Permalink
Browse files

Added JASPIC test for CDI bean called from SAM using injected request

  • Loading branch information...
arjantijms committed Jul 12, 2016
1 parent 9efdf0e commit d25a239cf4054c02afb1fa171b359b0fda46106e
@@ -1,14 +1,23 @@
package org.javaee7.jaspic.invoke.bean;
import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest;
@Named
@RequestScoped
public class CDIBean {
@Inject
private HttpServletRequest request;
public String getText() {
return "Called from CDI";
}
public void setTextViaInjectedRequest() {
request.setAttribute("text", "Called from CDI via injected request");
}
}
@@ -54,7 +54,7 @@ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
callCDIBean(response, "validateRequest");
callCDIBean(request, response, "validateRequest");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "validateRequest");
}
@@ -84,7 +84,7 @@ public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
callCDIBean(response, "secureResponse");
callCDIBean(request, response, "secureResponse");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "secureResponse");
}
@@ -99,16 +99,21 @@ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthEx
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
callCDIBean(response, "cleanSubject");
callCDIBean(request, response, "cleanSubject");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "cleanSubject");
}
}
private void callCDIBean(HttpServletResponse response, String phase) {
private void callCDIBean(HttpServletRequest request, HttpServletResponse response, String phase) {
try {
CDIBean cdiBean = CDI.current().select(CDIBean.class).get();
response.getWriter().write(phase + ": " + cdiBean.getText());
response.getWriter().write(phase + ": " + cdiBean.getText() + "\n");
cdiBean.setTextViaInjectedRequest();
response.getWriter().write(phase + ": " + request.getAttribute("text")+ "\n");
} catch (Exception e) {
logger.log(SEVERE, "", e);
}
@@ -117,7 +122,7 @@ private void callCDIBean(HttpServletResponse response, String phase) {
private void callEJBBean(HttpServletResponse response, String phase) {
try {
EJBBean ejbBean = (EJBBean) new InitialContext().lookup("java:module/EJBBean");
response.getWriter().write(phase + ": " + ejbBean.getText());
response.getWriter().write(phase + ": " + ejbBean.getText() + "\n");
} catch (Exception e) {
logger.log(SEVERE, "", e);
}
@@ -56,5 +56,35 @@ public void publicInvokeCDIFromSecureResponse() {
response.contains("secureResponse: Called from CDI")
);
}
@Test
public void publicInvokeCDIUseInjectedRequestFromValidateRequest() {
String response = getFromServerPath("public/servlet?tech=cdi");
assertTrue(
"Response did not contain output from CDI bean using an inject request for validateRequest for public resource. (note: this is not required by the spec)",
response.contains("validateRequest: Called from CDI via injected request")
);
}
@Test
public void publicInvokeCDIUseInjectedRequestFromCleanSubject() {
String response = getFromServerPath("public/servlet?tech=cdi");
assertTrue(
"Response did not contain output from CDI bean using an inject request for cleanSubject for public resource. (note: this is not required by the spec)",
response.contains("cleanSubject: Called from CDI via injected request")
);
}
@Test
public void publicInvokeCDIUseInjectedRequestFromSecureResponse() {
String response = getFromServerPath("public/servlet?tech=cdi");
assertTrue(
"Response did not contain output from CDI bean using an inject request for secureResponse for public resource. (note: this is not required by the spec)",
response.contains("secureResponse: Called from CDI via injected request")
);
}
}

0 comments on commit d25a239

Please sign in to comment.