tomee-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jlmonte...@apache.org
Subject svn commit: r1607024 - in /tomee/tomee/trunk/server/openejb-cxf-rs/src: main/java/org/apache/openejb/server/cxf/rs/ test/java/org/apache/openejb/server/cxf/rs/
Date Tue, 01 Jul 2014 09:06:00 GMT
Author: jlmonteiro
Date: Tue Jul  1 09:05:59 2014
New Revision: 1607024

URL: http://svn.apache.org/r1607024
Log:
TOMEE-1263 Add a REST Exception mapper for EJBAccessException

Added:
    tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapper.java
    tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapperTest.java
      - copied, changed from r1606988, tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/EjbDeploymentTest.java
Modified:
    tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java

Modified: tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java?rev=1607024&r1=1607023&r2=1607024&view=diff
==============================================================================
--- tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
(original)
+++ tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
Tue Jul  1 09:05:59 2014
@@ -583,25 +583,23 @@ public class CxfRsHttpListener implement
         }
 
         // providers
-        Set<String> providersConfig = null;
-
+        Set<String> providersConfig = new HashSet<String>();
         {
+            // add an exception mapper for EJBAccessException to convert into 403
+            providersConfig.add(SecurityExceptionMapper.class.getName());
+
+            // then add first global providers
+            if (GLOBAL_PROVIDERS != null) {
+                providersConfig.addAll(Arrays.asList(GLOBAL_PROVIDERS.split(",")));
+            }
+
+            // and finally user custom providers
             final String provider = serviceConfiguration.getProperties().getProperty(PROVIDERS_KEY);
             if (provider != null) {
-                providersConfig = new HashSet<String>();
                 for (final String p : Arrays.asList(provider.split(","))) {
                     providersConfig.add(p.trim());
                 }
             }
-
-            {
-                if (GLOBAL_PROVIDERS != null) {
-                    if (providersConfig == null) {
-                        providersConfig = new HashSet<String>();
-                    }
-                    providersConfig.addAll(Arrays.asList(GLOBAL_PROVIDERS.split(",")));
-                }
-            }
         }
 
         List<Object> providers = null;

Added: tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapper.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapper.java?rev=1607024&view=auto
==============================================================================
--- tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapper.java
(added)
+++ tomee/tomee/trunk/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapper.java
Tue Jul  1 09:05:59 2014
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.server.cxf.rs;
+
+import javax.ejb.EJBAccessException;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
+public class SecurityExceptionMapper implements ExceptionMapper<EJBAccessException>
{
+    @Override
+    public Response toResponse(EJBAccessException throwable) {
+        return Response.status(Response.Status.FORBIDDEN).build();
+    }
+}

Copied: tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapperTest.java
(from r1606988, tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/EjbDeploymentTest.java)
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapperTest.java?p2=tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapperTest.java&p1=tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/EjbDeploymentTest.java&r1=1606988&r2=1607024&rev=1607024&view=diff
==============================================================================
--- tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/EjbDeploymentTest.java
(original)
+++ tomee/tomee/trunk/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/SecurityExceptionMapperTest.java
Tue Jul  1 09:05:59 2014
@@ -25,20 +25,23 @@ import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
+import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
-import javax.ejb.Stateless;
+import javax.ejb.Lock;
+import javax.ejb.LockType;
+import javax.ejb.Singleton;
 import javax.ejb.embeddable.EJBContainer;
 import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Request;
+import javax.ws.rs.core.Response;
 import java.util.Properties;
 
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
 
-public class EjbDeploymentTest {
+public class SecurityExceptionMapperTest {
     private static EJBContainer container;
     private static RESTIsCool service;
 
@@ -58,34 +61,17 @@ public class EjbDeploymentTest {
         }
     }
 
-    @Test
-    public void normal() {
-        assertNotNull(service);
-        assertEquals("ok", service.normal());
-    }
 
     @Test
     public void rest() {
-        String response = WebClient.create("http://localhost:4204/openejb-cxf-rs").path("/ejb/rest").get(String.class);
-        assertEquals("ok", response);
-    }
-
-    @Test
-    public void restParameterInjected() {
-        String response = WebClient.create("http://localhost:4204/openejb-cxf-rs").path("/ejb/param").get(String.class);
-        assertEquals("true", response);
-
-        response = WebClient.create("http://localhost:4204/openejb-cxf-rs").path("/ejb/param").query("arg",
"foo").get(String.class);
-        assertEquals("foo", response);
+        Response response = WebClient.create("http://localhost:4204/openejb-cxf-rs").path("/ejb/rest").get();
+        assertEquals(403, response.getStatus());
     }
 
-    @Test
-    public void restFieldInjected() {
-        Boolean response = WebClient.create("http://localhost:4204/openejb-cxf-rs").path("/ejb/field").get(Boolean.class);
-        assertEquals(true, response.booleanValue());
-    }
 
-    @Stateless
+    @Singleton
+    @RolesAllowed("Something that does not exit at all")
+    @Lock(LockType.READ)
     @Path("/ejb")
     public static class RESTIsCool {
         @EJB



Mime
View raw message