tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josef.Eis...@bgs-ag.de
Subject Antwort: Re: Antwort: Re: Antwort: Re: Using OpenEJB Security for JAAS LoginModule
Date Mon, 30 Jun 2008 14:32:17 GMT
Hi David,

Germany lost the Euro2008 therefore I need good news ;-) Do you have any 
for me?

I confinced my team to use all junit-Tests with openejb as embedded 
container in Eclipse :-)

Using my tests, sometimes strange things happen: 
* I test the public CRUD-functions of my business class and often I get 
the expected GREEN color as the result.
* But sometimes the first function of my business class fails. It is a 
creation of the business object. The failure happens without any 
code-change.

There are two SQL-Insert-Statemens which depend on each other. We use the 
EntityManager.persist Method. Is it possible the transaction manager in 
embedded-openejb sometimes use the wrong order for the insert-statements ? 
We have no errors at all using the code in Geronimo 2.1.1 and sometimes 
errors with the junit-Tests. Where are possible differences in these two 
scenarios?

-Josef





David Blevins <david.blevins@visi.com> 
12.06.2008 09:02
Bitte antworten an
users@openejb.apache.org


An
users@openejb.apache.org
Kopie

Thema
Re: Antwort: Re: Antwort: Re: Using OpenEJB Security for JAAS LoginModule






Hi Josef,

Looks like you do have some custom LoginModules, the Geronimo ones :) 
Those aren't going to run outside of Geronimo, but I've started a 
thread to see if we can get them to be less dependent on the Geronimo 
runtime and therefore more reusable in other settings, like unit tests.

Hopefully we can get some good news for you.

Aside from the login part, I can promise you that the code and process 
*after* the login is exactly the same as the RunAs.  So if you have 
ejbs with security constraints (@RolesAllowed, @DenyAll, @PermitAll, 
etc.) I absolutely guarantee that those *are* testable, just the test 
are assuming a positive login is possible.  Another way to think of it 
as that the login is "mocked" and the enforcement of that Subject is 
100% real.  It should at least allow you to get started and test that 
@RolesAllowed, @DenyAll, @PermitAll, @DeclareRoles and isCallerInRole 
all function as you want them to.  The login part could be added later 
and the RunAs removed with little change to the tests.

-David





BGS Beratungsgesellschaft 
Software Systemplanung AG         Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 
  Aufsichtsratsvorsitzender 
Dr. Wolfgang Trommer 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold 
Heinz-Jörg Zimmermann 

  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message