Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added test to see if a logout from the web propagates to EJB #290

Merged
merged 2 commits into from Feb 23, 2015
Merged

Added test to see if a logout from the web propagates to EJB #290

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4cfb36a
Merge pull request #1 from javaee-samples/master
arjantijms Feb 23, 2015
4cc2ccc
Added test to see if a logout from the web propagates to EJB
arjantijms Feb 23, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 1 addition & 2 deletions jaspic/ejb-propagation/pom.xml
View file
Open in desktop
Expand Up @@ -8,9 +8,8 @@
<version>1.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<groupId>org.javaee7</groupId>

<artifactId>jaspic-ejb-propagation</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>Java EE 7 Sample: jaspic - ejb-propagation</name>

Expand Down
56 changes: 56 additions & 0 deletions ...src/main/java/org/javaee7/jaspic/ejbpropagation/servlet/PublicServletPublicEJBLogout.java
View file
Open in desktop
@@ -0,0 +1,56 @@
package org.javaee7.jaspic.ejbpropagation.servlet;

import java.io.IOException;

import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.javaee7.jaspic.ejbpropagation.ejb.PublicEJB;

/**
*
* @author Arjan Tijms
*
*/
@WebServlet(urlPatterns = "/public/servlet-public-ejb-logout")
public class PublicServletPublicEJBLogout extends HttpServlet {

private static final long serialVersionUID = 1L;

@EJB
private PublicEJB publicEJB;

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

String webName = null;
if (request.getUserPrincipal() != null) {
webName = request.getUserPrincipal().getName();
}

String ejbName = publicEJB.getUserName();

request.logout();
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}

String webNameAfterLogout = null;
if (request.getUserPrincipal() != null) {
webNameAfterLogout = request.getUserPrincipal().getName();
}

String ejbNameAfterLogout = publicEJB.getUserName();

response.getWriter().write("web username: " + webName + "\n" + "EJB username: " + ejbName + "\n");
response.getWriter().write("web username after logout: " + webNameAfterLogout + "\n" + "EJB username after logout: " + ejbNameAfterLogout + "\n");

}

}
62 changes: 62 additions & 0 deletions ...ation/src/test/java/org/javaee7/jaspic/ejbpropagation/PublicEJBPropagationLogoutTest.java
View file
Open in desktop
@@ -0,0 +1,62 @@
package org.javaee7.jaspic.ejbpropagation;

import static org.junit.Assert.assertTrue;
import static org.junit.Assert.assertFalse;

import java.io.IOException;

import org.javaee7.jaspic.common.ArquillianBase;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.xml.sax.SAXException;

/**
* This tests that the established authenticated identity propagates correctly
* from the web layer to a "public" EJB (an EJB without declarative role
* checking) and that after logging out but still within the same request this
* identity is cleared.
*
* @author Arjan Tijms
*
*/
@RunWith(Arquillian.class)
public class PublicEJBPropagationLogoutTest extends ArquillianBase {

@Deployment(testable = false)
public static WebArchive createDeployment() {
return defaultArchive();
}

@Test
public void testProtectedServletWithLoginCallingEJB() throws IOException, SAXException {

String response = getFromServerPath("public/servlet-public-ejb-logout?doLogin");

System.out.println(response);

// Both the web (HttpServletRequest) and EJB (EJBContext) should see the
// same
// user name.

assertTrue(response.contains("web username: test"));
assertTrue("Web has user principal set, but EJB not.", response.contains("EJB username: test"));


// After logging out, both the web and EJB should no longer see the user
// name

assertFalse(
"Web module did not clear authenticated identity after logout",
response.contains("web username after logout: test")
);
assertFalse(
"EJB did not clear authenticated identity after logout",
response.contains("EJB username after logout: test")
);

}

}