[WFLY-12190] EJB over HTTP discovery: EjbOverHttpWrongCredentialsTest…

…Case
wildfly · Aug 10, 2020 · 0e609e1 · 0e609e1
1 parent 0ec85a8
commit 0e609e1
Show file tree

Hide file tree

Showing 4 changed files with 155 additions and 11 deletions.
diff --git a/...ion/multinode/src/test/java/org/jboss/as/test/multinode/ejb/http/EjbOverHttpTestCase.java b/...ion/multinode/src/test/java/org/jboss/as/test/multinode/ejb/http/EjbOverHttpTestCase.java
@@ -22,6 +22,7 @@
 
 package org.jboss.as.test.multinode.ejb.http;
 
+import org.jboss.arquillian.container.test.api.Deployer;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.container.test.api.OperateOnDeployment;
 import org.jboss.arquillian.container.test.api.TargetsContainer;
@@ -34,6 +35,7 @@
 import org.jboss.as.controller.operations.common.Util;
 import org.jboss.as.test.integration.security.common.Utils;
 import org.jboss.as.test.shared.ServerReload;
+import org.jboss.as.test.shared.TestSuiteEnvironment;
 import org.jboss.dmr.ModelNode;
 import org.jboss.logging.Logger;
 import org.jboss.shrinkwrap.api.Archive;
@@ -45,6 +47,7 @@
 import org.junit.runner.RunWith;
 
 import javax.naming.InitialContext;
+import java.net.SocketPermission;
 import java.util.Arrays;
 import java.util.Collections;
 
@@ -56,6 +59,7 @@
 import static org.jboss.as.test.shared.integration.ejb.security.PermissionUtils.createFilePermission;
 import static org.jboss.as.test.shared.integration.ejb.security.PermissionUtils.createPermissionsXmlAsset;
 
+
 /**
  * This test che
  *
@@ -65,8 +69,13 @@
 @ServerSetup(EjbOverHttpTestCase.EjbOverHttpTestCaseServerSetup.class)
 public class EjbOverHttpTestCase {
     private static final Logger log = Logger.getLogger(EjbOverHttpTestCase.class);
-    public static final String ARCHIVE_NAME_CLIENT = "ejboverhttp-test-client";
     public static final String ARCHIVE_NAME_SERVER = "ejboverhttp-test-server";
+    public static final String ARCHIVE_NAME_CLIENT = "ejboverhttp-test-client";
+    public static final int NO_EJB_RETURN_CODE = -1;
+    private static final int serverPort = 8180;
+
+    @ArquillianResource
+    private Deployer deployer;
 
     static class EjbOverHttpTestCaseServerSetup implements ServerSetupTask {
 
@@ -108,7 +117,7 @@ public static void printSysProps() {
         log.trace("System properties:\n" + System.getProperties());
     }
 
-    @Deployment(name = "server")
+    @Deployment(name = "server", managed = false)
     @TargetsContainer("multinode-server")
     public static Archive<?> deployment0() {
         JavaArchive jar = createJar(ARCHIVE_NAME_SERVER);
@@ -118,32 +127,54 @@ public static Archive<?> deployment0() {
     @Deployment(name = "client")
     @TargetsContainer("multinode-client")
     public static Archive<?> deployment1() {
-        JavaArchive jar = createJar(ARCHIVE_NAME_CLIENT);
+        JavaArchive clientJar = createClientJar();
+        return clientJar;
+    }
+
+    private static JavaArchive createJar(String archiveName) {
+        JavaArchive jar = ShrinkWrap.create(JavaArchive.class, archiveName + ".jar");
+        jar.addClasses(StatelessBean.class, StatelessLocal.class, StatelessRemote.class);
+        return jar;
+    }
+
+    private static JavaArchive createClientJar() {
+        JavaArchive jar = createJar(EjbOverHttpTestCase.ARCHIVE_NAME_CLIENT);
         jar.addClasses(EjbOverHttpTestCase.class);
         jar.addAsManifestResource("META-INF/jboss-ejb-client-profile.xml", "jboss-ejb-client.xml")
                 .addAsManifestResource("ejb-http-wildfly-config.xml", "wildfly-config.xml")
                 .addAsManifestResource(createPermissionsXmlAsset(createFilePermission("read,write",
                         "jbossas.multinode.client", Arrays.asList("standalone", "data", "ejb-xa-recovery")),
                         createFilePermission("read,write",
-                                "jbossas.multinode.client", Arrays.asList("standalone", "data", "ejb-xa-recovery", "-"))),
+                                "jbossas.multinode.client", Arrays.asList("standalone", "data", "ejb-xa-recovery", "-")),
+                        new SocketPermission(TestSuiteEnvironment.formatPossibleIpv6Address(System.getProperty("node0")) + ":" + serverPort,
+                                "connect,resolve")),
                         "permissions.xml");
         return jar;
     }
 
-    private static JavaArchive createJar(String archiveName) {
-        JavaArchive jar = ShrinkWrap.create(JavaArchive.class, archiveName + ".jar");
-        jar.addClasses(StatelessBean.class, StatelessLocal.class, StatelessRemote.class);
-        return jar;
-    }
-
     @Test
     @OperateOnDeployment("client")
     public void testBasicInvocation(@ArquillianResource InitialContext ctx) throws Exception {
+        deployer.deploy("server");
+
         StatelessRemote bean = (StatelessRemote) ctx.lookup("java:module/" + StatelessBean.class.getSimpleName() + "!"
                 + StatelessRemote.class.getName());
         Assert.assertNotNull(bean);
 
+        // initial discovery
         int methodCount = bean.remoteCall();
         Assert.assertEquals(1, methodCount);
+
+        deployer.undeploy("server");
+
+        //  failed discovery after undeploying server deployment
+        int returnValue = bean.remoteCall();
+        Assert.assertEquals(NO_EJB_RETURN_CODE, returnValue);
+
+        deployer.deploy("server");
+
+        // rediscovery after redeployment
+        methodCount = bean.remoteCall();
+        Assert.assertEquals(1, methodCount);
     }
 }
diff --git a/...c/test/java/org/jboss/as/test/multinode/ejb/http/EjbOverHttpWrongCredentialsTestCase.java b/...c/test/java/org/jboss/as/test/multinode/ejb/http/EjbOverHttpWrongCredentialsTestCase.java
@@ -0,0 +1,85 @@
+package org.jboss.as.test.multinode.ejb.http;
+
+import static org.jboss.as.test.shared.integration.ejb.security.PermissionUtils.createFilePermission;
+import static org.jboss.as.test.shared.integration.ejb.security.PermissionUtils.createPermissionsXmlAsset;
+
+import java.net.SocketPermission;
+import java.util.Arrays;
+import javax.naming.InitialContext;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.OperateOnDeployment;
+import org.jboss.arquillian.container.test.api.TargetsContainer;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.as.arquillian.api.ServerSetup;
+import org.jboss.as.test.shared.TestSuiteEnvironment;
+import org.jboss.shrinkwrap.api.Archive;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+/**
+ * EJB over HTTP remote call should fail with incorrect wildfly-config.xml credentials
+ *
+ * @author <a href="mailto:szhantem@redhat.com">Sultan Zhantemirov</a>
+ */
+@RunWith(Arquillian.class)
+@ServerSetup(EjbOverHttpTestCase.EjbOverHttpTestCaseServerSetup.class)
+public class EjbOverHttpWrongCredentialsTestCase {
+
+    public static final String ARCHIVE_NAME_SERVER = "ejboverhttp-test-server";
+    public static final String ARCHIVE_NAME_CLIENT_WRONG_CREDENTIALS = "ejboverhttp-test-client-wrong-credentials";
+    private static final int serverPort = 8180;
+
+    @Deployment(name = "server")
+    @TargetsContainer("multinode-server")
+    public static Archive<?> deployment0() {
+        JavaArchive jar = createJar(ARCHIVE_NAME_SERVER);
+        return jar;
+    }
+
+    @Deployment(name = "client-wrong-credentials")
+    @TargetsContainer("multinode-client")
+    public static Archive<?> deployment1() {
+        JavaArchive jar = createClientJar();
+        return jar;
+    }
+
+    private static JavaArchive createJar(String archiveName) {
+        JavaArchive jar = ShrinkWrap.create(JavaArchive.class, archiveName + ".jar");
+        jar.addClasses(StatelessBean.class, StatelessLocal.class, StatelessRemote.class);
+        return jar;
+    }
+
+    private static JavaArchive createClientJar() {
+        JavaArchive jar = createJar(EjbOverHttpWrongCredentialsTestCase.ARCHIVE_NAME_CLIENT_WRONG_CREDENTIALS);
+        jar.addClasses(EjbOverHttpTestCase.class);
+        jar.addAsManifestResource("META-INF/jboss-ejb-client-profile.xml", "jboss-ejb-client.xml")
+                .addAsManifestResource("ejb-http-wildfly-config-wrong.xml", "wildfly-config.xml")
+                .addAsManifestResource(createPermissionsXmlAsset(createFilePermission("read,write",
+                        "jbossas.multinode.client", Arrays.asList("standalone", "data", "ejb-xa-recovery")),
+                        createFilePermission("read,write",
+                                "jbossas.multinode.client", Arrays.asList("standalone", "data", "ejb-xa-recovery", "-")),
+                        new SocketPermission(TestSuiteEnvironment.formatPossibleIpv6Address(System.getProperty("node0")) + ":" + serverPort,
+                                "connect,resolve")),
+                        "permissions.xml");
+        return jar;
+    }
+
+    @Test
+    @OperateOnDeployment("client-wrong-credentials")
+    public void testBasicInvocationWithWrongCredentials(@ArquillianResource InitialContext ctx) throws Exception {
+        StatelessRemote bean = (StatelessRemote) ctx.lookup("java:module/" + StatelessBean.class.getSimpleName() + "!"
+                + StatelessRemote.class.getName());
+        Assert.assertNotNull(bean);
+
+        try {
+            int methodCount = bean.remoteCall();
+            Assert.assertEquals(EjbOverHttpTestCase.NO_EJB_RETURN_CODE, methodCount);
+        } catch (javax.naming.AuthenticationException e) {
+            // expected
+        }
+    }
+}
diff --git a/...tegration/multinode/src/test/java/org/jboss/as/test/multinode/ejb/http/StatelessBean.java b/...tegration/multinode/src/test/java/org/jboss/as/test/multinode/ejb/http/StatelessBean.java
@@ -25,6 +25,7 @@
 import org.jboss.logging.Logger;
 
 import javax.ejb.Local;
+import javax.ejb.NoSuchEJBException;
 import javax.ejb.Remote;
 import javax.ejb.Stateless;
 import javax.naming.Context;
@@ -53,7 +54,11 @@ public int remoteCall() throws Exception {
         log.trace("Calling Remote... " + jndiContext.getEnvironment());
         StatelessRemote stateless = (StatelessRemote) jndiContext.lookup("ejb:/" +EjbOverHttpTestCase.ARCHIVE_NAME_SERVER
                 + "//" + StatelessBean.class.getSimpleName() + "!" + StatelessRemote.class.getName());
-        return stateless.method();
+        try {
+            return stateless.method();
+        } catch (NoSuchEJBException e) {
+            return EjbOverHttpTestCase.NO_EJB_RETURN_CODE;
+        }
     }
 
     public int method() throws Exception {

diff --git a/testsuite/integration/multinode/src/test/resources/ejb-http-wildfly-config-wrong.xml b/testsuite/integration/multinode/src/test/resources/ejb-http-wildfly-config-wrong.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <authentication-client xmlns="urn:elytron:1.0">
+        <authentication-rules>
+            <rule use-configuration="jta">
+                <match-protocol name="http"/>
+            </rule>
+        </authentication-rules>
+        <authentication-configurations>
+            <configuration name="jta">
+                <sasl-mechanism-selector selector="DIGEST-MD5"/>
+                <providers>
+                    <use-service-loader />
+                </providers>
+                <set-user-name name="remoteejbuser"/>
+                <credentials>
+                    <clear-password password="wrong-password"/>
+                </credentials>
+                <set-mechanism-realm name="ApplicationRealm" />
+            </configuration>
+        </authentication-configurations>
+    </authentication-client>
+</configuration>