Overview

Builds upon the Injection of EntityManager Example but adds the use of @RolesAllowed and @PermitAll in the @Stateful bean to restrict who can perform create, persist and remove operations on the EntityManager. Shows a TestCase using the @RunAs annotation to execute and test the bean code as various users.

In this example we restrict the ability to create Movie Entities to a Manager or an Employee. Reads are open to anyone, logged in or not. And delete operations are only allowed by a Manager.

See the Security Annotations page for a full description of how the security annotations work.

The source for this example is in the "testing-security" directory located in the openejb-examples.zip available on the download page.

The Code

Just as with the Testing Transactions Example the magic of this unit test is in the ManagerBean and EmployeeBean @Stateless beans that we've tucked into our TestCase as inner classes. These beans allow us to execute our test code as either a Manager or as an Employee and test that Movies @Stateful bean is setup to restrict and permit calls according to our intended design.

{snippet:id=code|url=openejb3/examples/testing-security/src/main/java/org/superbiz/injection/secure/MoviesImpl.java|lang=java}

Writing a unit test for the example

{snippet:id=code|url=openejb3/examples/testing-security/src/test/java/org/superbiz/injection/secure/MovieTest.java|lang=java}

Curious on the InitialContext parameters used? See the Injection of DataSource Example for an explanation of how any Resource can be configured via properties in the TestCase itself or via an openejb.xml file.

Running

Running the example is fairly simple. In the "testing-security" directory of the examples zip, just run:

$ mvn clean install

Which should create output like the following.

------------------------------------------------------- T E S T S ------------------------------------------------------- Running org.superbiz.injection.secure.MovieTest Apache OpenEJB 3.0 build: 20080408-04:13 http://openejb.apache.org/ INFO - openejb.home = /Users/dblevins/work/openejb-3.0/examples/testing-security INFO - openejb.base = /Users/dblevins/work/openejb-3.0/examples/testing-security INFO - Configuring Service(id=Default Security Service, type=SecurityService, provider-id=Default Security Service) INFO - Configuring Service(id=Default Transaction Manager, type=TransactionManager, provider-id=Default Transaction Manager) INFO - Configuring Service(id=movieDatabaseUnmanaged, type=Resource, provider-id=Default JDBC Database) INFO - Configuring Service(id=movieDatabase, type=Resource, provider-id=Default JDBC Database) INFO - Configuring Service(id=Default JDK 1.3 ProxyFactory, type=ProxyFactory, provider-id=Default JDK 1.3 ProxyFactory) INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Configuring Service(id=Default Stateful Container, type=Container, provider-id=Default Stateful Container) INFO - Auto-creating a container for bean Movies: Container(type=STATEFUL, id=Default Stateful Container) INFO - Configuring PersistenceUnit(name=movie-unit) INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Configuring Service(id=Default Stateless Container, type=Container, provider-id=Default Stateless Container) INFO - Auto-creating a container for bean EmployeeBean: Container(type=STATELESS, id=Default Stateless Container) INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - PersistenceUnit(name=movie-unit, provider=org.apache.openjpa.persistence.PersistenceProviderImpl) ERROR - JAVA AGENT NOT INSTALLED. The JPA Persistence Provider requested installation of a ClassFileTransformer which requires a JavaAgent. See http://openejb.apache.org/3.0/javaagent.html INFO - Jndi(name=MoviesLocal) --> Ejb(deployment-id=Movies) INFO - Created Ejb(deployment-id=Movies, ejb-name=Movies, container=Default Stateful Container) INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes) INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Jndi(name=EmployeeBeanLocal) --> Ejb(deployment-id=EmployeeBean) INFO - Jndi(name=ManagerBeanLocal) --> Ejb(deployment-id=ManagerBean) INFO - Created Ejb(deployment-id=EmployeeBean, ejb-name=EmployeeBean, container=Default Stateless Container) INFO - Created Ejb(deployment-id=ManagerBean, ejb-name=ManagerBean, container=Default Stateless Container) INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes) Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.109 sec Results : Tests run: 3, Failures: 0, Errors: 0, Skipped: 0
  • No labels