Bug 900100 (JBPAPP6-482)
| Summary: | Unexpected failures in authentication tests for WS - incorrect roles annotation processing | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Rostislav Svoboda <rsvoboda> | ||||
| Component: | Web Services | Assignee: | Rostislav Svoboda <rsvoboda> | ||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | |||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | unspecified | CC: | ropalka | ||||
| Target Milestone: | --- | ||||||
| Target Release: | EAP 6.0.0 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| URL: | http://jira.jboss.org/jira/browse/JBPAPP6-482 | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-04-12 12:52:59 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Attachment: Added: TEST-org.jboss.as.test.integration.ws.authentication.EJBEndpointAuthenticationTestCase.xml There are three issues remaining in your tests:
ad1) Don't reuse serviceName & targetNamespace in your tests,
otherwise you will be facing CXF client side caching issues again
ad2) Rewrite your assertions to catch proper exception message
(iow all these lines {code}Assert.assertTrue("HTTPException '403: Forbidden' was expected" ...{code} are wrong assertions)
ad3) Update your test to use @DeclareRoles in order to work properly
{code}
[supernova][/home/opalka/git/jboss-as]>git diff testsuite
diff --git a/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/ws/authentication/EJBEndpoint.java b/testsuite/integration/basic/src/test/java/org/jboss/a
--- a/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/ws/authentication/EJBEndpoint.java
+++ b/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/ws/authentication/EJBEndpoint.java
@@ -23,6 +23,7 @@ package org.jboss.as.test.integration.ws.authentication;
import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
+import javax.annotation.security.DeclareRoles;
import javax.annotation.security.RolesAllowed;
import javax.ejb.Stateless;
import javax.jws.WebService;
@@ -50,6 +51,7 @@ import org.jboss.ws.api.annotation.WebContext;
)
@Stateless
@SecurityDomain("ejb3-tests")
+@DeclareRoles({"Role1", "Role2", "Role3"})
@RolesAllowed("Role1")
public class EJBEndpoint implements EndpointIface ...
{code}
Pull request sent: https://github.com/jbossas/jboss-as/pull/1912 It's passing after applying patch and suggested test modification. Verified on EAP 6.0.0 ER5 Link: Added: This issue relates to AS7-5784 Docs QE Status: Removed: NEW |
project_key: JBPAPP6 I'm working on authentication tests for WS (EJB endpoint for now) and I met some quite tricky behavior. Users in correct roles are not allowed to invoke methods, method with annotation @PermitAll can't be invoked and so on. I tried to move '@RolesAllowed("Role1")' from class level to method level but it didn't help. For example test accessHelloWithValidUser is passing nicely when there are no method level annotations in endpoint implementation but it started to fail when I added '@RolesAllowed("Role2")' to helloForRole method. I think it's a bug but I can't decide if it's EJB or WS related. Please investigate failures in EJBEndpointAuthenticationTestCase or give me some clue what should be broken. Tests - https://github.com/rsvoboda/jboss-as/commit/e731057fcf1ea819b5b8ad2d5a5a1c887a9ad328 Tested with latest AS7 build - bb233e7a5f391a1a50e1ff621eaa13d1c9fc1d1f (JBPAPP-8451 - instance-id setting messes up mod cluster)