cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1043229 - in /cxf/trunk: rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/ rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/ systests/jaxrs/src/test/ja...
Date Tue, 07 Dec 2010 23:24:45 GMT
Author: sergeyb
Date: Tue Dec  7 23:24:44 2010
New Revision: 1043229

URL: http://svn.apache.org/viewvc?rev=1043229&view=rev
Log:
[CXF-3173] Adding JAXRSSimpleSecurityTest

Added:
    cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/
    cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
  (with props)
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
  (with props)
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
  (with props)
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
  (with props)
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
  (with props)
    cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/
    cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/
    cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml  
(with props)
    cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml   (with
props)
Modified:
    cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java

Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
(original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
Tue Dec  7 23:24:44 2010
@@ -235,6 +235,7 @@ public class JAXRSInInterceptor extends 
                                       MultivaluedMap<String, String> values,
                                       int numberOfResources) {
         message.getExchange().put(OperationResourceInfo.class, ori);
+        message.put("org.apache.cxf.resource.method", ori.getMethodToInvoke());
         message.put(URITemplate.TEMPLATE_PARAMETERS, values);
         
         String plainOperationName = ori.getMethodToInvoke().getName();

Added: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
(added)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
Tue Dec  7 23:24:44 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.jaxrs.security;
+
+import java.util.Map;
+
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor;
+import org.apache.cxf.interceptor.security.AccessDeniedException;
+import org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor;
+import org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
+
+public class SimpleAuthorizingFilter implements RequestHandler {
+
+    private AbstractAuthorizingInInterceptor interceptor;
+    
+    public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
+        try {
+            interceptor.handleMessage(m);
+            return null;
+        } catch (AccessDeniedException ex) {
+            return Response.status(Response.Status.FORBIDDEN).build();
+        }
+    }
+
+    public void setMethodRolesMap(Map<String, String> rolesMap) {
+        checkInterceptor();
+        SimpleAuthorizingInterceptor simple = new SimpleAuthorizingInterceptor();
+        simple.setMethodRolesMap(rolesMap);
+        interceptor = simple; 
+    }
+    
+    public void setSecuredObject(Object securedObject) {
+        checkInterceptor();
+        SecureAnnotationsInterceptor simple = new SecureAnnotationsInterceptor();
+        simple.setSecuredObject(securedObject);
+        interceptor = simple; 
+    }
+    
+    private void checkInterceptor() {
+        if (interceptor != null) {
+            throw new IllegalStateException("Filter has already been initialized");
+        }
+    }
+}

Propchange: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
(original)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
Tue Dec  7 23:24:44 2010
@@ -22,7 +22,6 @@ package org.apache.cxf.systest.jaxrs;
 import java.net.URISyntaxException;
 
 import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.handler.DefaultHandler;
@@ -80,14 +79,19 @@ public abstract class AbstractSpringServ
         handlers.setHandlers(new Handler[] {webappcontext, new DefaultHandler()});
 
         server.setHandler(handlers);
+        
         try {
+            configureServer(server);
             server.start();
-                       
         } catch (Exception e) {
             e.printStackTrace();
         }     
     }
     
+    protected void configureServer(org.eclipse.jetty.server.Server theserver) throws Exception
{
+        
+    }
+    
     public void tearDown() throws Exception {
         super.tearDown();
         if (server != null) {

Added: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
(added)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
Tue Dec  7 23:24:44 2010
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+import java.net.URL;
+
+import org.apache.cxf.systest.jaxrs.AbstractSpringServer;
+import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.security.LoginService;
+
+
+
+public class BookServerSimpleSecurity extends AbstractSpringServer {
+
+    public BookServerSimpleSecurity() {
+        super("/jaxrs_simple_security");
+    }
+    
+    @Override
+    protected void configureServer(org.eclipse.jetty.server.Server server) throws Exception
{
+        URL resource = getClass()
+            .getResource("/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties");
+        LoginService realm = 
+            new HashLoginService("BookStoreRealm", resource.toString());
+        server.addBean(realm);
+    }
+    
+    public static void main(String args[]) {
+        try {
+            BookServerSimpleSecurity s = new BookServerSimpleSecurity();
+            s.start();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+            System.exit(-1);
+        } finally {
+            System.out.println("done!");
+        }
+    }
+
+}

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(added)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Tue Dec  7 23:24:44 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JAXRSSimpleSecurityTest extends AbstractSpringSecurityTest {
+    public static final String PORT = BookServerSecuritySpringClass.PORT;
+    
+    @BeforeClass
+    public static void startServers() throws Exception {
+        assertTrue("server did not launch correctly", 
+                   launchServer(BookServerSimpleSecurity.class));
+    }
+    
+    @Test
+    public void testGetBookUserAdminWithFaultInterceptor() throws Exception {
+        String endpointAddress =
+            "http://localhost:" + PORT + "/security1/bookstorestorage/thosebooks/123"; 
+        getBook(endpointAddress, "foo", "bar", 403);
+        getBook(endpointAddress, "bob", "bobspassword", 200);
+    }
+    
+    @Test
+    public void testGetBookUserAdminWithFilter() throws Exception {
+        String endpointAddress =
+            "http://localhost:" + PORT + "/security2/bookstorestorage/thosebooks/123"; 
+        getBook(endpointAddress, "foo", "bar", 403);
+        getBook(endpointAddress, "bob", "bobspassword", 200);
+    }
+    
+    @Test
+    public void testGetBookUserAdminWithAnnotationsInterceptor() throws Exception {
+        String endpointAddress =
+            "http://localhost:" + PORT + "/security3/bookstorestorage/thebook/123"; 
+        getBook(endpointAddress, "foo", "bar", 403);
+        getBook(endpointAddress, "bob", "bobspassword", 200);
+    }
+    
+    @Test
+    public void testGetBookUserAdminWithAnnotationsFilter() throws Exception {
+        String endpointAddress =
+            "http://localhost:" + PORT + "/security4/bookstorestorage/thebook/123"; 
+        getBook(endpointAddress, "foo", "bar", 403);
+        getBook(endpointAddress, "bob", "bobspassword", 200);
+    }
+}

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
(original)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
Tue Dec  7 23:24:44 2010
@@ -98,4 +98,12 @@ public class SecureBookStoreNoInterface 
     public SecureBook getSecureBook() throws BookNotFoundFault {
         return new SecureBook("CXF in Action", 123L);
     }
+    
+    @GET
+    @Path("/thebook/{bookId}")
+    @Produces("application/xml")
+    @RolesAllowed({"ROLE_BOOK_OWNER" })
+    public Book getBook(@PathParam("bookId") Long id) {
+        return books.get(id);
+    }
 }

Added: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
(added)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
Tue Dec  7 23:24:44 2010
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.security.AccessDeniedException;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.transport.http.AbstractHTTPDestination;
+
+public class SecurityOutFaultInterceptor extends AbstractPhaseInterceptor<Message>
{
+    
+    public SecurityOutFaultInterceptor() {
+        super(Phase.PRE_STREAM);
+
+    }
+
+    public void handleMessage(Message message) throws Fault {
+        Exception ex = message.getContent(Exception.class);
+        if (!(((Fault)ex).getCause() instanceof AccessDeniedException)) {
+            throw new RuntimeException("Security Exception is expected is expected");
+        }
+        
+        HttpServletResponse response = (HttpServletResponse)message.getExchange().getInMessage()
+            .get(AbstractHTTPDestination.HTTP_RESPONSE);
+        response.setStatus(403);
+        
+        message.getInterceptorChain().abort();
+    }
+
+}

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
(added)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
Tue Dec  7 23:24:44 2010
@@ -0,0 +1,3 @@
+foo: bar,ROLE_USER
+bob: bobspassword,ROLE_BOOK_OWNER
+

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml (added)
+++ cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml Tue
Dec  7 23:24:44 2010
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+  xmlns:util="http://www.springframework.org/schema/util"
+  xsi:schemaLocation="
+http://www.springframework.org/schema/beans 
+http://www.springframework.org/schema/beans/spring-beans.xsd
+http://www.springframework.org/schema/util 
+http://www.springframework.org/schema/util/spring-util-2.0.xsd
+http://cxf.apache.org/jaxrs
+http://cxf.apache.org/schemas/jaxrs.xsd">
+
+  <import resource="classpath:META-INF/cxf/cxf.xml" />
+  <import resource="classpath:META-INF/cxf/cxf-extension-jaxrs-binding.xml" />
+  <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
+
+  <jaxrs:server id="bookservice"
+		        address="/security1">
+    <jaxrs:serviceBeans>
+       <bean class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoAnnotations"/>
+    </jaxrs:serviceBeans>		   
+    <jaxrs:inInterceptors>
+        <ref bean="authorizationInterceptor"/>
+    </jaxrs:inInterceptors>
+    <jaxrs:outFaultInterceptors>
+        <bean class="org.apache.cxf.systest.jaxrs.security.SecurityOutFaultInterceptor"/>
+    </jaxrs:outFaultInterceptors>
+  </jaxrs:server>
+  
+  <jaxrs:server id="bookservice2"
+		        address="/security2">
+    <jaxrs:serviceBeans>
+       <bean class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoAnnotations"/>
+    </jaxrs:serviceBeans>		   
+    <jaxrs:providers>
+        <ref bean="authorizationFilter"/>
+    </jaxrs:providers>
+  </jaxrs:server>
+  
+  <jaxrs:server id="bookservice3"
+		        address="/security3">
+    <jaxrs:serviceBeans>
+       <ref bean="securedObject"/>
+    </jaxrs:serviceBeans>		   
+    <jaxrs:inInterceptors>
+        <ref bean="annotationsInterceptor"/>
+    </jaxrs:inInterceptors>
+    <jaxrs:outFaultInterceptors>
+        <bean class="org.apache.cxf.systest.jaxrs.security.SecurityOutFaultInterceptor"/>
+    </jaxrs:outFaultInterceptors>
+  </jaxrs:server>
+  
+  <jaxrs:server id="bookservice4"
+		        address="/security4">
+    <jaxrs:serviceBeans>
+       <ref bean="securedObject"/>
+    </jaxrs:serviceBeans>		   
+    <jaxrs:providers>
+        <ref bean="annotationsFilter"/>
+    </jaxrs:providers>
+  </jaxrs:server>
+  
+  <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor">
+        <property name="methodRolesMap" ref="rolesMap"/>
+  </bean>
+  
+  <bean id="annotationsInterceptor" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
+       <property name="securedObject" ref="securedObject"/>
+  </bean>
+  
+  <bean id="securedObject" class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoInterface"/>
+  
+  <bean id="authorizationFilter" class="org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter">
+        <property name="methodRolesMap" ref="rolesMap"/>
+  </bean>
+  
+  <bean id="annotationsFilter" class="org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter">
+        <property name="securedObject" ref="securedObject"/>
+  </bean>
+  
+  <util:map id="rolesMap">
+     <entry key="getThatBook" value="ROLE_BOOK_OWNER"/>
+     <entry key="getBook" value="ROLE_BOOK_OWNER"/>
+  </util:map>
+  
+</beans>
+<!-- END SNIPPET: beans -->
+

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml?rev=1043229&view=auto
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml (added)
+++ cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml Tue
Dec  7 23:24:44 2010
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE web-app
+    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+    "http://java.sun.com/dtd/web-app_2_3.dtd">
+<!--
+	Licensed to the Apache Software Foundation (ASF) under one
+	or more contributor license agreements. See the NOTICE file
+	distributed with this work for additional information
+	regarding copyright ownership. The ASF licenses this file
+	to you under the Apache License, Version 2.0 (the
+	"License"); you may not use this file except in compliance
+	with the License. You may obtain a copy of the License at
+	
+	http://www.apache.org/licenses/LICENSE-2.0
+	
+	Unless required by applicable law or agreed to in writing,
+	software distributed under the License is distributed on an
+	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+	KIND, either express or implied. See the License for the
+	specific language governing permissions and limitations
+	under the License.
+-->
+<!-- START SNIPPET: webxml -->
+<web-app>
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>WEB-INF/beans.xml</param-value>
+	</context-param>
+
+	<listener>
+		<listener-class>
+			org.springframework.web.context.ContextLoaderListener
+		</listener-class>
+	</listener>
+
+  	<servlet>
+		<servlet-name>CXFServlet</servlet-name>
+		<display-name>CXF Servlet</display-name>
+		<servlet-class>
+			org.apache.cxf.transport.servlet.CXFServlet
+		</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>CXFServlet</servlet-name>
+		<url-pattern>/*</url-pattern>
+	</servlet-mapping>
+<!--	
+	<security-constraint>
+
+      <web-resource-collection>
+        <web-resource-name>CXFServlet</web-resource-name>
+        <url-pattern>/*</url-pattern>
+      </web-resource-collection>
+
+      <auth-constraint>
+        <role-name>ROLE_BOOK_OWNER</role-name>
+      </auth-constraint>
+    </security-constraint>
+-->
+    <login-config>
+       <auth-method>BASIC</auth-method>
+       <realm-name>BookStoreRealm</realm-name>
+    </login-config>
+<!--
+<security-role>
+<role-name>JBossAdmin</role-name>
+</security-role>
+-->	
+</web-app>
+<!-- END SNIPPET: webxml -->

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml



Mime
View raw message