in the "testing-security" directory located in the openejb-examples.zip available on the download page.

The Code

Just as with the Testing Transactions Example the magic of this unit test is in the ManagerBean and EmployeeBean @Stateless beans that we've tucked into our TestCase as inner classes. These beans allow us to execute our test code as either a Manager or as an Employee and test that Movies @Stateful bean is setup to restrict and permit calls according to our intended design.

Error formatting macro: snippet: java.lang.NullPointerException

Writing a unit test for the example

Error formatting macro: snippet: java.lang.NullPointerException

Running

Running the example is fairly simple. In the "testing-security" directory of the examples zip, just run:

$ mvn clean install

Which should create output like the following.

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running org.superbiz.injection.secure.MovieTest
Apache OpenEJB 3.0    build: 20080408-04:13
http://openejb.apache.org/
INFO - openejb.home = /Users/dblevins/work/openejb-3.0/examples/testing-security
INFO - openejb.base = /Users/dblevins/work/openejb-3.0/examples/testing-security
INFO - Configuring Service(id=Default Security Service, type=SecurityService, provider-id=Default Security Service)
INFO - Configuring Service(id=Default Transaction Manager, type=TransactionManager, provider-id=Default Transaction Manager)
INFO - Configuring Service(id=movieDatabaseUnmanaged, type=Resource, provider-id=Default JDBC Database)
INFO - Configuring Service(id=movieDatabase, type=Resource, provider-id=Default JDBC Database)
INFO - Configuring Service(id=Default JDK 1.3 ProxyFactory, type=ProxyFactory, provider-id=Default JDK 1.3 ProxyFactory)
INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes
INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes
INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes
INFO - Configuring Service(id=Default Stateful Container, type=Container, provider-id=Default Stateful Container)
INFO - Auto-creating a container for bean Movies: Container(type=STATEFUL, id=Default Stateful Container)
INFO - Configuring PersistenceUnit(name=movie-unit)
INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes
INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes
INFO - Configuring Service(id=Default Stateless Container, type=Container, provider-id=Default Stateless Container)
INFO - Auto-creating a container for bean EmployeeBean: Container(type=STATELESS, id=Default Stateless Container)
INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes
INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes
INFO - PersistenceUnit(name=movie-unit, provider=org.apache.openjpa.persistence.PersistenceProviderImpl)
ERROR - JAVA AGENT NOT INSTALLED. The JPA Persistence Provider requested installation of a ClassFileTransformer which 
        requires a JavaAgent.  See http://openejb.apache.org/3.0/javaagent.html
INFO - Jndi(name=MoviesLocal) --> Ejb(deployment-id=Movies)
INFO - Created Ejb(deployment-id=Movies, ejb-name=Movies, container=Default Stateful Container)
INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes)
INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes
INFO - Jndi(name=EmployeeBeanLocal) --> Ejb(deployment-id=EmployeeBean)
INFO - Jndi(name=ManagerBeanLocal) --> Ejb(deployment-id=ManagerBean)
INFO - Created Ejb(deployment-id=EmployeeBean, ejb-name=EmployeeBean, container=Default Stateless Container)
INFO - Created Ejb(deployment-id=ManagerBean, ejb-name=ManagerBean, container=Default Stateless Container)
INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes)
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.109 sec

Results :

Tests run: 3, Failures: 0, Errors: 0, Skipped: 0
  • No labels