桂林旅游网站制作公司,wordpress 菜单编辑,昆明旅行社网站开发,西湖 app开发公司arquillian从历史上讲#xff0c;很难测试安全的EJB。 到目前为止#xff0c;我一直在使用专有技术#xff08;如JBossLoginContextFactory#xff09;中所述的文章#xff08; 使用Arquillian在WildFly 8.1.x上测试安全的EJB#xff09;来测试安全的EJB。 在今年Devoxx… arquillian 从历史上讲很难测试安全的EJB。 到目前为止我一直在使用专有技术如JBossLoginContextFactory中所述的文章 使用Arquillian在WildFly 8.1.x上测试安全的EJB来测试安全的EJB。 在今年Devoxx中 Apache TomEE项目轻量级Java EE应用程序服务器的创始人David Blevins为我带来了一个小窍门我们可以使用该技巧以一种标准方式处理Java EE安全性该方法可在所有符合Java EE的服务器上运行。 GitHub上的javaee-testing / security上提供了本文中使用的示例。 代码 要测试的代码包括一个实体和一个EJB服务如下所示。 图书实体 Entity
public class Book {IdGeneratedValue(strategy GenerationType.IDENTITY)private Integer id;private String isbn;private String title;public Book() {}public Book(String isbn, String title) {this.isbn isbn;this.title title;}// getters and setters omitted for brevity
} 书架EJB服务 Stateless
public class BookshelfService {PersistenceContext(unitName bookshelfManager)private EntityManager entityManager;RolesAllowed({ User, Manager })public void addBook(Book book) {entityManager.persist(book);}RolesAllowed({ Manager })public void deleteBook(Book book) {entityManager.remove(book);}PermitAllTransactionAttribute(TransactionAttributeType.SUPPORTS)public ListBook getBooks() {TypedQueryBook query entityManager.createQuery(SELECT b from Book as b, Book.class);return query.getResultList();}
} 测试类使用Arquillian进行集成测试并断言尊重在EJB上定义的安全角色。 书架服务测试 RunWith(Arquillian.class)
public class BookshelfServiceIT {Injectprivate BookshelfService bookshelfService;Injectprivate BookshelfManager manager;Injectprivate BookshelfUser user;Deploymentpublic static JavaArchive createDeployment() throws IOException {return ShrinkWrap.create(JavaArchive.class, javaee-testing-security.jar).addClasses(Book.class, BookshelfService.class, BookshelfManager.class, BookshelfUser.class).addAsManifestResource(META-INF/persistence.xml, persistence.xml).addAsManifestResource(EmptyAsset.INSTANCE, ArchivePaths.create(beans.xml));}Testpublic void testAsManager() throws Exception {manager.call(new CallableBook() {Overridepublic Book call() throws Exception {bookshelfService.addBook(new Book(978-1-4302-4626-8, Beginning Java EE 7));bookshelfService.addBook(new Book(978-1-4493-2829-0, Continuous Enterprise Development in Java));ListBook books bookshelfService.getBooks();Assert.assertEquals(List.size(), 2, books.size());for (Book book : books) {bookshelfService.deleteBook(book);}Assert.assertEquals(BookshelfService.getBooks(), 0, bookshelfService.getBooks().size());return null;}});}Testpublic void testAsUser() throws Exception {user.call(new CallableBook() {Overridepublic Book call() throws Exception {bookshelfService.addBook(new Book(978-1-4302-4626-8, Beginning Java EE 7));bookshelfService.addBook(new Book(978-1-4493-2829-0, Continuous Enterprise Development in Java));ListBook books bookshelfService.getBooks();Assert.assertEquals(List.size(), 2, books.size());for (Book book : books) {try {bookshelfService.deleteBook(book);Assert.fail(Users should not be allowed to delete);} catch (EJBAccessException e) {// Good, users cannot delete things}}// The list should not be emptyAssert.assertEquals(BookshelfService.getBooks(), 2, bookshelfService.getBooks().size());return null;}});}Testpublic void testUnauthenticated() throws Exception {try {bookshelfService.addBook(new Book(978-1-4302-4626-8, Beginning Java EE 7));Assert.fail(Unauthenticated users should not be able to add books);} catch (EJBAccessException e) {// Good, unauthenticated users cannot add things}try {bookshelfService.deleteBook(null);Assert.fail(Unauthenticated users should not be allowed to delete);} catch (EJBAccessException e) {// Good, unauthenticated users cannot delete things}try {// Read access should be allowedListBook books bookshelfService.getBooks();Assert.assertEquals(BookshelfService.getBooks(), 0, books.size());} catch (EJBAccessException e) {Assert.fail(Read access should be allowed);}}
} 诀窍在于两个助手EJB它们使我们的测试代码可以通过使用RunAs标准注释在所需的安全范围内执行。 书架经理角色 Stateless
RunAs(Manager)
PermitAll
public class BookshelfManager {public V V call(CallableV callable) throws Exception {return callable.call();}
} 书架用户角色 Stateless
RunAs(User)
PermitAll
public class BookshelfUser {public V V call(CallableV callable) throws Exception {return callable.call();}
}跑步 -------------------------------------------------------T E S T S
-------------------------------------------------------
Running com.samaxes.javaeetesting.security.BookshelfServiceIT
nov 23, 2014 2:44:48 AM org.xnio.Xnio clinit
INFO: XNIO version 3.2.0.Beta4
nov 23, 2014 2:44:48 AM org.xnio.nio.NioXnio clinit
INFO: XNIO NIO Implementation Version 3.2.0.Beta4
nov 23, 2014 2:44:49 AM org.jboss.remoting3.EndpointImpl clinit
INFO: JBoss Remoting version (unknown)
Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 36.69 sec - in com.samaxes.javaeetesting.security.BookshelfServiceITResults :Tests run: 3, Failures: 0, Errors: 0, Skipped: 0 测试愉快 翻译自: https://www.javacodegeeks.com/2014/11/testing-secured-ejbs-with-arquillian.htmlarquillian
