Permalink
Browse files

Added JASPIC test for CDI bean called from SAM using injected request

  • Loading branch information...
1 parent 9efdf0e commit d25a239cf4054c02afb1fa171b359b0fda46106e @arjantijms arjantijms committed Jul 12, 2016
@@ -1,14 +1,23 @@
package org.javaee7.jaspic.invoke.bean;
import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
@Named
@RequestScoped
public class CDIBean {
+
+ @Inject
+ private HttpServletRequest request;
public String getText() {
return "Called from CDI";
}
+ public void setTextViaInjectedRequest() {
+ request.setAttribute("text", "Called from CDI via injected request");
+ }
+
}
@@ -54,7 +54,7 @@ public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
- callCDIBean(response, "validateRequest");
+ callCDIBean(request, response, "validateRequest");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "validateRequest");
}
@@ -84,7 +84,7 @@ public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
- callCDIBean(response, "secureResponse");
+ callCDIBean(request, response, "secureResponse");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "secureResponse");
}
@@ -99,16 +99,21 @@ public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthEx
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
- callCDIBean(response, "cleanSubject");
+ callCDIBean(request, response, "cleanSubject");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "cleanSubject");
}
}
- private void callCDIBean(HttpServletResponse response, String phase) {
+ private void callCDIBean(HttpServletRequest request, HttpServletResponse response, String phase) {
try {
CDIBean cdiBean = CDI.current().select(CDIBean.class).get();
- response.getWriter().write(phase + ": " + cdiBean.getText());
+ response.getWriter().write(phase + ": " + cdiBean.getText() + "\n");
+
+ cdiBean.setTextViaInjectedRequest();
+
+ response.getWriter().write(phase + ": " + request.getAttribute("text")+ "\n");
+
} catch (Exception e) {
logger.log(SEVERE, "", e);
}
@@ -117,7 +122,7 @@ private void callCDIBean(HttpServletResponse response, String phase) {
private void callEJBBean(HttpServletResponse response, String phase) {
try {
EJBBean ejbBean = (EJBBean) new InitialContext().lookup("java:module/EJBBean");
- response.getWriter().write(phase + ": " + ejbBean.getText());
+ response.getWriter().write(phase + ": " + ejbBean.getText() + "\n");
} catch (Exception e) {
logger.log(SEVERE, "", e);
}
@@ -56,5 +56,35 @@ public void publicInvokeCDIFromSecureResponse() {
response.contains("secureResponse: Called from CDI")
);
}
+
+ @Test
+ public void publicInvokeCDIUseInjectedRequestFromValidateRequest() {
+ String response = getFromServerPath("public/servlet?tech=cdi");
+
+ assertTrue(
+ "Response did not contain output from CDI bean using an inject request for validateRequest for public resource. (note: this is not required by the spec)",
+ response.contains("validateRequest: Called from CDI via injected request")
+ );
+ }
+
+ @Test
+ public void publicInvokeCDIUseInjectedRequestFromCleanSubject() {
+ String response = getFromServerPath("public/servlet?tech=cdi");
+
+ assertTrue(
+ "Response did not contain output from CDI bean using an inject request for cleanSubject for public resource. (note: this is not required by the spec)",
+ response.contains("cleanSubject: Called from CDI via injected request")
+ );
+ }
+
+ @Test
+ public void publicInvokeCDIUseInjectedRequestFromSecureResponse() {
+ String response = getFromServerPath("public/servlet?tech=cdi");
+
+ assertTrue(
+ "Response did not contain output from CDI bean using an inject request for secureResponse for public resource. (note: this is not required by the spec)",
+ response.contains("secureResponse: Called from CDI via injected request")
+ );
+ }
}

0 comments on commit d25a239

Please sign in to comment.