#23507 Security tests fixed + removed old soteria tests and other dead tests
diff --git a/appserver/tests/appserv-tests/devtests/security/build.xml b/appserver/tests/appserv-tests/devtests/security/build.xml
index 4bd858a..28d7193 100644
--- a/appserver/tests/appserv-tests/devtests/security/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/build.xml
@@ -47,7 +47,6 @@
<ant dir="authConf" target="all"/>
<ant dir="negativeRealmPerApp" target="all"/>
<ant dir="realmPerApp" target="all"/>
- <ant dir="soteria" target="all"/>
<!-- <ant dir="weblogic-dd" target="all"/>--> <!-- DISABLED: Failures -->
<ant dir="sful" target="all"/>
<ant dir="userWithAtSymbol" target="all"/>
@@ -88,15 +87,6 @@
<ant dir="realmPerApp" target="all"/>
<ant dir="sful" target="all"/>
</target>
- <target name="soteria">
- <delete>
- <fileset dir="${env.APS_HOME}" includes="test_results*, security-gtest-results.xml"/>
- </delete>
- <record name="soteria.output" action="start" />
- <ant dir="soteria" target="all"/>
- <record name="soteria.output" action="stop" />
- <antcall target="report"/>
- </target>
<target name="usage">
<echo>
diff --git a/appserver/tests/appserv-tests/devtests/security/ciphertest/build.xml b/appserver/tests/appserv-tests/devtests/security/ciphertest/build.xml
index 3595ac1..b0c0a46 100644
--- a/appserver/tests/appserv-tests/devtests/security/ciphertest/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/ciphertest/build.xml
@@ -162,42 +162,7 @@
<property name="https.1.port" value="1${https.port}" />
<property name="https.2.port" value="2${https.port}" />
-
-<!-- JDK 8 u172 - 3DES cipher suites disabled
<antcall target="cipher-test">
- <param name="should-pass-cipher" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
- <param name="enable-cipher" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
- <param name="https.port" value="${https.2.port}"/>
- </antcall>
--->
-
-<!-- Disable failing test cases (use of -Dsun.security.ssl.allowUnsafeRenegotiation=true has no impact)
- <antcall target="cipher-test">
- <param name="should-pass-cipher" value="SSL_RSA_WITH_DES_CBC_SHA"/>
- <param name="enable-cipher" value="SSL_RSA_WITH_DES_CBC_SHA"/>
- <param name="https.port" value="${https.2.port}"/>
- </antcall>
-
- <antcall target="cipher-test">
- <param name="should-pass-cipher" value="SSL_RSA_EXPORT_WITH_RC4_40_MD5"/>
- <param name="enable-cipher" value="SSL_RSA_EXPORT_WITH_RC4_40_MD5"/>
- <param name="https.port" value="${https.2.port}"/>
- </antcall>
--->
-
- <antcall target="cipher-test">
- <param name="should-pass-cipher" value="SSL_RSA_WITH_NULL_MD5"/>
- <param name="enable-cipher" value="SSL_RSA_WITH_NULL_MD5"/>
- <param name="https.port" value="${https.2.port}"/>
- </antcall>
-
- <antcall target="cipher-test">
- <param name="should-pass-cipher" value="SSL_RSA_WITH_NULL_SHA"/>
- <param name="enable-cipher" value="SSL_RSA_WITH_NULL_SHA"/>
- <param name="https.port" value="${https.2.port}"/>
- </antcall>
-
- <antcall target="cipher-test">
<param name="should-pass-cipher" value=""/>
<param name="enable-cipher" value="SSL_RSA_WITH_RC4_128_MD5"/>
<param name="https.port" value="${https.2.port}"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/common.xml b/appserver/tests/appserv-tests/devtests/security/common.xml
index cd59de0..ff63d50 100644
--- a/appserver/tests/appserv-tests/devtests/security/common.xml
+++ b/appserver/tests/appserv-tests/devtests/security/common.xml
@@ -166,7 +166,10 @@
<target name="generate-jks-key" depends="init-common">
<exec executable="${java.home}/bin/keytool" failonerror="true">
- <arg line="-genkey -alias ssltest -dname"/>
+ <arg line="-genkey -alias ssltest"/>
+ <arg value="-keyalg" />
+ <arg value="RSA" />
+ <arg value="-dname" />
<arg value="CN=SSLTest, OU=Sun Java System Application Server, O=Sun Microsystems, L=Santa Clara, ST=California, C=US"/>
<arg value="-validity"/>
<arg value="3650"/>
@@ -387,12 +390,14 @@
<target name="wsgen" depends="init-common,setJAXWSToolsForWin,setJAXWSToolsForUnix">
<exec executable="${WSGEN}" failonerror="true" >
+ <env key="AS_JAVA" value="${env.JAVA_HOME}" />
<arg line="${wsgen.args}" />
</exec>
</target>
<target name="wsimport" depends="init-common,setJAXWSToolsForWin,setJAXWSToolsForUnix">
<exec executable="${WSIMPORT}" failonerror="true" >
+ <env key="AS_JAVA" value="${env.JAVA_HOME}" />
<env key="WSIMPORT_OPTS" value="${wsimport.VMARGS}"/>
<arg line="${wsimport.args}" />
</exec>
diff --git a/appserver/tests/appserv-tests/devtests/security/container-auth/build.xml b/appserver/tests/appserv-tests/devtests/security/container-auth/build.xml
index 16a60db..4176672 100644
--- a/appserver/tests/appserv-tests/devtests/security/container-auth/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/container-auth/build.xml
@@ -58,22 +58,17 @@
</target>
<target name="runaccxml" depends="init-common">
-<!--TODO uncomment later-->
- <java classname="AuthConfigTest" fork="yes">
+ <java classname="AuthConfigTest" fork="yes">
<classpath>
<pathelement path="${env.S1AS_HOME}/lib/appserv-rt.jar:${build.classes.dir}"/>
- <pathelement path="${env.S1AS_HOME}/lib/appserv-admin.jar"/>
- <pathelement path="${env.S1AS_HOME}/lib/j2ee.jar"/>
- <pathelement path="${env.S1AS_HOME}/lib/jmac-api.jar"/>
+ <pathelement path="${env.S1AS_HOME}/lib/javaee.jar"/>
<pathelement path="${env.S1AS_HOME}/lib/dtds"/>
<pathelement path="${env.S1AS_HOME}/lib/schemas"/>
<pathelement path="${env.APS_HOME}/lib/reporter.jar"/>
</classpath>
<arg value="xml-parse" />
<sysproperty key="java.security.debug" value="configfile,configxmlparser"/>
- <sysproperty key="sun-acc.xml.url" value="${env.APS_HOME}/devtests/security/container-auth/testConfig/sun-acc.xml"/>
- <!--<jvmarg value="-Xdebug" />
- <jvmarg value="-Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8008"/>-->
+ <sysproperty key="glassfish-acc.xml.url" value="${env.APS_HOME}/devtests/security/container-auth/testConfig/glassfish-acc.xml"/>
</java>
</target>
<target name="usage">
diff --git a/appserver/tests/appserv-tests/devtests/security/container-auth/jauth/AuthConfigTest.java b/appserver/tests/appserv-tests/devtests/security/container-auth/jauth/AuthConfigTest.java
index 028e169..e07d34b 100644
--- a/appserver/tests/appserv-tests/devtests/security/container-auth/jauth/AuthConfigTest.java
+++ b/appserver/tests/appserv-tests/devtests/security/container-auth/jauth/AuthConfigTest.java
@@ -34,7 +34,7 @@
*
* 2. sun-acc.xml test:
*
- * %java -Dsun-acc.xml.url=sun-acc.xml
+ * %java -Dglassfish-acc.xml.url=sun-acc.xml
* -Djava.security.debug=configfile,configxmlparser
* -classpath .:classes:config-api.jar:appserv-commons.jar:schema2beans.jar
* AuthConfigTest xml-parse
diff --git a/appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/sun-acc.xml b/appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/glassfish-acc.xml
similarity index 82%
rename from appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/sun-acc.xml
rename to appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/glassfish-acc.xml
index 4cae425..184989f 100644
--- a/appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/sun-acc.xml
+++ b/appserver/tests/appserv-tests/devtests/security/container-auth/testConfig/glassfish-acc.xml
@@ -48,24 +48,4 @@
<response-policy auth-source="content" auth-recipient="after-content"></response-policy>
</provider-config>
</message-security-config>
-
-
-<!-- not supported yet
-
-
- <message-security-config auth-layer="HTTP" default-provider="app8">
- </provider-config>
- <provider-config provider-id="app8" provider-type="server" class-name="ServerModule1">
- </provider-config>
- <provider-config provider-id="app9" provider-type="server" class-name="ServerModule1">
- </message-security-config>
-
-
- <message-security-config auth-layer="EJB" default-provider="app10">
- </provider-config>
- <provider-config provider-id="app10" provider-type="server" class-name="ServerModule1">
- </message-security-config>
-
--->
-
</client-container>
diff --git a/appserver/tests/appserv-tests/devtests/security/ejb-mutual-ssl/client/ConverterClient.java b/appserver/tests/appserv-tests/devtests/security/ejb-mutual-ssl/client/ConverterClient.java
index 527b250..7f94ffd 100644
--- a/appserver/tests/appserv-tests/devtests/security/ejb-mutual-ssl/client/ConverterClient.java
+++ b/appserver/tests/appserv-tests/devtests/security/ejb-mutual-ssl/client/ConverterClient.java
@@ -119,7 +119,7 @@
// Create Home object
obj = context.lookup(jndiName);
}
- String mys = "CN=SSLTest, OU=Sun Java System Application Server, O=Sun Microsystems, L=Santa Clara, ST=California, C=US";
+ String mys = "CN=SSLTest,OU=Sun Java System Application Server,O=Sun Microsystems,L=Santa Clara,ST=California,C=US";
System.out.println("Certname in appclication-client ->"+mys);
ConverterRemoteHome home =
(ConverterRemoteHome) PortableRemoteObject.narrow(obj,
diff --git a/appserver/tests/appserv-tests/devtests/security/jaccApi/build.xml b/appserver/tests/appserv-tests/devtests/security/jaccApi/build.xml
index 2c95c03..a8ef830 100644
--- a/appserver/tests/appserv-tests/devtests/security/jaccApi/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jaccApi/build.xml
@@ -61,7 +61,7 @@
<ant dir="prog-auth" target="all"/>
</target>
<target name="run-test" depends="init-common">
- <java classname="javax.security.jacc.Test" fork="yes"
+ <java classname="jakarta.security.jacc.Test" fork="yes"
classpath="${s1astest.classpath}"/>
</target>
@@ -71,7 +71,7 @@
<property name="PFL" value="-Djava.security.policy=${basedir}/config/java.policy"/>
<property name="PFL2" value="-Djava.security.policy=${basedir}/config/java.policy2"/>
- <java classname="javax.security.jacc.TestPCF" fork="yes"
+ <java classname="jakarta.security.jacc.TestPCF" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
<jvmarg value="${PFL2}"/>
@@ -79,7 +79,7 @@
<arg value="java.lang.ClassNotFoundException"/>
</java>
- <java classname="javax.security.jacc.TestPCF" fork="yes"
+ <java classname="jakarta.security.jacc.TestPCF" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
<jvmarg value="${NOTPCF}"/>
@@ -88,16 +88,16 @@
<arg value="java.lang.ClassCastException"/>
</java>
- <java classname="javax.security.jacc.TestPCF" fork="yes"
+ <java classname="jakarta.security.jacc.TestPCF" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
<jvmarg value="${ISPCF}"/>
<jvmarg value="${PFL2}"/>
<arg value="true"/>
- <arg value="javax.security.jacc.PolicyContextException"/>
+ <arg value="jakarta.security.jacc.PolicyContextException"/>
</java>
- <java classname="javax.security.jacc.TestPCF" fork="yes"
+ <java classname="jakarta.security.jacc.TestPCF" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
<jvmarg value="${NOTPCF}"/>
@@ -106,7 +106,7 @@
<arg value="java.lang.ClassCastException"/>
</java>
- <java classname="javax.security.jacc.TestPCF" fork="yes"
+ <java classname="jakarta.security.jacc.TestPCF" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-DAPS_HOME=${env.APS_HOME}"/>
<jvmarg value="${ISPCF}"/>
@@ -116,21 +116,21 @@
</target>
<target name="run-ejbtests" depends="init-common">
- <java classname="javax.security.jacc.TestEJBPerms" fork="yes"
+ <java classname="jakarta.security.jacc.TestEJBPerms" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-Ddebug=${debug}"/>
</java>
</target>
<target name="run-urltests" depends="init-common">
- <java classname="javax.security.jacc.TestURLPattern" fork="yes"
+ <java classname="jakarta.security.jacc.TestURLPattern" fork="yes"
classpath="${s1astest.classpath}"/>
- <java classname="javax.security.jacc.TestURLPatternSpec" fork="yes"
+ <java classname="jakarta.security.jacc.TestURLPatternSpec" fork="yes"
classpath="${s1astest.classpath}"/>
</target>
<target name="run-webtests" depends="init-common">
- <java classname="javax.security.jacc.TestWebPerms" fork="yes"
+ <java classname="jakarta.security.jacc.TestWebPerms" fork="yes"
classpath="${s1astest.classpath}">
<jvmarg value="-Ddebug=${debug}"/>
</java>
diff --git a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/build.xml b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/build.xml
index ea284df..75fd865 100644
--- a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/build.xml
@@ -39,6 +39,7 @@
<target name="all" depends="runMaven"/>
<target name="runMaven">
<artifact:mvn mavenHome="${env.M2_HOME}" fork="true">
+ <jvmarg value="-Dglassfish.version=${env.GF_VERSION}" />
<jvmarg value="-Dmaven.multiModuleProjectDirectory"/>
<jvmarg value="-Dmaven.javadoc.skip=true" />
<arg value="clean"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/common/src/main/java/org/glassfish/jaccApi/common/ArquillianBase.java b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/common/src/main/java/org/glassfish/jaccApi/common/ArquillianBase.java
index 9da9e9c..de07c87 100644
--- a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/common/src/main/java/org/glassfish/jaccApi/common/ArquillianBase.java
+++ b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/common/src/main/java/org/glassfish/jaccApi/common/ArquillianBase.java
@@ -31,25 +31,16 @@
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.spec.EnterpriseArchive;
import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.jboss.shrinkwrap.api.importer.ZipImporter;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.rules.TestWatcher;
import org.junit.runner.Description;
-import static org.jboss.shrinkwrap.api.ShrinkWrap.create;
-
-import java.io.File;
-
-import org.jboss.shrinkwrap.api.importer.ZipImporter;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import com.gargoylesoftware.htmlunit.WebClient;
-/**
- *
- *
- */
public class ArquillianBase {
private static final String WEBAPP_SRC = "src/main/webapp";
diff --git a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/pom.xml b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/pom.xml
index a631763..20600ad 100644
--- a/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/pom.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jaccApi/prog-auth/pom.xml
@@ -21,15 +21,16 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.glassfish.jaccApi.test</groupId>
<artifactId>prog-auth</artifactId>
- <version>6.2.6-SNAPSHOT</version>
<packaging>pom</packaging>
+ <parent>
+ <groupId>org.glassfish.main.tests</groupId>
+ <artifactId>ant-tests</artifactId>
+ <version>6.2.6-SNAPSHOT</version>
+ <relativePath>../../../..</relativePath>
+ </parent>
+
<name>Programmatic authentication with Jakarta Authorization api</name>
- <properties>
- <glassfish.version>5.0</glassfish.version>
- <maven.compiler.source>11</maven.compiler.source>
- <maven.compiler.target>11</maven.compiler.target>
- </properties>
<modules>
<module>common</module>
@@ -40,7 +41,7 @@
<dependency>
<groupId>org.jboss.arquillian</groupId>
<artifactId>arquillian-bom</artifactId>
- <version>1.3.0.Final</version>
+ <version>1.6.0.Final</version>
<scope>import</scope>
<type>pom</type>
</dependency>
@@ -64,13 +65,13 @@
<dependency>
<groupId>net.sourceforge.htmlunit</groupId>
<artifactId>htmlunit</artifactId>
- <version>2.29</version>
+ <version>2.58.0</version>
<scope>test</scope>
</dependency>
<dependency>
- <groupId>javax</groupId>
- <artifactId>javaee-api</artifactId>
- <version>7.0</version>
+ <groupId>jakarta.platform</groupId>
+ <artifactId>jakarta.jakartaee-api</artifactId>
+ <version>9.1.0</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -92,7 +93,6 @@
<plugins>
<plugin>
<artifactId>maven-failsafe-plugin</artifactId>
- <version>2.20</version>
<executions>
<execution>
<goals>
diff --git a/appserver/tests/appserv-tests/devtests/security/jaccmr8/client/Client.java b/appserver/tests/appserv-tests/devtests/security/jaccmr8/client/Client.java
index 0e02126..2e99779 100644
--- a/appserver/tests/appserv-tests/devtests/security/jaccmr8/client/Client.java
+++ b/appserver/tests/appserv-tests/devtests/security/jaccmr8/client/Client.java
@@ -18,6 +18,7 @@
import java.net.*;
import java.io.*;
+import java.util.Base64;
import java.util.Enumeration;
import java.util.Hashtable;
@@ -442,15 +443,14 @@
if ((user != null) && (user.length() > 0)) {
// Add BASIC header for authentication
String auth = user + ":" + password;
- String authEncoded = new sun.misc.BASE64Encoder().encode(auth.getBytes());
+ String authEncoded = Base64.getEncoder().encodeToString(auth.getBytes());
c1.setRequestProperty("Authorization", "Basic " + authEncoded);
}
c1.setDoOutput(true);
c1.setUseCaches(false);
// get the output stream to POST to.
- DataOutputStream out;
- out = new DataOutputStream(c1.getOutputStream());
+ DataOutputStream out = new DataOutputStream(c1.getOutputStream());
String content = "";
// Create a single String value to be POSTED from the parameters passed
diff --git a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/build.xml b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/build.xml
index ec94262..98ec09c 100644
--- a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/build.xml
@@ -34,172 +34,171 @@
&commonSecurity;
&testProperties;
- <property file="./config.properties"/>
+ <property file="./config.properties" />
- <target name="all" depends="display-header">
- <antcall target="setup"/>
- <antcall target="build"/>
- <antcall target="deploy"/>
- <antcall target="run"/>
- <antcall target="undeploy"/>
- <antcall target="unsetup"/>
- </target>
+ <target name="all" depends="display-header">
+ <antcall target="setup" />
+ <antcall target="build" />
+ <antcall target="deploy" />
+ <antcall target="run" />
+ <antcall target="undeploy" />
+ <antcall target="unsetup" />
+ </target>
- <target name="all-oracle" depends="display-header">
- <antcall target="setup-oracle"/>
- <antcall target="build"/>
- <antcall target="deploy"/>
- <antcall target="run"/>
- <antcall target="undeploy"/>
- <antcall target="unsetup-oracle"/>
- </target>
+ <target name="all-oracle" depends="display-header">
+ <antcall target="setup-oracle" />
+ <antcall target="build" />
+ <antcall target="deploy" />
+ <antcall target="run" />
+ <antcall target="undeploy" />
+ <antcall target="unsetup-oracle" />
+ </target>
- <target name="display-header">
- <echo message="-->Running ${ant.project.name} tests from ${basedir} ..."/>
- </target>
+ <target name="display-header">
+ <echo message="-->Running ${ant.project.name} tests from ${basedir} ..." />
+ </target>
- <target name="setup" depends="init-common">
- <antcall target="create-db-schema"/>
- <antcall target="create-db-usrgrps"/>
- <antcall target="modify-domain-xml"/>
- </target>
+ <target name="setup" depends="init-common">
+ <antcall target="create-db-schema" />
+ <antcall target="create-db-usrgrps" />
+ <antcall target="modify-domain-xml" />
+ </target>
- <target name="unsetup" depends="init-common">
- <antcall target="un-modify-domain-xml"/>
- <antcall target="delete-db-schema"/>
- </target>
+ <target name="unsetup" depends="init-common">
+ <antcall target="un-modify-domain-xml" />
+ <antcall target="delete-db-schema" />
+ </target>
- <target name="setup-oracle" depends="init-common">
- <antcall target="create-db-schema-oracle"/>
- <antcall target="create-db-usrgrps-oracle"/>
- <antcall target="modify-domain-xml-oracle"/>
- </target>
+ <target name="setup-oracle" depends="init-common">
+ <antcall target="create-db-schema-oracle" />
+ <antcall target="create-db-usrgrps-oracle" />
+ <antcall target="modify-domain-xml-oracle" />
+ </target>
- <target name="unsetup-oracle" depends="init-common">
- <antcall target="un-modify-domain-xml-oracle"/>
- <antcall target="delete-db-schema-oracle"/>
- </target>
+ <target name="unsetup-oracle" depends="init-common">
+ <antcall target="un-modify-domain-xml-oracle" />
+ <antcall target="delete-db-schema-oracle" />
+ </target>
- <target name="create-db-schema-oracle" depends="init-common">
- <echo message="Executing sql statement at ${basedir} from ${create.sql.file.oracle} for db.url ${oracle.db.url}"/>
- <sql
- driver="${oracle.db.driver}"
- url="${oracle.db.url}"
- userid="${oracle.db.user}"
- password="${oracle.db.user}"
- src="${create.sql.file.oracle}"
- onerror="continue"
- print="yes"
- output="create-db-schema.out"
- classpath="${env.APS_HOME}/lib/ojdbc14.jar:${s1astest.classpath}" />
- </target>
- <target name="delete-db-schema-oracle" depends="init-common">
- <echo message="Executing sql statement at ${basedir} from ${delete.sql.file}"
- level="verbose"/>
- <sql
- driver="${oracle.db.driver}"
- url="${oracle.db.url}"
- userid="${oracle.db.user}"
- password="${oracle.db.user}"
- src="${delete.sql.file}"
- onerror="continue"
- print="yes"
- output="delete-db-schema.out"
- classpath="${env.APS_HOME}/lib/ojdbc14.jar:${s1astest.classpath}" />
- </target>
+ <target name="create-db-schema-oracle" depends="init-common">
+ <echo message="Executing sql statement at ${basedir} from ${create.sql.file.oracle} for db.url ${oracle.db.url}"
+ />
+ <sql driver="${oracle.db.driver}"
+ url="${oracle.db.url}"
+ userid="${oracle.db.user}"
+ password="${oracle.db.user}"
+ src="${create.sql.file.oracle}"
+ onerror="continue"
+ print="yes"
+ output="create-db-schema.out"
+ classpath="${env.APS_HOME}/lib/ojdbc14.jar:${s1astest.classpath}"
+ />
+ </target>
+ <target name="delete-db-schema-oracle" depends="init-common">
+ <echo message="Executing sql statement at ${basedir} from ${delete.sql.file}" level="verbose" />
+ <sql driver="${oracle.db.driver}"
+ url="${oracle.db.url}"
+ userid="${oracle.db.user}"
+ password="${oracle.db.user}"
+ src="${delete.sql.file}"
+ onerror="continue"
+ print="yes"
+ output="delete-db-schema.out"
+ classpath="${env.APS_HOME}/lib/ojdbc14.jar:${s1astest.classpath}"
+ />
+ </target>
- <target name="create-db-schema" depends="init-common">
- <echo message="Executing sql statement at ${basedir} from ${create.sql.file} for db.url ${derby.db.url}"/>
- <sql
- driver="${derby.db.driver}"
- url="${derby.db.url}"
- userid="${derby.db.user}"
- password="${derby.db.user}"
- src="${create.sql.file}"
- onerror="continue"
- print="yes"
- output="create-db-schema.out"
- classpath="${s1astest.classpath}" />
- </target>
+ <target name="create-db-schema" depends="init-common">
+ <echo message="Executing sql statement at ${basedir} from ${create.sql.file} for db.url ${derby.db.url}"
+ />
+ <sql driver="${derby.db.driver}"
+ url="${derby.db.url}"
+ userid="${derby.db.user}"
+ password="${derby.db.user}"
+ src="${create.sql.file}"
+ onerror="continue"
+ print="yes"
+ output="create-db-schema.out"
+ classpath="${s1astest.classpath}"
+ />
+ </target>
- <target name="delete-db-schema" depends="init-common">
- <echo message="Executing sql statement at ${basedir} from ${delete.sql.file}"
- level="verbose"/>
- <sql
- driver="${derby.db.driver}"
- url="${derby.db.url}"
- userid="${derby.db.user}"
- password="${derby.db.user}"
- src="${delete.sql.file}"
- onerror="continue"
- print="yes"
- output="delete-db-schema.out"
- classpath="${s1astest.classpath}" />
- </target>
+ <target name="delete-db-schema" depends="init-common">
+ <echo message="Executing sql statement at ${basedir} from ${delete.sql.file}" level="verbose" />
+ <sql driver="${derby.db.driver}"
+ url="${derby.db.url}"
+ userid="${derby.db.user}"
+ password="${derby.db.user}"
+ src="${delete.sql.file}"
+ onerror="continue"
+ print="yes"
+ output="delete-db-schema.out"
+ classpath="${s1astest.classpath}"
+ />
+ </target>
- <target name="create-db-usrgrps" depends="init-common">
- <antcall target="compile-common">
- <param name="src" value="util"/>
- </antcall>
- <java classname="com.sun.devtests.security.jdbcrealm.PopulateDB" fork="true">
- <classpath>
- <pathelement path="${build.classes.dir}:${s1astest.classpath}"/>
- </classpath>
- <arg value="-url"/>
- <arg value="${derby.db.url}"/>
- <arg value="-dbDriver"/>
- <arg value="${derby.db.driver}"/>
- <arg value="-username"/>
- <arg value="${derby.db.user}"/>
- <arg value="-password"/>
- <arg value="${derby.db.pass}"/>
- </java>
- </target>
+ <target name="create-db-usrgrps" depends="init-common">
+ <antcall target="compile-common">
+ <param name="src" value="util" />
+ </antcall>
+ <java classname="com.sun.devtests.security.jdbcrealm.PopulateDB" fork="true">
+ <classpath>
+ <pathelement path="${build.classes.dir}:${s1astest.classpath}" />
+ </classpath>
+ <arg value="-url" />
+ <arg value="${derby.db.url}" />
+ <arg value="-dbDriver" />
+ <arg value="${derby.db.driver}" />
+ <arg value="-username" />
+ <arg value="${derby.db.user}" />
+ <arg value="-password" />
+ <arg value="${derby.db.pass}" />
+ </java>
+ </target>
- <target name="create-db-usrgrps-oracle" depends="init-common">
- <java classname="com.sun.devtests.security.jdbcrealm.PopulateDB" fork="true">
- <classpath>
- <pathelement path="${env.APS_HOME}/lib/ojdbc14.jar:${build.classes.dir}:${s1astest.classpath}"/>
- </classpath>
- <arg value="-url"/>
- <arg value="${oracle.db.url}"/>
- <arg value="-dbDriver"/>
- <arg value="${oracle.db.driver}"/>
- <arg value="-username"/>
- <arg value="${oracle.db.user}"/>
- <arg value="-password"/>
- <arg value="${oracle.db.pass}"/>
- <arg value="-verbose"/>
- </java>
- </target>
+ <target name="create-db-usrgrps-oracle" depends="init-common">
+ <java classname="com.sun.devtests.security.jdbcrealm.PopulateDB" fork="true">
+ <classpath>
+ <pathelement path="${env.APS_HOME}/lib/ojdbc14.jar:${build.classes.dir}:${s1astest.classpath}"
+ />
+ </classpath>
+ <arg value="-url" />
+ <arg value="${oracle.db.url}" />
+ <arg value="-dbDriver" />
+ <arg value="${oracle.db.driver}" />
+ <arg value="-username" />
+ <arg value="${oracle.db.user}" />
+ <arg value="-password" />
+ <arg value="${oracle.db.pass}" />
+ <arg value="-verbose" />
+ </java>
+ </target>
- <target name="modify-domain-xml" depends="init-common">
- <antcall target="create-jdbcrealm-connection-pool">
- <param name="db.datasource.classname"
- value="${derby.db.datasource.classname}"/>
- <param name="db.port" value="${derby.db.port}"/>
- <param name="db.host" value="${derby.db.host}"/>
- <param name="db.name" value="${derby.db.name}"/>
- <param name="db.poolname" value="${derby.db.poolname}"/>
- <param name="db.connection-attributes"
- value="connectionAttributes=;create\=true"/>
- </antcall>
- <antcall target="create-jdbcrealm-resource">
- <param name="db.poolname" value="${derby.db.poolname}"/>
- <param name="db.jndiname" value="${derby.db.jndiname}"/>
- </antcall>
- <antcall target="create-auth-jdbcrealm">
- <param name="db.poolname" value="${derby.db.poolname}"/>
- <param name="db.jndiname" value="${derby.db.jndiname}"/>
- <param name="db.user" value="${derby.db.user}"/>
- <param name="db.pass" value="${derby.db.pass}"/>
- </antcall>
- </target>
+ <target name="modify-domain-xml" depends="init-common">
+ <antcall target="create-jdbcrealm-connection-pool">
+ <param name="db.datasource.classname" value="${derby.db.datasource.classname}" />
+ <param name="db.port" value="${derby.db.port}" />
+ <param name="db.host" value="${derby.db.host}" />
+ <param name="db.name" value="${derby.db.name}" />
+ <param name="db.poolname" value="${derby.db.poolname}" />
+ <param name="db.connection-attributes" value="connectionAttributes=;create\=true" />
+ </antcall>
+ <antcall target="create-jdbcrealm-resource">
+ <param name="db.poolname" value="${derby.db.poolname}" />
+ <param name="db.jndiname" value="${derby.db.jndiname}" />
+ </antcall>
+ <antcall target="create-auth-jdbcrealm">
+ <param name="db.poolname" value="${derby.db.poolname}" />
+ <param name="db.jndiname" value="${derby.db.jndiname}" />
+ <param name="db.user" value="${derby.db.user}" />
+ <param name="db.pass" value="${derby.db.pass}" />
+ </antcall>
+ </target>
- <target name="modify-domain-xml-oracle" depends="init-common">
+ <target name="modify-domain-xml-oracle" depends="init-common">
-<!--
+ <!--
<antcall target="create-jdbcrealm-connection-pool">
<param name="db.datasource.classname"
value="${oracle.db.datasource.classname}"/>
@@ -210,724 +209,727 @@
<param name="db.connection-attributes" value=""/>
</antcall>
-->
- <exec executable="${ASADMIN}">
- <arg line="create-jdbc-connection-pool"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="--datasourceclassname com.sun.sql.jdbcx.oracle.OracleDataSource"/>
- <arg line="--property"/>
- <arg value="PortNumber=${oracle.db.port}:serverName=${oracle.db.host}:SID=${oracle.db.SID}"/>
- <arg line="${oracle.db.poolname}"/>
- </exec>
+ <exec executable="${ASADMIN}">
+ <arg line="create-jdbc-connection-pool" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="--datasourceclassname com.sun.sql.jdbcx.oracle.OracleDataSource" />
+ <arg line="--property" />
+ <arg value="PortNumber=${oracle.db.port}:serverName=${oracle.db.host}:SID=${oracle.db.SID}" />
+ <arg line="${oracle.db.poolname}" />
+ </exec>
- <antcall target="create-jdbcrealm-resource">
- <param name="db.poolname" value="${oracle.db.poolname}"/>
- <param name="db.jndiname" value="${oracle.db.jndiname}"/>
- </antcall>
+ <antcall target="create-jdbcrealm-resource">
+ <param name="db.poolname" value="${oracle.db.poolname}" />
+ <param name="db.jndiname" value="${oracle.db.jndiname}" />
+ </antcall>
- <antcall target="create-auth-jdbcrealm">
- <param name="db.poolname" value="${oracle.db.poolname}"/>
- <param name="db.jndiname" value="${oracle.db.jndiname}"/>
- <param name="db.user" value="${oracle.db.user}"/>
-<!-- <param name="db.pass" value="${oracle.db.pass}"/> -->
- <param name="db.pass" value="${oracle.db.alias-pass}"/>
- </antcall>
+ <antcall target="create-auth-jdbcrealm">
+ <param name="db.poolname" value="${oracle.db.poolname}" />
+ <param name="db.jndiname" value="${oracle.db.jndiname}" />
+ <param name="db.user" value="${oracle.db.user}" />
+ <!-- <param name="db.pass" value="${oracle.db.pass}"/> -->
+ <param name="db.pass" value="${oracle.db.alias-pass}" />
+ </antcall>
- </target>
+ </target>
- <target name="un-modify-domain-xml" depends="init-common">
- <antcall target="delete-auth-jdbcrealm"/>
- <antcall target="delete-jdbcrealm-resource">
- <param name="db.jndiname" value="${derby.db.jndiname}"/>
- </antcall>
- <antcall target="delete-jdbcrealm-connection-pool">
- <param name="db.poolname" value="${derby.db.poolname}"/>
- </antcall>
- </target>
+ <target name="un-modify-domain-xml" depends="init-common">
+ <antcall target="delete-auth-jdbcrealm" />
+ <antcall target="delete-jdbcrealm-resource">
+ <param name="db.jndiname" value="${derby.db.jndiname}" />
+ </antcall>
+ <antcall target="delete-jdbcrealm-connection-pool">
+ <param name="db.poolname" value="${derby.db.poolname}" />
+ </antcall>
+ </target>
- <target name="un-modify-domain-xml-oracle" depends="init-common">
- <antcall target="delete-auth-jdbcrealm"/>
- <antcall target="delete-jdbcrealm-resource">
- <param name="db.jndiname" value="${oracle.db.jndiname}"/>
- </antcall>
- <antcall target="delete-jdbcrealm-connection-pool">
- <param name="db.poolname" value="${oracle.db.poolname}"/>
- </antcall>
- </target>
+ <target name="un-modify-domain-xml-oracle" depends="init-common">
+ <antcall target="delete-auth-jdbcrealm" />
+ <antcall target="delete-jdbcrealm-resource">
+ <param name="db.jndiname" value="${oracle.db.jndiname}" />
+ </antcall>
+ <antcall target="delete-jdbcrealm-connection-pool">
+ <param name="db.poolname" value="${oracle.db.poolname}" />
+ </antcall>
+ </target>
- <target name="create-jdbcrealm-resource" depends="init-common">
- <exec executable="${ASADMIN}">
- <arg line="create-jdbc-resource"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="--connectionpoolid ${db.poolname}"/>
- <arg line="${db.jndiname}"/>
- </exec>
- </target>
+ <target name="create-jdbcrealm-resource" depends="init-common">
+ <exec executable="${ASADMIN}">
+ <arg line="create-jdbc-resource" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="--connectionpoolid ${db.poolname}" />
+ <arg line="${db.jndiname}" />
+ </exec>
+ </target>
- <target name="delete-jdbcrealm-resource" depends="init-common">
- <exec executable="${ASADMIN}">
- <arg line="delete-jdbc-resource"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="${db.jndiname}"/>
- </exec>
- </target>
+ <target name="delete-jdbcrealm-resource" depends="init-common">
+ <exec executable="${ASADMIN}">
+ <arg line="delete-jdbc-resource" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="${db.jndiname}" />
+ </exec>
+ </target>
- <target name="create-jdbcrealm-connection-pool" depends="init-common">
- <exec executable="${ASADMIN}">
- <arg line="create-jdbc-connection-pool"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="--datasourceclassname ${db.datasource.classname}"/>
- <arg line="--property"/>
- <arg value="PortNumber=${db.port}:serverName=${db.host}:DatabaseName=${db.name}:${db.connection-attributes}"/>
- <arg line="${db.poolname}"/>
- </exec>
- </target>
+ <target name="create-jdbcrealm-connection-pool" depends="init-common">
+ <exec executable="${ASADMIN}">
+ <arg line="create-jdbc-connection-pool" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="--datasourceclassname ${db.datasource.classname}" />
+ <arg line="--property" />
+ <arg value="PortNumber=${db.port}:serverName=${db.host}:DatabaseName=${db.name}:${db.connection-attributes}"
+ />
+ <arg line="${db.poolname}" />
+ </exec>
+ </target>
- <target name="delete-jdbcrealm-connection-pool" depends="init-common">
- <exec executable="${ASADMIN}">
- <arg line="delete-jdbc-connection-pool"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="${db.poolname}"/>
- </exec>
- </target>
+ <target name="delete-jdbcrealm-connection-pool" depends="init-common">
+ <exec executable="${ASADMIN}">
+ <arg line="delete-jdbc-connection-pool" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="${db.poolname}" />
+ </exec>
+ </target>
- <target name="create-auth-jdbcrealm" depends="init-common">
+ <target name="create-auth-jdbcrealm" depends="init-common">
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_CLEAR"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE:digest-algorithm=NONE"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_CLEAR" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE:digest-algorithm=NONE"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_CLEAR_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_BASE64:digest-algorithm=NONE:encoding=BASE64"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_CLEAR_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_BASE64:digest-algorithm=NONE:encoding=BASE64"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_CLEAR_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_HEX:digest-algorithm=NONE:encoding=HEX"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_CLEAR_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_HEX:digest-algorithm=NONE:encoding=HEX"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_MD2_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_MD2_BASE64:digest-algorithm=MD2:encoding=BASE64"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_MD2_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_MD2_BASE64:digest-algorithm=MD2:encoding=BASE64"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_MD5_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_MD5_BASE64:digest-algorithm=MD5:encoding=BASE64"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_MD5_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_MD5_BASE64:digest-algorithm=MD5:encoding=BASE64"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_SHA_BASE64:digest-algorithm=SHA:encoding=BASE64"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_SHA_BASE64:digest-algorithm=SHA:encoding=BASE64"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA256_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_SHA256_BASE64:digest-algorithm=SHA-256:encoding=BASE64"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA256_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:user-table=USER_TABLE_SHA256_BASE64:digest-algorithm=SHA-256:encoding=BASE64"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA384_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=BASE64:user-table=USER_TABLE_SHA384_BASE64:digest-algorithm=SHA-384"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA384_BASE64" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=BASE64:user-table=USER_TABLE_SHA384_BASE64:digest-algorithm=SHA-384"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA512_BASE64"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=BASE64:user-table=USER_TABLE_SHA512_BASE64:digest-algorithm=SHA-512"/>
- </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_MD2_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_MD2_HEX:digest-algorithm=MD2"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_MD2_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_MD2_HEX:digest-algorithm=MD2"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_MD5_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_MD5_HEX:digest-algorithm=MD5"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_MD5_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_MD5_HEX:digest-algorithm=MD5"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA_HEX:digest-algorithm=SHA"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA_HEX:digest-algorithm=SHA"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA256_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA256_HEX:digest-algorithm=SHA-256"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA256_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA256_HEX:digest-algorithm=SHA-256"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA384_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA384_HEX:digest-algorithm=SHA-384"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA384_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA384_HEX:digest-algorithm=SHA-384"
+ />
+ </antcall>
- <antcall target="create-custom-auth-realm">
- <param name="realmname" value="JDBCRealm_SHA512_HEX"/>
- <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"/>
- <param name="realmproperties" value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA512_HEX:digest-algorithm=SHA-512"/>
- </antcall>
+ <antcall target="create-custom-auth-realm">
+ <param name="realmname" value="JDBCRealm_SHA512_HEX" />
+ <param name="realmclass" value="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" />
+ <param name="realmproperties"
+ value="datasource-jndi=${db.jndiname}:jaas-context=jdbcRealm:db-user=${db.user}:db-password=${db.pass}:user-name-column=USERNAME:password-column=PASSWORD:group-table=GROUP_TABLE:group-name-column=GROUPNAME:encoding=HEX:user-table=USER_TABLE_SHA512_HEX:digest-algorithm=SHA-512"
+ />
+ </antcall>
- </target>
+ </target>
- <target name="delete-auth-jdbcrealm" depends="init-common">
+ <target name="delete-auth-jdbcrealm" depends="init-common">
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_CLEAR"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_CLEAR_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_CLEAR_HEX"/>
- </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_CLEAR" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_CLEAR_BASE64" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_CLEAR_HEX" />
+ </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_MD2_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_MD5_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA256_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA384_BASE64"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA512_BASE64"/>
- </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_MD2_BASE64" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_MD5_BASE64" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA_BASE64" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA256_BASE64" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA384_BASE64" />
+ </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_MD2_HEX"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_MD5_HEX"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA_HEX"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA256_HEX"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA384_HEX"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="JDBCRealm_SHA512_HEX"/>
- </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_MD2_HEX" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_MD5_HEX" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA_HEX" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA256_HEX" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA384_HEX" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-auth-realm" />
+ <param name="operand.props" value="JDBCRealm_SHA512_HEX" />
+ </antcall>
- </target>
+ </target>
- <target name="create-custom-auth-realm" depends="init-common">
- <echo message="Creating auth realm ${realmname} ..."/>
- <exec executable="${ASADMIN}">
- <arg line="create-auth-realm"/>
- <arg line="${as.props} --target=${appserver.instance.name}"/>
- <arg line="--classname ${realmclass}"/>
- <arg line="--property"/>
- <arg value="${realmproperties}"/>
- <arg line="${realmname}"/>
- </exec>
- </target>
+ <target name="create-custom-auth-realm" depends="init-common">
+ <echo message="Creating auth realm ${realmname} ..." />
+ <exec executable="${ASADMIN}">
+ <arg line="create-auth-realm" />
+ <arg line="${as.props} --target=${appserver.instance.name}" />
+ <arg line="--classname ${realmclass}" />
+ <arg line="--property" />
+ <arg value="${realmproperties}" />
+ <arg line="${realmname}" />
+ </exec>
+ </target>
- <target name="clean" depends="init-common">
- <delete dir="${build.classes.dir}"/>
- <delete dir="${assemble.dir}"/>
- </target>
+ <target name="clean" depends="init-common">
+ <delete dir="${build.classes.dir}" />
+ <delete dir="${assemble.dir}" />
+ </target>
- <target name="compile" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="client"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="web"/>
- </antcall>
- </target>
+ <target name="compile" depends="clean">
+ <antcall target="compile-common">
+ <param name="src" value="client" />
+ </antcall>
+ <antcall target="compile-common">
+ <param name="src" value="web" />
+ </antcall>
+ </target>
- <target name="build" depends="compile">
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_CLEAR"/>
- <param name="jdbc.realm.user" value="qwert"/>
- <param name="appname" value="jdbc-realm-clear"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_CLEAR_BASE64"/>
- <param name="jdbc.realm.user" value="qwertBASE64"/>
- <param name="appname" value="jdbc-realm-clear-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_CLEAR_HEX"/>
- <param name="jdbc.realm.user" value="qwertHEX"/>
- <param name="appname" value="jdbc-realm-clear-hex"/>
- </antcall>
+ <target name="build" depends="compile">
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_CLEAR" />
+ <param name="jdbc.realm.user" value="qwert" />
+ <param name="appname" value="jdbc-realm-clear" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_CLEAR_BASE64" />
+ <param name="jdbc.realm.user" value="qwertBASE64" />
+ <param name="appname" value="jdbc-realm-clear-base64" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_CLEAR_HEX" />
+ <param name="jdbc.realm.user" value="qwertHEX" />
+ <param name="appname" value="jdbc-realm-clear-hex" />
+ </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_MD2_BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD2BASE64"/>
- <param name="appname" value="jdbc-realm-md2-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_MD5_BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD5BASE64"/>
- <param name="appname" value="jdbc-realm-md5-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA_BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHABASE64"/>
- <param name="appname" value="jdbc-realm-sha-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA256_BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA256BASE64"/>
- <param name="appname" value="jdbc-realm-sha256-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA384_BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA384BASE64"/>
- <param name="appname" value="jdbc-realm-sha384-base64"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA512_BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA512BASE64"/>
- <param name="appname" value="jdbc-realm-sha512-base64"/>
- </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_MD2_BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD2BASE64" />
+ <param name="appname" value="jdbc-realm-md2-base64" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_MD5_BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD5BASE64" />
+ <param name="appname" value="jdbc-realm-md5-base64" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA_BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHABASE64" />
+ <param name="appname" value="jdbc-realm-sha-base64" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA256_BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA256BASE64" />
+ <param name="appname" value="jdbc-realm-sha256-base64" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA384_BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA384BASE64" />
+ <param name="appname" value="jdbc-realm-sha384-base64" />
+ </antcall>
-
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_MD2_HEX"/>
- <param name="jdbc.realm.user" value="qwertMD2HEX"/>
- <param name="appname" value="jdbc-realm-md2-hex"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_MD5_HEX"/>
- <param name="jdbc.realm.user" value="qwertMD5HEX"/>
- <param name="appname" value="jdbc-realm-md5-hex"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA_HEX"/>
- <param name="jdbc.realm.user" value="qwertSHAHEX"/>
- <param name="appname" value="jdbc-realm-sha-hex"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA256_HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA256HEX"/>
- <param name="appname" value="jdbc-realm-sha256-hex"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA384_HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA384HEX"/>
- <param name="appname" value="jdbc-realm-sha384-hex"/>
- </antcall>
- <antcall target="custom-build">
- <param name="jdbc.realm.name" value="JDBCRealm_SHA512_HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA512HEX"/>
- <param name="appname" value="jdbc-realm-sha512-hex"/>
- </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_MD2_HEX" />
+ <param name="jdbc.realm.user" value="qwertMD2HEX" />
+ <param name="appname" value="jdbc-realm-md2-hex" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_MD5_HEX" />
+ <param name="jdbc.realm.user" value="qwertMD5HEX" />
+ <param name="appname" value="jdbc-realm-md5-hex" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA_HEX" />
+ <param name="jdbc.realm.user" value="qwertSHAHEX" />
+ <param name="appname" value="jdbc-realm-sha-hex" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA256_HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA256HEX" />
+ <param name="appname" value="jdbc-realm-sha256-hex" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA384_HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA384HEX" />
+ <param name="appname" value="jdbc-realm-sha384-hex" />
+ </antcall>
+ <antcall target="custom-build">
+ <param name="jdbc.realm.name" value="JDBCRealm_SHA512_HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA512HEX" />
+ <param name="appname" value="jdbc-realm-sha512-hex" />
+ </antcall>
- </target>
+ </target>
- <target name="deploy" depends="init-common">
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-clear"/>
- <param name="appname" value="jdbc-realm-clear"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-clear-base64"/>
- <param name="appname" value="jdbc-realm-clear-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-clear-hex"/>
- <param name="appname" value="jdbc-realm-clear-hex"/>
- </antcall>
+ <target name="deploy" depends="init-common">
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-clear" />
+ <param name="appname" value="jdbc-realm-clear" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-clear-base64" />
+ <param name="appname" value="jdbc-realm-clear-base64" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-clear-hex" />
+ <param name="appname" value="jdbc-realm-clear-hex" />
+ </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-md2-base64"/>
- <param name="appname" value="jdbc-realm-md2-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-md5-base64"/>
- <param name="appname" value="jdbc-realm-md5-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha-base64"/>
- <param name="appname" value="jdbc-realm-sha-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha256-base64"/>
- <param name="appname" value="jdbc-realm-sha256-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha384-base64"/>
- <param name="appname" value="jdbc-realm-sha384-base64"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha512-base64"/>
- <param name="appname" value="jdbc-realm-sha512-base64"/>
- </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-md2-base64" />
+ <param name="appname" value="jdbc-realm-md2-base64" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-md5-base64" />
+ <param name="appname" value="jdbc-realm-md5-base64" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha-base64" />
+ <param name="appname" value="jdbc-realm-sha-base64" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha256-base64" />
+ <param name="appname" value="jdbc-realm-sha256-base64" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha384-base64" />
+ <param name="appname" value="jdbc-realm-sha384-base64" />
+ </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-md2-hex"/>
- <param name="appname" value="jdbc-realm-md2-hex"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-md5-hex"/>
- <param name="appname" value="jdbc-realm-md5-hex"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha-hex"/>
- <param name="appname" value="jdbc-realm-sha-hex"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha256-hex"/>
- <param name="appname" value="jdbc-realm-sha256-hex"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha384-hex"/>
- <param name="appname" value="jdbc-realm-sha384-hex"/>
- </antcall>
- <antcall target="deploy-war-common">
- <param name="contextroot" value="jdbc-realm-sha512-hex"/>
- <param name="appname" value="jdbc-realm-sha512-hex"/>
- </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-md2-hex" />
+ <param name="appname" value="jdbc-realm-md2-hex" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-md5-hex" />
+ <param name="appname" value="jdbc-realm-md5-hex" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha-hex" />
+ <param name="appname" value="jdbc-realm-sha-hex" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha256-hex" />
+ <param name="appname" value="jdbc-realm-sha256-hex" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha384-hex" />
+ <param name="appname" value="jdbc-realm-sha384-hex" />
+ </antcall>
+ <antcall target="deploy-war-common">
+ <param name="contextroot" value="jdbc-realm-sha512-hex" />
+ <param name="appname" value="jdbc-realm-sha512-hex" />
+ </antcall>
- </target>
+ </target>
- <target name="run" depends="init-common">
- <antcall target="run-positive"/>
- <antcall target="run-negative"/>
- </target>
+ <target name="run" depends="init-common">
+ <antcall target="run-positive" />
+ <antcall target="run-negative" />
+ </target>
- <target name="run-positive" depends="init-common">
+ <target name="run-positive" depends="init-common">
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwert"/>
- <param name="jdbc.realm.user" value="qwert"/>
- <param name="appname" value="jdbc-realm-clear"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertBASE64"/>
- <param name="jdbc.realm.user" value="qwertBASE64"/>
- <param name="appname" value="jdbc-realm-clear-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertHEX"/>
- <param name="jdbc.realm.user" value="qwertHEX"/>
- <param name="appname" value="jdbc-realm-clear-hex"/>
- </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwert" />
+ <param name="jdbc.realm.user" value="qwert" />
+ <param name="appname" value="jdbc-realm-clear" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertBASE64" />
+ <param name="jdbc.realm.user" value="qwertBASE64" />
+ <param name="appname" value="jdbc-realm-clear-base64" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertHEX" />
+ <param name="jdbc.realm.user" value="qwertHEX" />
+ <param name="appname" value="jdbc-realm-clear-hex" />
+ </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertMD2BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD2BASE64"/>
- <param name="appname" value="jdbc-realm-md2-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertMD5BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD5BASE64"/>
- <param name="appname" value="jdbc-realm-md5-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHABASE64"/>
- <param name="jdbc.realm.user" value="qwertSHABASE64"/>
- <param name="appname" value="jdbc-realm-sha-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA256BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA256BASE64"/>
- <param name="appname" value="jdbc-realm-sha256-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA384BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA384BASE64"/>
- <param name="appname" value="jdbc-realm-sha384-base64"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA512BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA512BASE64"/>
- <param name="appname" value="jdbc-realm-sha512-base64"/>
- </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertMD2BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD2BASE64" />
+ <param name="appname" value="jdbc-realm-md2-base64" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertMD5BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD5BASE64" />
+ <param name="appname" value="jdbc-realm-md5-base64" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHABASE64" />
+ <param name="jdbc.realm.user" value="qwertSHABASE64" />
+ <param name="appname" value="jdbc-realm-sha-base64" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHA256BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA256BASE64" />
+ <param name="appname" value="jdbc-realm-sha256-base64" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHA384BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA384BASE64" />
+ <param name="appname" value="jdbc-realm-sha384-base64" />
+ </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertMD2HEX"/>
- <param name="jdbc.realm.user" value="qwertMD2HEX"/>
- <param name="appname" value="jdbc-realm-md2-hex"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertMD5HEX"/>
- <param name="jdbc.realm.user" value="qwertMD5HEX"/>
- <param name="appname" value="jdbc-realm-md5-hex"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHAHEX"/>
- <param name="jdbc.realm.user" value="qwertSHAHEX"/>
- <param name="appname" value="jdbc-realm-sha-hex"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA256HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA256HEX"/>
- <param name="appname" value="jdbc-realm-sha256-hex"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA384HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA384HEX"/>
- <param name="appname" value="jdbc-realm-sha384-hex"/>
- </antcall>
- <antcall target="custom-run">
- <param name="jdbc.realm.pass" value="qwertSHA512HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA512HEX"/>
- <param name="appname" value="jdbc-realm-sha512-hex"/>
- </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertMD2HEX" />
+ <param name="jdbc.realm.user" value="qwertMD2HEX" />
+ <param name="appname" value="jdbc-realm-md2-hex" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertMD5HEX" />
+ <param name="jdbc.realm.user" value="qwertMD5HEX" />
+ <param name="appname" value="jdbc-realm-md5-hex" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHAHEX" />
+ <param name="jdbc.realm.user" value="qwertSHAHEX" />
+ <param name="appname" value="jdbc-realm-sha-hex" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHA256HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA256HEX" />
+ <param name="appname" value="jdbc-realm-sha256-hex" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHA384HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA384HEX" />
+ <param name="appname" value="jdbc-realm-sha384-hex" />
+ </antcall>
+ <antcall target="custom-run">
+ <param name="jdbc.realm.pass" value="qwertSHA512HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA512HEX" />
+ <param name="appname" value="jdbc-realm-sha512-hex" />
+ </antcall>
- </target>
+ </target>
- <target name="run-negative" depends="init-common">
+ <target name="run-negative" depends="init-common">
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwert"/>
- <param name="jdbc.realm.user" value="qwerta"/>
- <param name="appname" value="jdbc-realm-clear"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertBASE64"/>
- <param name="jdbc.realm.user" value="qwertBASE64a"/>
- <param name="appname" value="jdbc-realm-clear-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertHEX"/>
- <param name="jdbc.realm.user" value="qwertHEXa"/>
- <param name="appname" value="jdbc-realm-clear-hex"/>
- </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwert" />
+ <param name="jdbc.realm.user" value="qwerta" />
+ <param name="appname" value="jdbc-realm-clear" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertBASE64" />
+ <param name="jdbc.realm.user" value="qwertBASE64a" />
+ <param name="appname" value="jdbc-realm-clear-base64" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertHEX" />
+ <param name="jdbc.realm.user" value="qwertHEXa" />
+ <param name="appname" value="jdbc-realm-clear-hex" />
+ </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertMD2BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD2BASE64a"/>
- <param name="appname" value="jdbc-realm-md2-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertMD5BASE64"/>
- <param name="jdbc.realm.user" value="qwertMD5BASE64a"/>
- <param name="appname" value="jdbc-realm-md5-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHABASE64"/>
- <param name="jdbc.realm.user" value="qwertSHABASE64a"/>
- <param name="appname" value="jdbc-realm-sha-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA256BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA256BASE64a"/>
- <param name="appname" value="jdbc-realm-sha256-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA384BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA384BASE64a"/>
- <param name="appname" value="jdbc-realm-sha384-base64"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA512BASE64"/>
- <param name="jdbc.realm.user" value="qwertSHA512BASE64a"/>
- <param name="appname" value="jdbc-realm-sha512-base64"/>
- </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertMD2BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD2BASE64a" />
+ <param name="appname" value="jdbc-realm-md2-base64" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertMD5BASE64" />
+ <param name="jdbc.realm.user" value="qwertMD5BASE64a" />
+ <param name="appname" value="jdbc-realm-md5-base64" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHABASE64" />
+ <param name="jdbc.realm.user" value="qwertSHABASE64a" />
+ <param name="appname" value="jdbc-realm-sha-base64" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHA256BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA256BASE64a" />
+ <param name="appname" value="jdbc-realm-sha256-base64" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHA384BASE64" />
+ <param name="jdbc.realm.user" value="qwertSHA384BASE64a" />
+ <param name="appname" value="jdbc-realm-sha384-base64" />
+ </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertMD2HEX"/>
- <param name="jdbc.realm.user" value="qwertMD2HEXa"/>
- <param name="appname" value="jdbc-realm-md2-hex"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertMD5HEX"/>
- <param name="jdbc.realm.user" value="qwertMD5HEXa"/>
- <param name="appname" value="jdbc-realm-md5-hex"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHAHEX"/>
- <param name="jdbc.realm.user" value="qwertSHAHEXa"/>
- <param name="appname" value="jdbc-realm-sha-hex"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA256HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA256HEXa"/>
- <param name="appname" value="jdbc-realm-sha256-hex"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA384HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA384HEXa"/>
- <param name="appname" value="jdbc-realm-sha384-hex"/>
- </antcall>
- <antcall target="custom-neg-run">
- <param name="jdbc.realm.pass" value="qwertSHA512HEX"/>
- <param name="jdbc.realm.user" value="qwertSHA512HEXa"/>
- <param name="appname" value="jdbc-realm-sha512-hex"/>
- </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertMD2HEX" />
+ <param name="jdbc.realm.user" value="qwertMD2HEXa" />
+ <param name="appname" value="jdbc-realm-md2-hex" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertMD5HEX" />
+ <param name="jdbc.realm.user" value="qwertMD5HEXa" />
+ <param name="appname" value="jdbc-realm-md5-hex" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHAHEX" />
+ <param name="jdbc.realm.user" value="qwertSHAHEXa" />
+ <param name="appname" value="jdbc-realm-sha-hex" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHA256HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA256HEXa" />
+ <param name="appname" value="jdbc-realm-sha256-hex" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHA384HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA384HEXa" />
+ <param name="appname" value="jdbc-realm-sha384-hex" />
+ </antcall>
+ <antcall target="custom-neg-run">
+ <param name="jdbc.realm.pass" value="qwertSHA512HEX" />
+ <param name="jdbc.realm.user" value="qwertSHA512HEXa" />
+ <param name="appname" value="jdbc-realm-sha512-hex" />
+ </antcall>
- </target>
+ </target>
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-clear"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-clear-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-clear-hex"/>
- </antcall>
+ <target name="undeploy" depends="init-common">
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-clear" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-clear-base64" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-clear-hex" />
+ </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-md2-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-md5-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha256-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha384-base64"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha512-base64"/>
- </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-md2-base64" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-md5-base64" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha-base64" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha256-base64" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha384-base64" />
+ </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-md2-hex"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-md5-hex"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha-hex"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha256-hex"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha384-hex"/>
- </antcall>
- <antcall target="undeploy-war-common">
- <param name="appname" value="jdbc-realm-sha512-hex"/>
- </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-md2-hex" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-md5-hex" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha-hex" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha256-hex" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha384-hex" />
+ </antcall>
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="jdbc-realm-sha512-hex" />
+ </antcall>
- </target>
+ </target>
- <target name="restart">
- <antcall target="restart-server-instance-common"/>
- </target>
+ <target name="restart">
+ <antcall target="restart-server-instance-common" />
+ </target>
- <!-- variables needed by custom-build
+ <!-- variables needed by custom-build
1. jdbc.realm.name
2. jdbc.realm.user
3. appname
-->
- <target name="custom-build">
- <echo message="web.xml is defined as ${web.xml}"/>
+ <target name="custom-build">
+ <echo message="web.xml is defined as ${web.xml}" />
- <copy file="web.xml.template" tofile="${web.xml}" overwrite="true" failonerror="false"/>
- <replace file="${web.xml}" token="REALM_NAME_HERE" value="${jdbc.realm.name}"/>
- <copy file="sun-web.xml.template" tofile="${sun-web.xml}" overwrite="true" failonerror="false"/>
- <replace file="${sun-web.xml}" token="USER_ID_HERE" value="${jdbc.realm.user}"/>
+ <copy file="web.xml.template" tofile="${web.xml}" overwrite="true" failonerror="false" />
+ <replace file="${web.xml}" token="REALM_NAME_HERE" value="${jdbc.realm.name}" />
+ <copy file="sun-web.xml.template"
+ tofile="${sun-web.xml}"
+ overwrite="true"
+ failonerror="false"
+ />
+ <replace file="${sun-web.xml}" token="USER_ID_HERE" value="${jdbc.realm.user}" />
- <antcall target="webclient-war-common">
- <param name="hasWebclient" value="true"/>
- <param name="appname" value="${appname}"/>
- </antcall>
+ <antcall target="webclient-war-common">
+ <param name="hasWebclient" value="true" />
+ <param name="appname" value="${appname}" />
+ </antcall>
- <delete file="${web.xml}"/>
- <delete file="${sun-web.xml}"/>
+ <delete file="${web.xml}" />
+ <delete file="${sun-web.xml}" />
- </target>
+ </target>
- <!-- variables needed by custom-build
+ <!-- variables needed by custom-build
1. jdbc.realm.pass
2. jdbc.realm.user
3. appname
-->
- <target name="custom-neg-run" depends="init-common">
+ <target name="custom-neg-run" depends="init-common">
- <echo message="Testing (NEGATIVE TEST) against URL http://${http.host}:${http.port}/${appname}/TestServlet using username/password ${jdbc.realm.user}/${jdbc.realm.pass}"/>
+ <echo message="Testing (NEGATIVE TEST) against URL http://${http.host}:${http.port}/${appname}/TestServlet using username/password ${jdbc.realm.user}/${jdbc.realm.pass}"
+ />
- <java classname="HttpBasicAuthTest" fork="true">
- <classpath>
- <pathelement path="${build.classes.dir}:${s1astest.classpath}"/>
- </classpath>
- <arg value="-url"/>
- <arg value="http://${http.host}:${http.port}/${appname}/TestServlet"/>
- <arg value="-user"/>
- <arg value="${jdbc.realm.user}"/>
- <arg value="-pass"/>
- <arg value="${jdbc.realm.pass}"/>
- <arg value="-tc"/>
- <arg value="10"/>
- <arg value="-lc"/>
- <arg value="10"/>
- <arg value="-negative"/>
- </java>
- </target>
+ <java classname="HttpBasicAuthTest" fork="true">
+ <classpath>
+ <pathelement path="${build.classes.dir}:${s1astest.classpath}" />
+ </classpath>
+ <arg value="-url" />
+ <arg value="http://${http.host}:${http.port}/${appname}/TestServlet" />
+ <arg value="-user" />
+ <arg value="${jdbc.realm.user}" />
+ <arg value="-pass" />
+ <arg value="${jdbc.realm.pass}" />
+ <arg value="-tc" />
+ <arg value="10" />
+ <arg value="-lc" />
+ <arg value="10" />
+ <arg value="-negative" />
+ </java>
+ </target>
- <target name="custom-run" depends="init-common">
+ <target name="custom-run" depends="init-common">
- <echo message="Testing against URL http://${http.host}:${http.port}/${appname}/TestServlet using username/password ${jdbc.realm.user}/${jdbc.realm.pass}"/>
+ <echo message="Testing against URL http://${http.host}:${http.port}/${appname}/TestServlet using username/password ${jdbc.realm.user}/${jdbc.realm.pass}"
+ />
- <java classname="HttpBasicAuthTest" fork="true">
- <classpath>
- <pathelement path="${build.classes.dir}:${s1astest.classpath}"/>
- </classpath>
- <arg value="-url"/>
- <arg value="http://${http.host}:${http.port}/${appname}/TestServlet"/>
- <arg value="-user"/>
- <arg value="${jdbc.realm.user}"/>
- <arg value="-pass"/>
- <arg value="${jdbc.realm.pass}"/>
- <arg value="-tc"/>
- <arg value="10"/>
- <arg value="-lc"/>
- <arg value="10"/>
- </java>
- </target>
+ <java classname="HttpBasicAuthTest" fork="true">
+ <classpath>
+ <pathelement path="${build.classes.dir}:${s1astest.classpath}" />
+ </classpath>
+ <arg value="-url" />
+ <arg value="http://${http.host}:${http.port}/${appname}/TestServlet" />
+ <arg value="-user" />
+ <arg value="${jdbc.realm.user}" />
+ <arg value="-pass" />
+ <arg value="${jdbc.realm.pass}" />
+ <arg value="-tc" />
+ <arg value="10" />
+ <arg value="-lc" />
+ <arg value="10" />
+ </java>
+ </target>
</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/client/HttpBasicAuthTest.java b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/client/HttpBasicAuthTest.java
index 13c43dc..361886a 100644
--- a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/client/HttpBasicAuthTest.java
+++ b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/client/HttpBasicAuthTest.java
@@ -16,6 +16,8 @@
import java.io.*;
import java.net.*;
+import java.util.Base64;
+
import sun.misc.*;
import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
@@ -162,8 +164,7 @@
URLConnection uconn = u.openConnection();
String up = username + ":" + password;
- BASE64Encoder be = new BASE64Encoder();
- up = new String(be.encode(up.getBytes()));
+ up = Base64.getEncoder().encodeToString(up.getBytes());
uconn.setRequestProperty("authorization", "Basic " + up);
diff --git a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/util/PopulateDB.java b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/util/PopulateDB.java
index 78c16b5..8309d41 100644
--- a/appserver/tests/appserv-tests/devtests/security/jdbcrealm/util/PopulateDB.java
+++ b/appserver/tests/appserv-tests/devtests/security/jdbcrealm/util/PopulateDB.java
@@ -17,10 +17,10 @@
package com.sun.devtests.security.jdbcrealm;
import java.sql.*;
+import java.util.Base64;
+import java.util.Base64.Encoder;
import java.security.*;
-import sun.misc.BASE64Encoder;
-
public class PopulateDB {
// username/passwords
@@ -190,10 +190,10 @@
ps.close();
ps = con.prepareStatement(INSERT_USER_STMT_BASE64);
- BASE64Encoder base64 = new BASE64Encoder();
+ Encoder base64 = Base64.getEncoder();
for(int i=0; i<users_BASE64.length; i++) {
ps.setString(1, users_BASE64[i][0]);
- ps.setString(2, new String(base64.encode(users_BASE64[i][1].getBytes())));
+ ps.setString(2, new String(base64.encodeToString(users_BASE64[i][1].getBytes())));
ps.executeUpdate();
}
ps.close();
@@ -210,7 +210,7 @@
MessageDigest md2 = MessageDigest.getInstance("MD2");
for(int i=0; i<users_MD2_BASE64.length; i++) {
ps.setString(1, users_MD2_BASE64[i][0]);
- ps.setString(2, base64.encode(md2.digest(users_MD2_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(md2.digest(users_MD2_BASE64[i][1].getBytes())));
ps.executeUpdate();
md2.reset();
}
@@ -220,7 +220,7 @@
MessageDigest md5 = MessageDigest.getInstance("MD5");
for(int i=0; i<users_MD5_BASE64.length; i++) {
ps.setString(1, users_MD5_BASE64[i][0]);
- ps.setString(2, base64.encode(md5.digest(users_MD5_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(md5.digest(users_MD5_BASE64[i][1].getBytes())));
ps.executeUpdate();
md5.reset();
}
@@ -230,7 +230,7 @@
MessageDigest sha = MessageDigest.getInstance("SHA");
for(int i=0; i<users_SHA_BASE64.length; i++) {
ps.setString(1, users_SHA_BASE64[i][0]);
- ps.setString(2, base64.encode(sha.digest(users_SHA_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(sha.digest(users_SHA_BASE64[i][1].getBytes())));
ps.executeUpdate();
sha.reset();
}
@@ -240,7 +240,7 @@
MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
for(int i=0; i<users_SHA256_BASE64.length; i++) {
ps.setString(1, users_SHA256_BASE64[i][0]);
- ps.setString(2, base64.encode(sha256.digest(users_SHA256_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(sha256.digest(users_SHA256_BASE64[i][1].getBytes())));
ps.executeUpdate();
sha256.reset();
}
@@ -250,7 +250,7 @@
MessageDigest sha384 = MessageDigest.getInstance("SHA-384");
for(int i=0; i<users_SHA384_BASE64.length; i++) {
ps.setString(1, users_SHA384_BASE64[i][0]);
- ps.setString(2, base64.encode(sha384.digest(users_SHA384_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(sha384.digest(users_SHA384_BASE64[i][1].getBytes())));
ps.executeUpdate();
sha384.reset();
}
@@ -260,7 +260,7 @@
MessageDigest sha512 = MessageDigest.getInstance("SHA-512");
for(int i=0; i<users_SHA512_BASE64.length; i++) {
ps.setString(1, users_SHA512_BASE64[i][0]);
- ps.setString(2, base64.encode(sha512.digest(users_SHA512_BASE64[i][1].getBytes())));
+ ps.setString(2, base64.encodeToString(sha512.digest(users_SHA512_BASE64[i][1].getBytes())));
ps.executeUpdate();
sha512.reset();
}
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/build.xml b/appserver/tests/appserv-tests/devtests/security/jmac/build.xml
index f8b6ea9..69d55fe 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/build.xml
@@ -32,10 +32,8 @@
&commonRun;
<target name="all">
- <!-- Expected output doesn't match. This test used to pass in 5.0
<ant dir="httpServlet" target="all"/>
- -->
- <ant dir="https" target="all"/>
+<!-- <ant dir="https" target="all"/> FAIL, bug in certificate realm processing? -->
<ant dir="httpServletChallenge" target="all"/>
<ant dir="httpServletForm" target="all"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/build.properties b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/build.properties
index 8409f65..cdebc37 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/build.properties
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/build.properties
@@ -22,5 +22,5 @@
<property name="app.type" value="war"/>
<property name="assemble" value="${build.classes.dir}/archive"/>
<property name="web.xml" value="descriptor/web.xml"/>
-<property name="sun-web.xml" value="descriptor/sun-web.xml"/>
+<property name="glassfish-web.xml" value="descriptor/glassfish-web.xml"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/sun-web.xml b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/glassfish-web.xml
similarity index 76%
rename from appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/sun-web.xml
rename to appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/glassfish-web.xml
index 7b24d54..a895189 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/sun-web.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/descriptor/glassfish-web.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 7.0 Servlet 2.3//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-web-app_2_3-0.dtd'>
+<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<!--
Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
@@ -18,10 +18,10 @@
-->
-<sun-web-app httpservlet-security-provider="httpServletTestAuthModule">
+<glassfish-web-app httpservlet-security-provider="httpServletTestAuthModule">
<security-role-mapping>
<role-name>myrole</role-name>
<group-name>mygroup</group-name>
</security-role-mapping>
-</sun-web-app>
+</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/docroot/index.jsp b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/docroot/index.jsp
index ea8e942..d63057e 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/docroot/index.jsp
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/docroot/index.jsp
@@ -20,8 +20,7 @@
<hr>
<%
try {
- out.println("Hello, " + request.getUserPrincipal() +
- " from " + request.getAttribute("MY_NAME"));
+ out.println("Hello, " + request.getUserPrincipal() + " from " + request.getAttribute("MY_NAME"));
out.println("PC = " + request.getAttribute("PC"));
} catch(Throwable t) {
out.println("Something wrong: " + t);
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/goldenfiles/output.html b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/goldenfiles/output.html
index b5e3587..4a47571 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/goldenfiles/output.html
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/goldenfiles/output.html
@@ -1,8 +1,10 @@
+
+
Hello World from 196 HttpServlet AuthModule Test!
<hr>
Hello, shingwai123 from com.sun.s1asdev.security.jmac.httpservlet.HttpServletTestAuthModule
PC = security-jmac-httpservlet-web/security-jmac-httpservlet-web
-
<hr>
-Adjusted count: 218
+
+Adjusted count: 220
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/src/HttpServletTestAuthModule.java b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/src/HttpServletTestAuthModule.java
index 002e18e..5e11ae3 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/src/HttpServletTestAuthModule.java
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServlet/src/HttpServletTestAuthModule.java
@@ -17,6 +17,7 @@
package com.sun.s1asdev.security.jmac.httpservlet;
import java.io.PrintWriter;
+import java.util.Base64;
import java.util.Map;
import java.security.AccessController;
import java.security.PrivilegedAction;
@@ -35,8 +36,6 @@
import jakarta.servlet.http.HttpServletResponse;
-import sun.misc.BASE64Decoder;
-
public class HttpServletTestAuthModule implements ServerAuthModule {
private CallbackHandler handler = null;
private String pc = null;
@@ -75,8 +74,7 @@
if (authorization != null &&
authorization.toLowerCase().startsWith("basic ")) {
authorization = authorization.substring(6).trim();
- BASE64Decoder decoder = new BASE64Decoder();
- byte[] bs = decoder.decodeBuffer(authorization);
+ byte[] bs = Base64.getDecoder().decode(authorization);
String decodedString = new String(bs);
int ind = decodedString.indexOf(':');
if (ind > 0) {
@@ -94,10 +92,8 @@
char[] pwd = new char[password.length()];
password.getChars(0, password.length(), pwd, 0);
- PasswordValidationCallback pwdCallback =
- new PasswordValidationCallback(clientSubject, username, pwd);
- CallerPrincipalCallback cpCallback =
- new CallerPrincipalCallback(clientSubject, username);
+ PasswordValidationCallback pwdCallback = new PasswordValidationCallback(clientSubject, username, pwd);
+ CallerPrincipalCallback cpCallback = new CallerPrincipalCallback(clientSubject, username);
System.out.println("Subject before invoking callbacks: " + clientSubject);
handler.handle(new Callback[] { pwdCallback, cpCallback });
System.out.println("Subject after invoking callbacks: " + clientSubject);
@@ -128,11 +124,9 @@
try {
System.out.println("SR is called");
- HttpServletRequest request =
- (HttpServletRequest)messageInfo.getRequestMessage();
+ HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
request.setAttribute("SR", "true");
- MyHttpServletResponseWrapper response =
- (MyHttpServletResponseWrapper)messageInfo.getResponseMessage();
+ MyHttpServletResponseWrapper response = (MyHttpServletResponseWrapper) messageInfo.getResponseMessage();
int count = response.getAdjustedCount();
PrintWriter writer = response.getWriter();
writer.println("\nAdjusted count: " + count);
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServletChallenge/src/HttpServletChallengeTestAuthModule.java b/appserver/tests/appserv-tests/devtests/security/jmac/httpServletChallenge/src/HttpServletChallengeTestAuthModule.java
index 43aaf4c..f347a91 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServletChallenge/src/HttpServletChallengeTestAuthModule.java
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServletChallenge/src/HttpServletChallengeTestAuthModule.java
@@ -16,6 +16,7 @@
package com.sun.s1asdev.security.jmac.httpservletchallenge;
+import java.util.Base64;
import java.util.Map;
import java.security.AccessController;
import java.security.PrivilegedAction;
@@ -35,8 +36,6 @@
import jakarta.servlet.http.HttpServletResponse;
-import sun.misc.BASE64Decoder;
-
public class HttpServletChallengeTestAuthModule implements ServerAuthModule {
private CallbackHandler handler = null;
@@ -67,11 +66,9 @@
HttpServletRequest request =
(HttpServletRequest)messageInfo.getRequestMessage();
String authorization = request.getHeader("authorization");
- if (authorization != null &&
- authorization.toLowerCase().startsWith("basic ")) {
+ if (authorization != null && authorization.toLowerCase().startsWith("basic ")) {
authorization = authorization.substring(6).trim();
- BASE64Decoder decoder = new BASE64Decoder();
- byte[] bs = decoder.decodeBuffer(authorization);
+ byte[] bs = Base64.getDecoder().decode(authorization);
String decodedString = new String(bs);
int ind = decodedString.indexOf(':');
if (ind > 0) {
@@ -80,8 +77,7 @@
}
}
- HttpServletResponse response =
- (HttpServletResponse)messageInfo.getResponseMessage();
+ HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if (username == null || password == null) {
response.setHeader("WWW-Authenticate", "Basic realm=\"default\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/httpServletForm/src/HttpServletFormTestAuthModule.java b/appserver/tests/appserv-tests/devtests/security/jmac/httpServletForm/src/HttpServletFormTestAuthModule.java
index 0e9764e..b09ea53 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/httpServletForm/src/HttpServletFormTestAuthModule.java
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/httpServletForm/src/HttpServletFormTestAuthModule.java
@@ -35,8 +35,6 @@
import jakarta.servlet.http.HttpServletResponse;
-import sun.misc.BASE64Decoder;
-
public class HttpServletFormTestAuthModule implements ServerAuthModule {
private static final String SAVED_REQUEST = "Saved_Request";
private static final String SAVED_SUBJECT = "Saved_Subject";
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/build.properties b/appserver/tests/appserv-tests/devtests/security/jmac/https/build.properties
index 8cb4c0a..1b71a54 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/build.properties
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/build.properties
@@ -22,5 +22,5 @@
<property name="app.type" value="war"/>
<property name="assemble" value="${build.classes.dir}/archive"/>
<property name="web.xml" value="descriptor/web.xml"/>
-<property name="sun-web.xml" value="descriptor/sun-web.xml"/>
+<property name="glassfish-web.xml" value="descriptor/glassfish-web.xml"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/build.xml b/appserver/tests/appserv-tests/devtests/security/jmac/https/build.xml
index 9a3b3d5..5fa5884 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/build.xml
@@ -93,7 +93,7 @@
<target name="run" depends="init-common, init-security-util">
<java classname="com.sun.s1asdev.security.jmac.https.WebSSLClient" fork="true">
- <!-- jvmarg value="-Djavax.net.debug=ssl,handshake,data,trustmanager"/-->
+ <!--jvmarg value="-Djavax.net.debug=all" -->
<jvmarg value="-Djavax.net.ssl.keyStore=${mykeystore.db.file}"/>
<jvmarg value="-Djavax.net.ssl.trustStore=${mytruststore.db.file}"/>
<jvmarg value="-Djavax.net.ssl.keyStorePassword=${ssl.password}"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/sun-web.xml b/appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/glassfish-web.xml
similarity index 78%
rename from appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/sun-web.xml
rename to appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/glassfish-web.xml
index d4e01e4..486eda5 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/sun-web.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/descriptor/glassfish-web.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 7.0 Servlet 2.3//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-web-app_2_3-0.dtd'>
+<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<!--
Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
@@ -18,10 +18,9 @@
-->
-<sun-web-app httpservlet-security-provider="httpsTestAuthModule">
+<glassfish-web-app httpservlet-security-provider="httpsTestAuthModule">
<security-role-mapping>
<role-name>myrole</role-name>
<principal-name>CN=SSLTest, OU=Sun Java System Application Server, O=Sun Microsystems, L=Santa Clara, ST=California, C=US</principal-name>
</security-role-mapping>
-</sun-web-app>
-
+</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/docroot/index.jsp b/appserver/tests/appserv-tests/devtests/security/jmac/https/docroot/index.jsp
index be4b2d9..f916027 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/docroot/index.jsp
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/docroot/index.jsp
@@ -20,8 +20,7 @@
<hr>
<%
try {
- out.println("Hello, " + request.getRemoteUser() +" from "
- + request.getAttribute("MY_NAME"));
+ out.println("Hello, " + request.getRemoteUser() + " from " + request.getAttribute("MY_NAME"));
} catch(Exception ex) {
out.println("Something wrong: " + ex);
ex.printStackTrace();
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/src/HttpsTestAuthModule.java b/appserver/tests/appserv-tests/devtests/security/jmac/https/src/HttpsTestAuthModule.java
index a583cb8..5e79e2d 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/src/HttpsTestAuthModule.java
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/src/HttpsTestAuthModule.java
@@ -59,15 +59,11 @@
X500Principal x500Principal = null;
try {
- HttpServletRequest request =
- (HttpServletRequest) messageInfo.getRequestMessage();
- X509Certificate certs[] =
- (X509Certificate[]) request.getAttribute(
- "jakarta.servlet.request.X509Certificate");
- if (certs == null || certs.length < 1) {
- System.out.println("javax...certs is null or empty");
- certs = (X509Certificate[]) request.getAttribute(
- "org.apache.coyote.request.X509Certificate");
+ HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
+ X509Certificate certs[] = (X509Certificate[]) request
+ .getAttribute("jakarta.servlet.request.X509Certificate");
+ if (certs == null || certs.length == 0) {
+ System.out.println("jakarta.servlet.request.X509Certificate attribute is null or empty");
}
System.out.println("certs: " + certs);
if (certs != null && certs.length > 0) {
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/https/src/WebSSLClient.java b/appserver/tests/appserv-tests/devtests/security/jmac/https/src/WebSSLClient.java
index 6acacaf..64b578a 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/https/src/WebSSLClient.java
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/https/src/WebSSLClient.java
@@ -25,7 +25,7 @@
public class WebSSLClient {
private static final String TEST_NAME = "security-jmac-https";
- private static final String EXPECTED_RESPONSE_PATTERN = "Hello, CN=.* from com.sun.s1asdev.security.jmac.https.HttpsTestAuthModule";
+ private static final Pattern EXPECTED_RESPONSE_PATTERN = Pattern.compile("Hello, CN=.* from com.sun.s1asdev.security.jmac.https.HttpsTestAuthModule");
private static SimpleReporterAdapter stat = new SimpleReporterAdapter("appserv-tests");
public static void main(String args[]) throws Exception {
@@ -56,22 +56,16 @@
private static void parseResponse(HttpsURLConnection connection)
throws Exception {
- BufferedReader in = null;
-
- try {
- in = new BufferedReader(new InputStreamReader(
- connection.getInputStream()));
-
+ try (BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()))) {
String line = null;
String matched = null;
try {
- Pattern p = Pattern.compile(EXPECTED_RESPONSE_PATTERN);
while ((line = in.readLine()) != null) {
- if (p.matcher(line).matches()) {
+ System.out.println("XXXPORN: " + line);
+ if (EXPECTED_RESPONSE_PATTERN.matcher(line).matches()) {
stat.addStatus(TEST_NAME, stat.PASS);
matched = line;
}
- System.out.println(line);
}
} catch (Exception ex) {
ex.printStackTrace();
@@ -83,21 +77,13 @@
+ ", received: " + matched);
stat.addStatus(TEST_NAME, stat.FAIL);
}
- } finally {
- if (in != null) {
- in.close();
- }
}
}
- private static HttpsURLConnection connect(String urlAddress,
- SSLSocketFactory ssf)
- throws Exception {
+ private static HttpsURLConnection connect(String urlAddress, SSLSocketFactory ssf) throws Exception {
URL url = new URL(urlAddress);
- HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
-
connection.setHostnameVerifier(
new HostnameVerifier() {
@@ -107,7 +93,6 @@
});
connection.setDoOutput(true);
-
return connection;
}
}
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/soap/build.xml b/appserver/tests/appserv-tests/devtests/security/jmac/soap/build.xml
index 9fd418d..1b9e072 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/soap/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/soap/build.xml
@@ -137,7 +137,8 @@
<replacefilter token="@PORT@" value="${http.port}"/>
</replace>
<javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
+ classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/javaee.jar:${env.S1AS_HOME}/modules/webservices-osgi.jar:${build.classes.dir}/client"
+ debug="on" failonerror="true"/>
</target>
<target name="build-server" depends="compile-server">
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/soapDefault/build.xml b/appserver/tests/appserv-tests/devtests/security/jmac/soapDefault/build.xml
index fbe0b6a..87c7378 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/soapDefault/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/soapDefault/build.xml
@@ -152,7 +152,8 @@
<replacefilter token="@PORT@" value="${http.port}"/>
</replace>
<javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${env.S1AS_HOME}/lib/appserv-ws.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
+ classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/javaee.jar:${env.S1AS_HOME}/modules/webservices-api-osgi.jar:${env.S1AS_HOME}/modules/webservices-osgi.jar:${build.classes.dir}/client"
+ debug="on" failonerror="true"/>
</target>
<target name="build-server" depends="compile-server">
diff --git a/appserver/tests/appserv-tests/devtests/security/jmac/soapEmbedded/build.xml b/appserver/tests/appserv-tests/devtests/security/jmac/soapEmbedded/build.xml
index bc912c7..188822f 100644
--- a/appserver/tests/appserv-tests/devtests/security/jmac/soapEmbedded/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/jmac/soapEmbedded/build.xml
@@ -31,187 +31,204 @@
&testproperties;
&commonSecurity;
- <target name="all" depends="clean, build-providers, setup, build-deploy, run, undeploy, unsetup"/>
+ <target name="all"
+ depends="clean, build-providers, setup, build-deploy, run, undeploy, unsetup"
+ />
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
+ <target name="clean" depends="init-common">
+ <antcall target="clean-common" />
+ </target>
- <target name="build-providers" depends="init-common">
- <antcall target="compile-common">
- <param name="src" value="authmodule"/>
- <param name="build.classes.dir" value="${build.classes.dir}/authmodule"/>
- </antcall>
+ <target name="build-providers" depends="init-common">
+ <antcall target="compile-common">
+ <param name="src" value="authmodule" />
+ <param name="build.classes.dir" value="${build.classes.dir}/authmodule" />
+ </antcall>
- <mkdir dir="${assemble.dir}"/>
- <jar jarfile="${assemble.dir}/test-${appname}-provider.jar">
- <fileset dir="${build.classes.dir}/authmodule"/>
- </jar>
- </target>
+ <mkdir dir="${assemble.dir}" />
+ <jar jarfile="${assemble.dir}/test-${appname}-provider.jar">
+ <fileset dir="${build.classes.dir}/authmodule" />
+ </jar>
+ </target>
- <target name="setup" depends="init-common">
- <!-- exports certdb stuff and imports into keystore -->
- <antcall target="prepare-store-nickname-common">
- <param name="cert.nickname" value="s1as"/>
- </antcall>
+ <target name="setup" depends="init-common">
+ <!-- exports certdb stuff and imports into keystore -->
+ <antcall target="prepare-store-nickname-common">
+ <param name="cert.nickname" value="s1as" />
+ </antcall>
- <copy file="${assemble.dir}/test-${appname}-provider.jar"
- todir="${env.S1AS_HOME}/lib"/>
+ <copy file="${assemble.dir}/test-${appname}-provider.jar" todir="${env.S1AS_HOME}/lib" />
- <antcall target="asadmin-common">
- <param name="admin.command" value="create-message-security-provider"/>
- <param name="as.props" value="${as.props} --classname com.sun.s1asdev.security.jmac.soapembedded.SOAPEmbeddedTestServerAuthModule --layer SOAP --providertype server --requestauthsource sender"/>
- <param name="operand.props" value="SOAPEmbeddedTestServerAuthModule"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="create-message-security-provider"/>
- <param name="as.props" value="${as.props} --classname com.sun.s1asdev.security.jmac.soapembedded.SOAPEmbeddedTestClientAuthModule --layer SOAP --providertype client --requestauthsource sender"/>
- <param name="operand.props" value="SOAPEmbeddedTestClientAuthModule"/>
- </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="create-message-security-provider" />
+ <param name="as.props"
+ value="${as.props} --classname com.sun.s1asdev.security.jmac.soapembedded.SOAPEmbeddedTestServerAuthModule --layer SOAP --providertype server --requestauthsource sender"
+ />
+ <param name="operand.props" value="SOAPEmbeddedTestServerAuthModule" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="create-message-security-provider" />
+ <param name="as.props"
+ value="${as.props} --classname com.sun.s1asdev.security.jmac.soapembedded.SOAPEmbeddedTestClientAuthModule --layer SOAP --providertype client --requestauthsource sender"
+ />
+ <param name="operand.props" value="SOAPEmbeddedTestClientAuthModule" />
+ </antcall>
- </target>
+ </target>
- <target name="unsetup" depends="init-common">
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-message-security-provider"/>
- <param name="as.props" value="${as.props} --layer SOAP"/>
- <param name="operand.props" value="SOAPEmbeddedTestServerAuthModule"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-message-security-provider"/>
- <param name="as.props" value="${as.props} --layer SOAP"/>
- <param name="operand.props" value="SOAPEmbeddedTestClientAuthModule"/>
- </antcall>
+ <target name="unsetup" depends="init-common">
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-message-security-provider" />
+ <param name="as.props" value="${as.props} --layer SOAP" />
+ <param name="operand.props" value="SOAPEmbeddedTestServerAuthModule" />
+ </antcall>
+ <antcall target="asadmin-common">
+ <param name="admin.command" value="delete-message-security-provider" />
+ <param name="as.props" value="${as.props} --layer SOAP" />
+ <param name="operand.props" value="SOAPEmbeddedTestClientAuthModule" />
+ </antcall>
- <!-- may not be able to delete this file in PC environment -->
- <delete file="${env.S1AS_HOME}/lib/test-${appname}-provider.jar" failonerror="false"/>
- </target>
+ <!-- may not be able to delete this file in PC environment -->
+ <delete file="${env.S1AS_HOME}/lib/test-${appname}-provider.jar" failonerror="false" />
+ </target>
- <target name="compile-server" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="ejbws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="servletws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/servletws/WEB-INF/classes"/>
- </antcall>
- </target>
+ <target name="compile-server" depends="clean">
+ <antcall target="compile-common">
+ <param name="src" value="ejbws" />
+ <param name="build.classes.dir" value="${build.classes.dir}/ejbws" />
+ </antcall>
+ <antcall target="compile-common">
+ <param name="src" value="servletws" />
+ <param name="build.classes.dir" value="${build.classes.dir}/servletws/WEB-INF/classes" />
+ </antcall>
+ </target>
- <target name="compile-webclient">
- <mkdir dir="${build.classes.dir}/webclient"/>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/webclient http://${http.host}:${http.port}/JmacSoapEmbeddedEjbService/HelloEjb?WSDL"/>
- </antcall>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/webclient http://${http.host}:${http.port}/security-jmac-soapembedded-web/webservice/JmacSoapEmbeddedServletService/HelloServlet?WSDL"/>
- </antcall>
+ <target name="compile-webclient">
+ <mkdir dir="${build.classes.dir}/webclient" />
+ <antcall target="wsimport">
+ <param name="wsimport.args"
+ value="-keep -d ${build.classes.dir}/webclient http://${http.host}:${http.port}/JmacSoapEmbeddedEjbService/HelloEjb?WSDL"
+ />
+ </antcall>
+ <antcall target="wsimport">
+ <param name="wsimport.args"
+ value="-keep -d ${build.classes.dir}/webclient http://${http.host}:${http.port}/security-jmac-soapembedded-web/webservice/JmacSoapEmbeddedServletService/HelloServlet?WSDL"
+ />
+ </antcall>
- <delete file="webclient/Servlet.java" failonerror="false"/>
- <copy file="webclient/Servlet.java.template" tofile="webclient/Servlet.java"/>
- <replace file="webclient/Servlet.java">
- <replacefilter token="@HOST@" value="${http.host}"/>
- <replacefilter token="@PORT@" value="${http.port}"/>
- </replace>
- <javac srcdir="webclient" destdir="${build.classes.dir}/webclient"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/javaee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/webclient:${env.S1AS_HOME}/modules/jakarta.servlet.jar" debug="on" failonerror="true"/>
- </target>
+ <delete file="webclient/Servlet.java" failonerror="false" />
+ <copy file="webclient/Servlet.java.template" tofile="webclient/Servlet.java" />
+ <replace file="webclient/Servlet.java">
+ <replacefilter token="@HOST@" value="${http.host}" />
+ <replacefilter token="@PORT@" value="${http.port}" />
+ </replace>
+ <javac srcdir="webclient"
+ destdir="${build.classes.dir}/webclient"
+ classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/javaee.jar:${env.S1AS_HOME}/modules/webservices-osgi.jar:${build.classes.dir}/webclient"
+ debug="on"
+ failonerror="true"
+ />
+ </target>
- <target name="build-server" depends="compile-server">
- <mkdir dir="${assemble.dir}"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
+ <target name="build-server" depends="compile-server">
+ <mkdir dir="${assemble.dir}" />
+ <mkdir dir="${build.classes.dir}/META-INF" />
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- </antcall>
+ <antcall target="package-ejbjar-common">
+ <param name="ejbjar.files" value="${build.classes.dir}/ejbws" />
+ <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar" />
+ <param name="ejbjar.classes" value="com/sun/**/*.class" />
+ </antcall>
- <copy file="${web.xml}" tofile="${build.classes.dir}/servletws/WEB-INF/web.xml" failonerror="true"/>
- <copy file="${sun-web.xml}" tofile="${build.classes.dir}/servletws/WEB-INF/sun-web.xml" failonerror="true"/>
- <jar destfile="${assemble.dir}/${appname}-web.war">
- <fileset dir="${build.classes.dir}/servletws"/>
- </jar>
+ <copy file="${web.xml}"
+ tofile="${build.classes.dir}/servletws/WEB-INF/web.xml"
+ failonerror="true"
+ />
+ <copy file="${sun-web.xml}"
+ tofile="${build.classes.dir}/servletws/WEB-INF/sun-web.xml"
+ failonerror="true"
+ />
+ <jar destfile="${assemble.dir}/${appname}-web.war">
+ <fileset dir="${build.classes.dir}/servletws" />
+ </jar>
- <copy file="${sun-application.xml}" tofile="${build.classes.dir}/META-INF/sun-application.xml" failonerror="false"/>
- <jar jarfile="${assemble.dir}/${appname}App.ear">
- <fileset dir="${assemble.dir}">
- <include name="*.jar"/>
- <include name="*.war"/>
- </fileset>
- <fileset dir="${build.classes.dir}">
- <include name="META-INF/sun-application.xml"/>
- </fileset>
- </jar>
- </target>
+ <copy file="${sun-application.xml}"
+ tofile="${build.classes.dir}/META-INF/sun-application.xml"
+ failonerror="false"
+ />
+ <jar jarfile="${assemble.dir}/${appname}App.ear">
+ <fileset dir="${assemble.dir}">
+ <include name="*.jar" />
+ <include name="*.war" />
+ </fileset>
+ <fileset dir="${build.classes.dir}">
+ <include name="META-INF/sun-application.xml" />
+ </fileset>
+ </jar>
+ </target>
- <target name="build-webclient" depends="compile-webclient">
- <mkdir dir="${assemble.dir}"/>
+ <target name="build-webclient" depends="compile-webclient">
+ <mkdir dir="${assemble.dir}" />
- <antcall target="package-war-common">
- <param name="web.xml" value="${web2.xml}"/>
- <param name="sun-web.xml" value="${sun-web2.xml}"/>
- <param name="war.classes"
- value="${build.classes.dir}/webclient"/>
- <param name="war.file"
- value="${assemble.dir}/${appname}-client-web.war"/>
- </antcall>
- </target>
+ <antcall target="package-war-common">
+ <param name="web.xml" value="${web2.xml}" />
+ <param name="sun-web.xml" value="${sun-web2.xml}" />
+ <param name="war.classes" value="${build.classes.dir}/webclient" />
+ <param name="war.file" value="${assemble.dir}/${appname}-client-web.war" />
+ </antcall>
+ </target>
- <target name="build-deploy" depends="init-common">
- <antcall target="build-server"/>
- <antcall target="deploy-common-libraries">
- <param name="as.props" value="${as.props}"/>
- <param name="libraries" value="${env.S1AS_HOME}/lib/test-${appname}-provider.jar"/>
- </antcall>
- <antcall target="build-webclient"/>
- <antcall target="deploy-war-libraries">
- <param name="as.props" value="${as.props}"/>
- <param name="libraries" value="${env.S1AS_HOME}/lib/test-${appname}-provider.jar"/>
- <param name="appname" value="${appname}-client"/>
- <param name="contextroot" value="${appname}-client-web"/>
- </antcall>
- </target>
+ <target name="build-deploy" depends="init-common">
+ <antcall target="build-server" />
+ <antcall target="deploy-common-libraries">
+ <param name="as.props" value="${as.props}" />
+ <param name="libraries" value="${env.S1AS_HOME}/lib/test-${appname}-provider.jar" />
+ </antcall>
+ <antcall target="build-webclient" />
+ <antcall target="deploy-war-libraries">
+ <param name="as.props" value="${as.props}" />
+ <param name="libraries" value="${env.S1AS_HOME}/lib/test-${appname}-provider.jar" />
+ <param name="appname" value="${appname}-client" />
+ <param name="contextroot" value="${appname}-client-web" />
+ </antcall>
+ </target>
- <target name="run" depends="init-common">
- <taskdef name="webtest" classname="${webtest.classname}" classpath="${webtest.classpath}" />
- <webtest request="GET /security-jmac-soapembedded-client-web/webclient/Servlet HTTP/1.0"
- debug="9"
- host="${http.host}"
- port="${http.port}"
- firstTask="true"
- lastTest="true"
- lastCase="true"
- lastTask="true"
- resultFileName="${webtest.report.dir}/security-gtest-results.xml"
- testSession="security-jmac-soapembedded"
- requestHeaders="Host:${http.host}:${http.port}"
- goldenFile="${env.APS_HOME}/devtests/security/jmac/soapEmbedded/goldenfiles/output.html"
- testSuiteId="security-jmac-soapembedded"
- testSuiteName="security-jmac-soapembedded"
- testSuiteDescription="Security Test"
- testId="security-jmac-soapembedded"
- testName="security-jmac-soapembedded"
- testDescription="JSR 196 SoapEmbedded test: ${testcaseid}"
- testCaseId="${testcaseid}"
- testCaseName="${testcaseid}"
- testCaseDescription="JSR 196 SoapEmbedded test"
- testStrategy="JSR 196 SoapEmbedded test"
- />
+ <target name="run" depends="init-common">
+ <taskdef name="webtest" classname="${webtest.classname}" classpath="${webtest.classpath}" />
+ <webtest request="GET /security-jmac-soapembedded-client-web/webclient/Servlet HTTP/1.0"
+ debug="9"
+ host="${http.host}"
+ port="${http.port}"
+ firstTask="true"
+ lastTest="true"
+ lastCase="true"
+ lastTask="true"
+ resultFileName="${webtest.report.dir}/security-gtest-results.xml"
+ testSession="security-jmac-soapembedded"
+ requestHeaders="Host:${http.host}:${http.port}"
+ goldenFile="${env.APS_HOME}/devtests/security/jmac/soapEmbedded/goldenfiles/output.html"
+ testSuiteId="security-jmac-soapembedded"
+ testSuiteName="security-jmac-soapembedded"
+ testSuiteDescription="Security Test"
+ testId="security-jmac-soapembedded"
+ testName="security-jmac-soapembedded"
+ testDescription="JSR 196 SoapEmbedded test: ${testcaseid}"
+ testCaseId="${testcaseid}"
+ testCaseName="${testcaseid}"
+ testCaseDescription="JSR 196 SoapEmbedded test"
+ testStrategy="JSR 196 SoapEmbedded test"
+ />
- </target>
+ </target>
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- <antcall target="undeploy-war-common">
- <param name="appname"
- value="${appname}-client"/>
- </antcall>
- </target>
+ <target name="undeploy" depends="init-common">
+ <antcall target="undeploy-common" />
+ <antcall target="undeploy-war-common">
+ <param name="appname" value="${appname}-client" />
+ </antcall>
+ </target>
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
+ <target name="usage">
+ <antcall target="usage-common" />
+ </target>
</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/run_test.sh b/appserver/tests/appserv-tests/devtests/security/run_test.sh
index 886ed34..888f28a 100755
--- a/appserver/tests/appserv-tests/devtests/security/run_test.sh
+++ b/appserver/tests/appserv-tests/devtests/security/run_test.sh
@@ -17,41 +17,41 @@
test_run(){
- #cp -f ${APS_HOME}/devtests/security/ldap/opends/X500Signer.jar ${OPENDS_HOME}/lib
+ #cp -f ${APS_HOME}/devtests/security/ldap/opends/X500Signer.jar ${OPENDS_HOME}/lib
- # Configure and start OpenDS using the default ports
- ${OPENDS_HOME}/setup \
- -i \
- -v \
- -n \
- -p 1389 \
- --adminConnectorPort 4444 \
- -x 1689 \
- -w dmanager \
- -b "dc=sfbay,dc=sun,dc=com" \
- -Z 1636 \
- --useJavaKeystore ${S1AS_HOME}/domains/domain1/config/keystore.jks \
- -W changeit \
- -N s1as
+ # Configure and start OpenDS using the default ports
+ ${OPENDS_HOME}/setup \
+ -i \
+ -v \
+ -n \
+ -p 1389 \
+ --adminConnectorPort 4444 \
+ -x 1689 \
+ -w dmanager \
+ -b "dc=sfbay,dc=sun,dc=com" \
+ -Z 1636 \
+ --useJavaKeystore ${S1AS_HOME}/domains/domain1/config/keystore.jks \
+ -W changeit \
+ -N s1as
- ${S1AS_HOME}/bin/asadmin start-database
- ${S1AS_HOME}/bin/asadmin start-domain
- cd ${APS_HOME}/devtests/security
+ ${S1AS_HOME}/bin/asadmin start-database
+ ${S1AS_HOME}/bin/asadmin start-domain
+ cd ${APS_HOME}/devtests/security
- ant ${TARGET} | tee ${TEST_RUN_LOG}
+ ant ${TARGET} | tee ${TEST_RUN_LOG}
- ${S1AS_HOME}/bin/asadmin stop-domain
- ${S1AS_HOME}/bin/asadmin stop-database
+ ${S1AS_HOME}/bin/asadmin stop-domain
+ ${S1AS_HOME}/bin/asadmin stop-database
${OPENDS_HOME}/bin/stop-ds \
- -p 4444 \
- -D "cn=Directory Manager" \
- -w dmanager \
- -P ${OPENDS_HOME}/config/admin-truststore \
- -U ${OPENDS_HOME}/config/admin-keystore.pin
+ -p 4444 \
+ -D "cn=Directory Manager" \
+ -w dmanager \
+ -P ${OPENDS_HOME}/config/admin-truststore \
+ -U ${OPENDS_HOME}/config/admin-keystore.pin
- #egrep 'FAILED= *0' ${TEST_RUN_LOG}
- #egrep 'DID NOT RUN= *0' ${TEST_RUN_LOG}
- cd -
+ #egrep 'FAILED= *0' ${TEST_RUN_LOG}
+ #egrep 'DID NOT RUN= *0' ${TEST_RUN_LOG}
+ cd -
}
get_test_target(){
@@ -69,17 +69,21 @@
run_test_id(){
# setup opendj (fork of opends)
- curl -L -k https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/4.1.10/opendj-4.1.10.zip > opendj-4.1.10.zip
- unzip -o opendj-4.1.10.zip
+ OPENDJ_VERSION='4.4.11'
+ OPENDJ_ZIP="${WORKSPACE}/bundles/opendj-${OPENDJ_VERSION}.zip"
+ if [ ! -f "${OPENDJ_ZIP}" ]; then
+ curl -L -k https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/4.4.11/opendj-4.4.11.zip > "${OPENDJ_ZIP}"
+ fi
+ unzip -o ${OPENDJ_ZIP}
export OPENDS_HOME=${PWD}/opendj
- unzip_test_resources ${WORKSPACE}/bundles/glassfish.zip
- cd `dirname ${0}`
- test_init
- get_test_target ${1}
- test_run
- merge_result_files
- check_successful_run
+ unzip_test_resources ${WORKSPACE}/bundles/glassfish.zip
+ cd `dirname ${0}`
+ test_init
+ get_test_target ${1}
+ test_run
+ merge_result_files
+ check_successful_run
generate_junit_report ${1}
change_junit_report_class_names
}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/README.md b/appserver/tests/appserv-tests/devtests/security/soteria/README.md
deleted file mode 100644
index 948191e..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/README.md
+++ /dev/null
@@ -1,25 +0,0 @@
-This is integration devtests for JSR 375 RI(soteria).
-The sample apps are taken from [Soteria](https://github.com/eclipse-ee4j/soteria) repository.
-Follow the below instructions to run the tests.
-1. set APS_HOME to appserv-tests dir.
-2. set M2_HOME to maven Home.
-3. set S1AS_HOME to glassfish installation. The S1AS_HOME should contain glassfish directory.
-4. $S1AS_HOME/bin/asadmin start-domain
-5. Run mvn clean verify
-6. $S1AS_HOME/bin/asadmin stop-domain
-
-Known Issue:
-1.Aruillian gf container:
-------------
-Jun 05, 2017 3:50:22 PM org.jboss.arquillian.container.glassfish.clientutils.GlassFishClientUtil getResponseMap
-SEVERE: exit_code: FAILURE, message: An error occurred while processing the request. Please see the server logs for details. [status: SERVER_ERROR reason: Service Unavailable]
-[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 6.173 s <<< FAILURE! - in org.glassfish.soteria.test.AppMemBasicIT
-[ERROR] org.glassfish.soteria.test.AppMemBasicIT Time elapsed: 6.165 s <<< ERROR!
-com.sun.jersey.api.container.ContainerException: exit_code: FAILURE, message: An error occurred while processing the request. Please see the server logs for details. [status: SERVER_ERROR reason: Service Unavailable]
-
-Jun 05, 2017 3:50:22 PM org.jboss.arquillian.container.glassfish.managed_3_1.GlassFishServerControl$1 run
-WARNING: Forcing container shutdown
-Stopping container using command: [java, -jar, /media/sameerpandit/WLS/javaEE/tt/glassfish6/glassfish/../glassfish/modules/admin-cli.jar, stop-domain, -t]
-------------
-
-Resolve this by running the test with a fresh $S1AS_HOME.
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/README.md b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/README.md
deleted file mode 100644
index 4e9d394..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/README.md
+++ /dev/null
@@ -1,5 +0,0 @@
-### app-bundled-ham-basic-login-config-form
-
-**If an application bundles its own `HttpAuthenticationMechanism`, then for authentication, the container will rely on the bundled mechanism and will ignore the `login-config` element in deployment descriptor of the application.
-
-In this sample app, the `BASIC` authentication mechanism defined in `HttpAuthenticationMechanism` takes precedencce over `FORM` authentication present in `login-config`.
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/pom.xml
deleted file mode 100644
index 1d9efa7..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-bundled-ham-basic-login-config-form</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-bundled-ham-basic-login-config-form</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/BasicAuthenticationServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/BasicAuthenticationServlet.java
deleted file mode 100644
index ce5646f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/BasicAuthenticationServlet.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@WebServlet(urlPatterns = "/basicAuthenticationServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-
-public class BasicAuthenticationServlet extends HttpServlet {
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- response.getWriter().write("Authentication Mechanism:" + response.getHeader("Authentication Mechanism") +"\n");
-
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index c612e2d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
-
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- response.addHeader("Authentication Mechanism", "TestAuthenticationMechanism");
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index 35b1b7d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 2889bfa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1">
-
- <servlet>
- <display-name>index</display-name>
- <servlet-name>index</servlet-name>
- <jsp-file>/index.jsp</jsp-file>
- </servlet>
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>FORM Based Authentication Servlet</web-resource-name>
- <url-pattern>/</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- <user-data-constraint>
- <transport-guarantee>NONE</transport-guarantee>
- </user-data-constraint>
- </security-constraint>
-
- <login-config>
- <auth-method>FORM</auth-method>
- <realm-name>file</realm-name>
- <form-login-config>
- <form-login-page>/loginform.jsp</form-login-page>
- <form-error-page>/loginerror.jsp</form-error-page>
- </form-login-config>
- </login-config>
-</web-app>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/index.jsp b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/index.jsp
deleted file mode 100644
index afdc05b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/index.jsp
+++ /dev/null
@@ -1,33 +0,0 @@
-<%--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
---%>
-
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>Form-based Security - Success</title>
- </head>
- <body>
- <h1>Form-based Security - Success</h1>
-
- If you reached this page that means form-based security credentials are correctly configured.
- </body>
-</html>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginerror.jsp b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginerror.jsp
deleted file mode 100644
index 63b43e4..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginerror.jsp
+++ /dev/null
@@ -1,38 +0,0 @@
-<%--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
---%>
-
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>Form-Based Login Error Page</title>
- </head>
- <body>
- <h1>Login Error Page</h1>
-
- <h2>Invalid user name or password.</h2>
-
- <p>Please specify a valid user/password combination</p>
-
- Click here to <a href="loginform.jsp">Try Again</a></p>
-
- </body>
-</html>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginform.jsp b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginform.jsp
deleted file mode 100644
index 71bc4fe..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/main/webapp/loginform.jsp
+++ /dev/null
@@ -1,39 +0,0 @@
-<%--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
---%>
-
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>Form-Based Login Page</title>
- </head>
- <body>
- <h1>Form-Based Login Page</h1>
-
- <form method="POST" action="j_security_check">
- Username: <input type="text" name="j_username"> <p/>
- Password: <input type="password" name="j_password" autocomplete="off"> <p/>
- <input type="submit" value="Submit" name="submitButton">
- <input type="reset" value="Reset">
- </form>
-
- </body>
-</html>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/test/java/org/glassfish/soteria/test/AppBundledHAMPrecendenceOverLoginConfigInWebXmlIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/test/java/org/glassfish/soteria/test/AppBundledHAMPrecendenceOverLoginConfigInWebXmlIT.java
deleted file mode 100644
index a9dd417..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-bundled-ham-basic-login-config-form/src/test/java/org/glassfish/soteria/test/AppBundledHAMPrecendenceOverLoginConfigInWebXmlIT.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppBundledHAMPrecendenceOverLoginConfigInWebXmlIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppBundledHAMPrecendenceOverLoginConfigInWebXml");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testHAMPrecedenceOverLoginConfig() {
-
- assertBundledHAMPrecedenceOverLoginConfig(
- responseFromServer("/basicAuthenticationServlet?name=reza&password=secret1"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/README.md b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/README.md
deleted file mode 100644
index 0bb7d10..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-
-### app-container-application-principal-getname
-
-**From JSR 375 Specification**
-
-> **1.2.2. Caller Principal Types**
-
-> When both a container caller principal and an application caller principal are present, the value obtained by calling getName() on both principals MUST be the same.
-
-In this test, application provides its own caller principal,
-and hence, subject contains two such principals, one
-representing the container and other one representing the application itself.
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/pom.xml
deleted file mode 100644
index f9f3450..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-caller-principal</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-caller-principal</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java
deleted file mode 100644
index f52f925..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.security.Principal;
-
-/**
- * Created by vinay on 7/8/17.
- */
-public class AppPrincipal implements Principal {
- String name;
-
- public AppPrincipal(String name){
- this.name = name;
- }
-
- @Override
- public String getName() {
- return name;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/CallerSubjectServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/CallerSubjectServlet.java
deleted file mode 100644
index fdc7739..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/CallerSubjectServlet.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.CallerPrincipal;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.security.Principal;
-import java.util.Optional;
-import java.util.Set;
-
-/**
- * The Servlet which validates if for the authenticated user, both
- * container and caller principals are present in the subject
- * representing the caller.
- */
-@WebServlet("/callerSubjectServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class CallerSubjectServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- String containerCallerPrincipalName = null;
- String appPrincipalName = null;
- String callerPrincipalFromSecurityContextName = null;
- boolean isUserInRole = securityContext.isCallerInRole("foo");
- int callerPrincipalCount = 0;
-
- Principal containerCallerPrincipal = securityContext.getCallerPrincipal();
- containerCallerPrincipalName = containerCallerPrincipal.getName();
-
- Set<Principal> principals = securityContext.getPrincipalsByType(java.security.Principal.class);
-
- Optional<Principal> appCallerPrincipalOptional = principals.stream().filter((p) -> p.getClass().getName() == AppPrincipal.class.getName())
- .findAny();
- Principal appPrincipal = null;
- if (appCallerPrincipalOptional.isPresent()) {
- callerPrincipalCount++;
- appPrincipal = appCallerPrincipalOptional.get();
- appPrincipalName = appPrincipal.getName();
- }
-
- Optional<Principal> containerCallerPrincipalOptional = principals.stream().filter((p) -> p.getClass().getName() == CallerPrincipal
- .class.getName())
- .findAny();
- Principal callerPrincipalFromSecurityContext = null;
- if (containerCallerPrincipalOptional.isPresent()) {
- callerPrincipalCount++;
- callerPrincipalFromSecurityContext = containerCallerPrincipalOptional.get();
- callerPrincipalFromSecurityContextName = callerPrincipalFromSecurityContext.getName();
- }
-
- if (!containerCallerPrincipalName.isEmpty() && !appPrincipalName.isEmpty() && containerCallerPrincipalName.equals
- (appPrincipalName) && isUserInRole & callerPrincipalCount == 1) {
- response.getWriter().write(String.format("Container caller principal and application caller principal both are " +
- "represented by same principal for user %s and is in role %s", containerCallerPrincipal.getName(), "foo"));
- } else {
- response.getWriter().write(String.format("Both %s and %s principal types are available wherein only principal of " +
- "type %s was expected for user %s and is in role %s",AppPrincipal.class.getName(), CallerPrincipal.class
- .getName(), AppPrincipal.class.getName(), containerCallerPrincipal.getName(),
- "foo"));
- }
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index e614c50..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-
-
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
-
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // In this case , application chooses to provide its own caller principal
- return httpMessageContext.notifyContainerAboutLogin(
- new AppPrincipal(name), result.getCallerGroups());
-
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index c4556df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 48a35fa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app
- xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1"
->
-
- <!-- Security constraints and roles. -->
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>User pages</web-resource-name>
- <url-pattern>/protectedServlet</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- </security-constraint>
-
-
- <security-role>
- <role-name>foo</role-name>
- </security-role>
-
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/test/java/org/glassfish/soteria/test/AppCallerPrincipalIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/test/java/org/glassfish/soteria/test/AppCallerPrincipalIT.java
deleted file mode 100644
index a272733..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-caller-principal/src/test/java/org/glassfish/soteria/test/AppCallerPrincipalIT.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppCallerPrincipalIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppCallerPrincipal");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testCallerSubjectPrincipals() {
- assertApplicationPrincipalAndContainerPrincipalName(
- responseFromServer("/callerSubjectServlet?name=reza&password=secret1"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/pom.xml
deleted file mode 100644
index 557f179..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/pom.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-custom-identity-store-handler</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-custom-identity-store-handler</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.unboundid</groupId>
- <artifactId>unboundid-ldapsdk</artifactId>
- </dependency>
- </dependencies>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/BlackListedIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/BlackListedIdentityStore.java
deleted file mode 100644
index 6eb467f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/BlackListedIdentityStore.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE;
-import static org.glassfish.soteria.Utils.unmodifiableSet;
-
-import java.util.Set;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-/**
- *
- */
-@ApplicationScoped
-public class BlackListedIdentityStore implements IdentityStore {
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- CredentialValidationResult result = NOT_VALIDATED_RESULT;
- if (credential instanceof UsernamePasswordCredential) {
- UsernamePasswordCredential usernamePassword = (UsernamePasswordCredential) credential;
-
- if ("rudy".equals(usernamePassword.getCaller())) {
-
- result = INVALID_RESULT;
- }
- }
- return result;
- }
-
- @Override
- public int priority() {
- return 1000;
- }
-
- @Override
- public Set<ValidationType> validationTypes() {
- return unmodifiableSet(VALIDATE);
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/ConfigBean.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/ConfigBean.java
deleted file mode 100644
index c8cda52..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/ConfigBean.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import javax.security.enterprise.identitystore.IdentityStore.ValidationType;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE;
-
-import javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope;
-import static javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope.ONE_LEVEL;
-import static javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope.SUBTREE;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Named;
-
-@RequestScoped
-@Named
-public class ConfigBean {
- private int priority300=300;
- private int priority100=100;
- private ValidationType[] useforBoth = {ValidationType.VALIDATE, ValidationType.PROVIDE_GROUPS};
- private ValidationType[] useforValidate = {ValidationType.VALIDATE};
- private ValidationType[] useforProvideGroup = {ValidationType.PROVIDE_GROUPS};
- private LdapSearchScope searchScopeOneLevel = ONE_LEVEL;
- private LdapSearchScope searchScopeSubTree = SUBTREE;
-
- public int getPriority300(){
- return priority300;
- }
-
- public int getPriority100(){
- return priority100;
- }
-
- public ValidationType[] getUseforBoth(){
- return useforBoth;
- }
-
- public ValidationType[] getUseforValidate(){
- return useforValidate;
- }
-
- public ValidationType[] getUseforProvideGroup(){
- return useforProvideGroup;
- }
-
- public LdapSearchScope getSearchScopeOneLevel(){
- return ONE_LEVEL;
- }
-
- public LdapSearchScope getSearchScopeSubTree(){
- return SUBTREE;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/CustomIdentityStoreHandler.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/CustomIdentityStoreHandler.java
deleted file mode 100644
index 58b5972..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/CustomIdentityStoreHandler.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.annotation.Priority;
-import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.enterprise.inject.Alternative;
-import javax.security.enterprise.CallerPrincipal;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import static java.util.Comparator.comparing;
-import static java.util.stream.Collectors.toList;
-import static jakarta.interceptor.Interceptor.Priority.APPLICATION;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE;
-import static org.glassfish.soteria.cdi.CdiUtils.getBeanReferencesByType;
-
-/**
- *
- */
-@Alternative
-@Priority(APPLICATION)
-@ApplicationScoped
-public class CustomIdentityStoreHandler implements IdentityStoreHandler {
-
- private List<IdentityStore> validatingIdentityStores;
- private List<IdentityStore> groupProvidingIdentityStores;
-
- @PostConstruct
- public void init() {
- List<IdentityStore> identityStores = getBeanReferencesByType(IdentityStore.class, false);
-
- validatingIdentityStores = identityStores.stream()
- .filter(i -> i.validationTypes().contains(VALIDATE))
- .sorted(comparing(IdentityStore::priority))
- .collect(toList());
-
- groupProvidingIdentityStores = identityStores.stream()
- .filter(i -> i.validationTypes().contains(PROVIDE_GROUPS))
- .sorted(comparing(IdentityStore::priority))
- .collect(toList());
- }
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- CredentialValidationResult validationResult = null;
- IdentityStore identityStore = null;
-
- // Check all stores and stop when one marks it as invalid.
- for (IdentityStore authenticationIdentityStore : validatingIdentityStores) {
- CredentialValidationResult temp = authenticationIdentityStore.validate(credential);
- switch (temp.getStatus()) {
-
- case NOT_VALIDATED:
- // Don't do anything
- break;
- case INVALID:
- validationResult = temp;
- break;
- case VALID:
- validationResult = temp;
- identityStore = authenticationIdentityStore;
- break;
- default:
- throw new IllegalArgumentException("Value not supported " + temp.getStatus());
- }
- if (validationResult != null && validationResult.getStatus() == CredentialValidationResult.Status.INVALID) {
- break;
- }
- }
-
- if (validationResult == null) {
- // No authentication store at all
- return INVALID_RESULT;
- }
-
- if (validationResult.getStatus() != VALID) {
- // No store validated (authenticated), no need to continue
- return validationResult;
- }
-
- CallerPrincipal callerPrincipal = validationResult.getCallerPrincipal();
-
- Set<String> groups = new HashSet<>();
- if (identityStore.validationTypes().contains(PROVIDE_GROUPS)) {
- groups.addAll(validationResult.getCallerGroups());
- }
-
- // Ask all stores that were configured for authorization to get the groups for the
- // authenticated caller
- for (IdentityStore authorizationIdentityStore : groupProvidingIdentityStores) {
- groups.addAll(authorizationIdentityStore.getCallerGroups(validationResult));
- }
-
- return new CredentialValidationResult(callerPrincipal, groups);
-
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/GroupProviderIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/GroupProviderIdentityStore.java
deleted file mode 100644
index 3670fff..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/GroupProviderIdentityStore.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static java.util.Collections.emptySet;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS;
-import static org.glassfish.soteria.Utils.unmodifiableSet;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.enterprise.context.ApplicationScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.identitystore.LdapIdentityStoreDefinition;
-import javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope;
-import javax.security.enterprise.identitystore.IdentityStore.ValidationType;
-import static javax.security.enterprise.identitystore.LdapIdentityStoreDefinition.LdapSearchScope.SUBTREE;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE;
-
-/**
- *
- */
-@LdapIdentityStoreDefinition(
- url = "ldap://localhost:33389/",
- callerBaseDn = "ou=caller,dc=jsr375,dc=net",
- callerSearchScope = LdapSearchScope.SUBTREE,
- groupSearchBase = "ou=group,dc=jsr375,dc=net",
- useForExpression = "#{'VALIDATE'}",
- groupSearchScopeExpression = "${configBean.searchScopeOneLevel}"
-)
-@ApplicationScoped
-public class GroupProviderIdentityStore implements IdentityStore {
-
- private Map<String, Set<String>> groupsPerCaller;
-
- @PostConstruct
- public void init() {
- groupsPerCaller = new HashMap<>();
-
- groupsPerCaller.put("rudy", new HashSet<>(asList("foo", "bar")));
- groupsPerCaller.put("will", new HashSet<>(asList("foo", "bar", "baz")));
- groupsPerCaller.put("arjan", new HashSet<>(asList("foo", "baz")));
- groupsPerCaller.put("reza", new HashSet<>(asList("baz")));
-
- }
-
- @Override
- public Set<String> getCallerGroups(CredentialValidationResult validationResult) {
- Set<String> result = groupsPerCaller.get(validationResult.getCallerPrincipal().getName());
- if (result == null) {
- result = emptySet();
- }
-
- return result;
- }
-
- @Override
- public Set<ValidationType> validationTypes() {
- return unmodifiableSet(PROVIDE_GROUPS);
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/LdapSetup.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/LdapSetup.java
deleted file mode 100644
index 2e5e64a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/LdapSetup.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import com.unboundid.ldap.listener.InMemoryDirectoryServer;
-import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
-import com.unboundid.ldap.listener.InMemoryListenerConfig;
-import com.unboundid.ldap.sdk.LDAPException;
-import com.unboundid.ldif.LDIFReader;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.annotation.PreDestroy;
-import jakarta.ejb.Singleton;
-import jakarta.ejb.Startup;
-
-/**
- * Starts up the embedded Unboundid LDAP server on port 33389 and loads a test directory
- * into it containing the same caller- and roles names as the Database and Embedded idenity
- * stores are using.
- *
- * @author Arjan Tijms
- *
- */
-@Startup
-@Singleton
-public class LdapSetup {
-
- private InMemoryDirectoryServer directoryServer;
-
- @PostConstruct
- public void init() {
- try {
- InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig("dc=net");
- config.setListenerConfigs(
- new InMemoryListenerConfig("myListener", null, 33389, null, null, null));
-
- directoryServer = new InMemoryDirectoryServer(config);
-
- directoryServer.importFromLDIF(true,
- new LDIFReader(this.getClass().getResourceAsStream("/test.ldif")));
-
- directoryServer.startListening();
- } catch (LDAPException e) {
- throw new IllegalStateException(e);
- }
- }
-
- @PreDestroy
- public void destroy() {
- directoryServer.shutDown(true);
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index a9c2d7c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-
-@DeclareRoles({"foo", "bar", "baz"})
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"baz\": " + request.isUserInRole("baz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 89d5726..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-@ApplicationScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (request.getParameter("name") != null && request.getParameter("password") != null) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- }
-
- return httpMessageContext.responseUnauthorized();
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/resources/test.ldif b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/resources/test.ldif
deleted file mode 100644
index a0a630c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/resources/test.ldif
+++ /dev/null
@@ -1,79 +0,0 @@
-dn: dc=net
-objectclass: top
-objectclass: dcObject
-objectclass: organization
-dc: net
-o: net
-
-dn: dc=jsr375,dc=net
-objectclass: top
-objectclass: dcObject
-objectclass: organization
-dc: jsr375
-o: jsr375
-
-dn: ou=caller,dc=jsr375,dc=net
-objectclass: top
-objectclass: organizationalUnit
-ou: caller
-
-dn: uid=rudy,ou=caller,dc=jsr375,dc=net
-objectclass: top
-objectclass: uidObject
-objectclass: person
-uid: rudy
-cn: Rudy De Busscher
-sn: Rudy
-userPassword: pw
-
-dn: uid=reza,ou=caller,dc=jsr375,dc=net
-objectclass: top
-objectclass: uidObject
-objectclass: person
-uid: reza
-cn: Reza Rahman
-sn: Reza
-userPassword: secret1
-
-dn: uid=alex,ou=caller,dc=jsr375,dc=net
-objectclass: top
-objectclass: uidObject
-objectclass: person
-uid: alex
-cn: Alex Kosowski
-sn: Alex
-userPassword: secret2
-
-dn: uid=arjan,ou=caller,dc=jsr375,dc=net
-objectclass: top
-objectclass: uidObject
-objectclass: person
-uid: arjan
-cn: Arjan Tijms
-sn: Arjan
-userPassword: secret3
-
-dn: ou=group,dc=jsr375,dc=net
-objectclass: top
-objectclass: organizationalUnit
-ou: group
-
-dn: cn=foo,ou=group,dc=jsr375,dc=net
-objectclass: top
-objectclass: groupOfNames
-cn: foo
-member: uid=reza,ou=caller,dc=jsr375,dc=net
-member: uid=arjan,ou=caller,dc=jsr375,dc=net
-
-dn: cn=bar,ou=group,dc=jsr375,dc=net
-objectclass: top
-objectclass: groupOfNames
-cn: bar
-member: uid=reza,ou=caller,dc=jsr375,dc=net
-
-dn: cn=kaz,ou=group,dc=jsr375,dc=net
-objectclass: top
-objectclass: groupOfNames
-cn: kaz
-member: uid=alex,ou=caller,dc=jsr375,dc=net
-
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index c7b9713..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<beans xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd"
- version="1.1" bean-discovery-mode="annotated">
-
- <alternatives>
- <class>org.glassfish.soteria.test.CustomIdentityStoreHandler</class>
- </alternatives>
-</beans>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 6cefa70..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,60 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>baz</role-name>
- <group-name>baz</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>group1</role-name>
- <group-name>group1</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>group2</role-name>
- <group-name>group2</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>group3</role-name>
- <group-name>group3</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/test/java/org/glassfish/soteria/test/AppCustomIdentityStoreHandlerIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/test/java/org/glassfish/soteria/test/AppCustomIdentityStoreHandlerIT.java
deleted file mode 100644
index 4982544..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-identity-store-handler/src/test/java/org/glassfish/soteria/test/AppCustomIdentityStoreHandlerIT.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-
-@RunWith(Arquillian.class)
-public class AppCustomIdentityStoreHandlerIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppCustomIdentityStoreHandler");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertAuthenticated(
- "web", "reza",
- readFromServer("/servlet?name=reza&password=secret1"),
- // Only groups from the
- "baz");
- }
-
- @Test
- public void testBlacklisted() {
- assertNotAuthenticated(
- "web", "rudy",
- readFromServer("/servlet?name=rudy&password=pw"),
- "foo", "bar");
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertNotAuthenticated(
- "web", "reza",
- readFromServer("/servlet?name=romo&password=secret1"),
- "foo", "bar", "baz");
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertNotAuthenticated(
- "web", "reza",
- readFromServer("/servlet?name=reza&password=wrongpassword"),
- "foo", "bar", "baz");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/pom.xml
deleted file mode 100644
index ad5f7ba..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-custom-rememberme</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-custom-rememberme</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/RememberMeConfigBean.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/RememberMeConfigBean.java
deleted file mode 100644
index d7c027b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/RememberMeConfigBean.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Named;
-
-@RequestScoped
-@Named
-public class RememberMeConfigBean {
-
- private int maxAgeSeconds = 500;
- private String cookieName = "GLASSFISHCOOKIE";
- private boolean secureOnly = false;
- private boolean httpOnly = true;
-
- public int getMaxAgeSeconds() {
- return maxAgeSeconds;
- }
-
- public String getCookieName() {
- return cookieName;
- }
-
- public boolean isSecureOnly() {
- return secureOnly;
- }
-
- public boolean isHttpOnly() {
- return httpOnly;
- }
-}
-
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index ddbdde0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- if (request.getParameter("logout") != null) {
- request.logout(); // slightly ill-defined, but only for current request
- request.getSession().invalidate();
- }
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String mechanismCalled = (String) request.getAttribute("authentication-mechanism-called");
-
- response.getWriter().write("\nauthentication mechanism called: " + (mechanismCalled != null? mechanismCalled : false) + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 859eece..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.authentication.mechanism.http.RememberMe;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-@RememberMe(
- cookieName = "#{self.rememberMeConfigBean.getCookieName()}",
- cookieMaxAgeSecondsExpression = "#{self.rememberMeConfigBean.maxAgeSeconds}",
- cookieSecureOnlyExpression = "#{self.rememberMeConfigBean.isSecureOnly()}",
- cookieHttpOnlyExpression = "#{self.rememberMeConfigBean.httpOnly}",
- isRememberMeExpression ="#{self.isRememberMe(httpMessageContext)}"
-)
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- public RememberMeConfigBean getRememberMeConfigBean() {
- return rememberMeConfigBean;
- }
-
- @Inject
- private RememberMeConfigBean rememberMeConfigBean;
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- request.setAttribute("authentication-mechanism-called", "true");
-
- if (request.getParameter("name") != null && request.getParameter("password") != null) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
- public Boolean isRememberMe(HttpMessageContext httpMessageContext) {
- return httpMessageContext.getRequest().getParameter("rememberme") != null;
- }
-
- // Workaround for possible CDI bug; at least in Weld 2.3.2 default methods don't seem to be intercepted
- @Override
- public void cleanSubject(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) {
- HttpAuthenticationMechanism.super.cleanSubject(request, response, httpMessageContext);
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index 1a3733a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- if (credential instanceof UsernamePasswordCredential) {
- return validate((UsernamePasswordCredential) credential);
- }
-
- return NOT_VALIDATED_RESULT;
- }
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.getCaller().equals("reza") &&
- usernamePasswordCredential.getPassword().compareTo("secret1")) {
-
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestRememberMeIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestRememberMeIdentityStore.java
deleted file mode 100644
index 7a6f650..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/java/org/glassfish/soteria/test/TestRememberMeIdentityStore.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-
-import java.util.Map;
-import java.util.Set;
-import java.util.UUID;
-import java.util.concurrent.ConcurrentHashMap;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import javax.security.enterprise.CallerPrincipal;
-import javax.security.enterprise.credential.RememberMeCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.RememberMeIdentityStore;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-@ApplicationScoped
-public class TestRememberMeIdentityStore implements RememberMeIdentityStore {
-
- private final Map<String, CredentialValidationResult> identities = new ConcurrentHashMap<>();
-
- @Override
- public CredentialValidationResult validate(RememberMeCredential credential) {
- if (identities.containsKey(credential.getToken())) {
- return identities.get(credential.getToken());
- }
-
- return INVALID_RESULT;
- }
-
- @Override
- public String generateLoginToken(CallerPrincipal callerPrincipal, Set<String> groups) {
- String token = UUID.randomUUID().toString();
-
- // NOTE: FOR EXAMPLE ONLY. AS TOKENKEY WOULD EFFECTIVELY BECOME THE REPLACEMENT PASSWORD
- // IT SHOULD NORMALLY NOT BE STORED DIRECTLY BUT EG USING STRONG HASHING
- identities.put(token, new CredentialValidationResult(callerPrincipal, groups));
-
- return token;
- }
-
- @Override
- public void removeLoginToken(String token) {
- identities.remove(token);
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 11d0ee6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/test/java/org/glassfish/soteria/test/AppCustomRememberMeIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/test/java/org/glassfish/soteria/test/AppCustomRememberMeIT.java
deleted file mode 100644
index b7973e4..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-rememberme/src/test/java/org/glassfish/soteria/test/AppCustomRememberMeIT.java
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.util.Cookie;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-@RunWith(Arquillian.class)
-public class AppCustomRememberMeIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppCustomRememberMe");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
-
- @Test
- public void testHttpOnlyIsTrue() {
- readFromServer("/servlet?name=reza&password=secret1&rememberme=true");
-
- assertTrue(getWebClient().getCookieManager().getCookie("GLASSFISHCOOKIE").isHttpOnly());
- }
-
- @Test
- public void testSecureOnlyIsFalse() {
- readFromServer("/servlet?name=reza&password=secret1&rememberme=true");
-
- assertFalse(getWebClient().getCookieManager().getCookie("GLASSFISHCOOKIE").isSecure());
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
- @Test
- public void testAuthenticatedRememberMe() {
-
- // 1. Initially request page when we're not authenticated
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
-
-
- // 2. Authenticate without remember me
-
- String response = readFromServer("/servlet?name=reza&password=secret1");
-
- assertDefaultAuthenticated(
- response);
-
- // For the initial authentication, the mechanism should be called
-
- assertTrue(
- "Authentication mechanism should have been called, but wasn't",
- response.contains("authentication mechanism called: true"));
-
-
- // 3. Request same page again within same http session, without remember me
- // specified should NOT be authenticated
-
- response = readFromServer("/servlet");
-
- assertDefaultNotAuthenticated(
- response);
-
-
- // 4. Authenticate with remember me
-
- response = readFromServer("/servlet?name=reza&password=secret1&rememberme=true");
-
- assertDefaultAuthenticated(
- response);
-
- // For the initial authentication, the mechanism should be called again
-
- assertTrue(
- "Authentication mechanism should have been called, but wasn't",
- response.contains("authentication mechanism called: true"));
-
-
- // 5. Request same page again within same http session, with remember me
- // specified should be authenticated
-
- response = readFromServer("/servlet");
-
- assertDefaultAuthenticated(
- response);
-
- // For the subsequent authentication, the mechanism should not be called again
- // (the remember me interceptor takes care of this)
-
- assertTrue(
- "Authentication mechanism should not have been called, but was",
- response.contains("authentication mechanism called: false"));
-
-
- // 6. "Expire" the session by removing all cookies except the
- // remember me cookie
-
- for (Cookie cookie : getWebClient().getCookieManager().getCookies()) {
- if (!"GLASSFISHCOOKIE".equals(cookie.getName())) {
- getWebClient().getCookieManager().removeCookie(cookie);
- }
- }
-
- // Request same page again
-
- response = readFromServer("/servlet");
-
- // Should still be authenticated
-
- assertDefaultAuthenticated(
- response);
-
- // For the subsequent authentication, the mechanism should not be called again
- // (the remember me interceptor takes care of this)
-
- assertTrue(
- "Authentication mechanism should not have been called, but was",
- response.contains("authentication mechanism called: false"));
-
-
- // 7. Logout. Should not be authenticated anymore
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?logout=true"));
-
-
- // 8. Request same page again, should still not be authenticated
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
-
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/pom.xml
deleted file mode 100644
index 4ce035c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-custom-session</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-custom-session</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index ddbdde0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- if (request.getParameter("logout") != null) {
- request.logout(); // slightly ill-defined, but only for current request
- request.getSession().invalidate();
- }
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String mechanismCalled = (String) request.getAttribute("authentication-mechanism-called");
-
- response.getWriter().write("\nauthentication mechanism called: " + (mechanismCalled != null? mechanismCalled : false) + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 227ae4a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.AutoApplySession;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-@RequestScoped
-@AutoApplySession
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- request.setAttribute("authentication-mechanism-called", "true");
-
- if (request.getParameter("name") != null && request.getParameter("password") != null) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index 403af16..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- if (credential instanceof UsernamePasswordCredential) {
- return validate((UsernamePasswordCredential) credential);
- }
-
- return NOT_VALIDATED_RESULT;
- }
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 11d0ee6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/test/java/org/glassfish/soteria/test/AppCustomSessionIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/test/java/org/glassfish/soteria/test/AppCustomSessionIT.java
deleted file mode 100644
index 67c26bc..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom-session/src/test/java/org/glassfish/soteria/test/AppCustomSessionIT.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertTrue;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppCustomSessionIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppCustomSession");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
- @Test
- public void testAuthenticatedSession() {
-
- // 1. Initially request page when we're not authenticated
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
-
-
- // 2. Authenticate
-
- String response = readFromServer("/servlet?name=reza&password=secret1");
-
- assertDefaultAuthenticated(
- response);
-
- // For the initial authentication, the mechanism should be called
-
- assertTrue(
- "Authentication mechanism should have been called, but wasn't",
- response.contains("authentication mechanism called: true"));
-
-
- // 3. Request same page again within same http session, should still
- // be authenticated
-
- response = readFromServer("/servlet");
-
- assertDefaultAuthenticated(
- response);
-
- // For the subsequent authentication, the mechanism should NOT be called
- // (the session interceptor takes care of authentication now)
-
- assertTrue(
- "Authentication mechanism should have been called, but wasn't",
- response.contains("authentication mechanism called: false"));
-
-
- // 4. Logout. Should not be authenticated anymore
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?logout=true"));
-
-
- // 5. Request same page again, should still not be authenticated
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
-
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/pom.xml
deleted file mode 100644
index d85a476..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-custom</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-custom</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
deleted file mode 100644
index 106324b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@WebServlet("/protectedServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class ProtectedServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/servlets"));
-
-
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index 51a17e9..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import org.glassfish.soteria.SecurityContextImpl;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- response.getWriter().write("All declared roles of user " + ((SecurityContextImpl)securityContext).getAllDeclaredCallerRoles() + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 9efb76c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import jakarta.security.auth.message.AuthException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
-
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index c4556df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 48a35fa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app
- xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1"
->
-
- <!-- Security constraints and roles. -->
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>User pages</web-resource-name>
- <url-pattern>/protectedServlet</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- </security-constraint>
-
-
- <security-role>
- <role-name>foo</role-name>
- </security-role>
-
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/test/java/org/glassfish/soteria/test/AppCustomIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/test/java/org/glassfish/soteria/test/AppCustomIT.java
deleted file mode 100644
index 2a89b80..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-custom/src/test/java/org/glassfish/soteria/test/AppCustomIT.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppCustomIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppCustom");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- responseFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticatedUnprotected(
- responseFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- responseFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- responseFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/pom.xml
deleted file mode 100644
index f10e03b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/pom.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-db</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-db</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java
deleted file mode 100644
index 0083211..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.inject.Named;
-import javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition;
-
-@DatabaseIdentityStoreDefinition(
- dataSourceLookup="${'jdbc/__default'}",
- callerQuery="#{'select password from caller where name = ?'}",
- groupsQuery="select group_name from caller_groups where caller_name = ?",
- hashAlgorithm = PlaintextPasswordHash.class,
- hashAlgorithmParameters = {
- "foo=bar",
- "kax=zak",
- "foox=${'iop'}",
- "${applicationConfig.dyna}"
-
- } // just for test / example
-)
-@ApplicationScoped
-@Named
-public class ApplicationConfig {
-
- public String[] getDyna() {
- return new String[] {"dyn=1","dyna=2","dynam=3"};
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/DatabaseSetup.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/DatabaseSetup.java
deleted file mode 100644
index 0d4d1c3..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/DatabaseSetup.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.sql.Connection;
-import java.sql.PreparedStatement;
-import java.sql.SQLException;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.annotation.PreDestroy;
-import jakarta.annotation.Resource;
-import jakarta.annotation.sql.DataSourceDefinition;
-import jakarta.ejb.Singleton;
-import jakarta.ejb.Startup;
-import javax.sql.DataSource;
-
-@Singleton
-@Startup
-public class DatabaseSetup {
-
- @Resource(lookup="java:comp/DefaultDataSource")
- private DataSource dataSource;
-
- @PostConstruct
- public void init() {
-
- executeUpdate(dataSource, "CREATE TABLE caller(name VARCHAR(64) PRIMARY KEY, password VARCHAR(64))");
- executeUpdate(dataSource, "CREATE TABLE caller_groups(caller_name VARCHAR(64), group_name VARCHAR(64))");
-
- executeUpdate(dataSource, "INSERT INTO caller VALUES('reza', 'secret1')");
- executeUpdate(dataSource, "INSERT INTO caller VALUES('alex', 'secret2')");
- executeUpdate(dataSource, "INSERT INTO caller VALUES('arjan', 'secret2')");
- executeUpdate(dataSource, "INSERT INTO caller VALUES('werner', 'secret2')");
-
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('reza', 'foo')");
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('reza', 'bar')");
-
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('alex', 'foo')");
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('alex', 'bar')");
-
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('arjan', 'foo')");
- executeUpdate(dataSource, "INSERT INTO caller_groups VALUES('werner', 'foo')");
- }
-
- @PreDestroy
- public void destroy() {
- try {
- executeUpdate(dataSource, "DROP TABLE caller");
- executeUpdate(dataSource, "DROP TABLE caller_groups");
- } catch (Exception e) {
- // silently ignore, concerns in-memory database
- }
- }
-
- private void executeUpdate(DataSource dataSource, String query) {
- try (Connection connection = dataSource.getConnection()) {
- try (PreparedStatement statement = connection.prepareStatement(query)) {
- statement.executeUpdate();
- }
- } catch (SQLException e) {
- throw new IllegalStateException(e);
- }
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/PlaintextPasswordHash.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/PlaintextPasswordHash.java
deleted file mode 100644
index aa26df2..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/PlaintextPasswordHash.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-import java.util.Map;
-
-import jakarta.enterprise.context.Dependent;
-import javax.security.enterprise.identitystore.PasswordHash;
-
-@Dependent
-public class PlaintextPasswordHash implements PasswordHash {
-
- @Override
- public void initialize(Map<String, String> parameters) {
-
- }
-
- @Override
- public String generate(char[] password) {
- return new String(password);
- }
-
- @Override
- public boolean verify(char[] password, String hashedPassword) {
- //don't bother with constant time comparison; more portable
- //this way, and algorithm will be used only for testing.
- return (password != null && password.length > 0 &&
- hashedPassword != null && hashedPassword.length() > 0 &&
- hashedPassword.equals(new String(password)));
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index e23a1f8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 45b2208..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (request.getParameter("name") != null && request.getParameter("password") != null) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 11d0ee6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/test/java/org/glassfish/soteria/test/AppDBIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/test/java/org/glassfish/soteria/test/AppDBIT.java
deleted file mode 100644
index 9bf6a22..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/test/java/org/glassfish/soteria/test/AppDBIT.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.lang.System.getProperty;
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assume.assumeFalse;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.jboss.shrinkwrap.api.ShrinkWrap;
-import org.jboss.shrinkwrap.api.asset.EmptyAsset;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-
-@RunWith(Arquillian.class)
-public class AppDBIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppDB");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/pom.xml
deleted file mode 100644
index 6f49151..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/pom.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-double-ham</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-double-ham</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
deleted file mode 100644
index a4bdcdd..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
-
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-
-@BasicAuthenticationMechanismDefinition(
- realmName="test realm"
-)
-@WebServlet("/protectedServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class ProtectedServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/servlets"));
-
-
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index d36ea39..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
-import org.glassfish.soteria.SecurityContextImpl;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@BasicAuthenticationMechanismDefinition(
- realmName="test realm"
-)
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- response.getWriter().write("All declared roles of user " + ((SecurityContextImpl)securityContext).getAllDeclaredCallerRoles() + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index f83eabc..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
-
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index c4556df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 48a35fa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app
- xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1"
->
-
- <!-- Security constraints and roles. -->
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>User pages</web-resource-name>
- <url-pattern>/protectedServlet</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- </security-constraint>
-
-
- <security-role>
- <role-name>foo</role-name>
- </security-role>
-
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/test/java/org/glassfish/soteria/test/AppDoubleHAMIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/test/java/org/glassfish/soteria/test/AppDoubleHAMIT.java
deleted file mode 100644
index 1b5eb6e..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-double-ham/src/test/java/org/glassfish/soteria/test/AppDoubleHAMIT.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppDoubleHAMIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppDoubleHam");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testBasicHAM() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("reza", "secret1");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- assertNotAuthenticatedError(
- responseFromServer("/servlet"));
- }
-
- @Test
- public void testCustomHam() {
- assertNotAuthenticatedError(
- responseFromServer("/servlet?name=reza&password=secret1"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/pom.xml
deleted file mode 100644
index a344289..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-ham-ordering</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-ham-ordering</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index f9e5be7..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import org.glassfish.soteria.SecurityContextImpl;
-import java.util.stream.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Arrays;
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- *
- *
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- private void tagHttpRequest(HttpServletRequest request,String methodName){
-
- if(request.getAttribute("methodInvList") == null){
- List<String> invList= new ArrayList<>();
- invList.add(methodName);
- request.setAttribute("methodInvList", invList.stream().collect(Collectors.joining(",")));
- }else{
- String invListStr = (String)request.getAttribute("methodInvList");
- List<String> invList = new ArrayList(Arrays.asList(invListStr.split(",")));
- invList.add(methodName);
- request.setAttribute("methodInvList", invList.stream().collect(Collectors.joining(",")));
- }
- }
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
-
- tagHttpRequest(request,"doGet");
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- response.getWriter().write("All declared roles of user " + ((SecurityContextImpl)securityContext).getAllDeclaredCallerRoles() + "\n");
- String invListStr = (String)request.getAttribute("methodInvList");
- response.getWriter().write("OrderingList: " + invListStr);
- boolean doLogout = Boolean.parseBoolean(request.getParameter("doLogout"));
- if(doLogout)
- request.logout();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index bd4c138..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-import java.io.IOException;
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.util.stream.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Arrays;
-import static javax.security.enterprise.AuthenticationStatus.*;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
- tagHttpRequest(request,"validateRequest");
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
- @Override
- public AuthenticationStatus secureResponse(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
- try {
- response.getWriter().write(",secureResponse");
- }catch (IOException e){
- e.printStackTrace();
- }
- tagHttpRequest(request,"secureResponse");
- return SUCCESS;
- }
-
- @Override
- public void cleanSubject(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) {
- try {
- response.getWriter().write(",cleanSubject");
- }catch (IOException e){
- e.printStackTrace();
- }
- tagHttpRequest(request,"cleanSubject");
- }
-
- private void tagHttpRequest(HttpServletRequest request,String methodName){
-
- if(request.getAttribute("methodInvList") == null){
- List<String> invList= new ArrayList<>();
- invList.add(methodName);
- request.setAttribute("methodInvList", invList.stream().collect(Collectors.joining(",")));
- }else{
- String invListStr = (String)request.getAttribute("methodInvList");
- List<String> invList = new ArrayList(Arrays.asList(invListStr.split(",")));
- invList.add(methodName);
- request.setAttribute("methodInvList", invList.stream().collect(Collectors.joining(",")));
- }
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index c4556df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 48a35fa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app
- xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1"
->
-
- <!-- Security constraints and roles. -->
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>User pages</web-resource-name>
- <url-pattern>/protectedServlet</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- </security-constraint>
-
-
- <security-role>
- <role-name>foo</role-name>
- </security-role>
-
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/test/java/org/glassfish/soteria/test/AppHAMOrderingIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/test/java/org/glassfish/soteria/test/AppHAMOrderingIT.java
deleted file mode 100644
index caac72d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-ham-ordering/src/test/java/org/glassfish/soteria/test/AppHAMOrderingIT.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertTrue;
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppHAMOrderingIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppHamOrdering");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticatedValidateRequestAndSecureResponse() {
- WebResponse response = responseFromServer("/servlet?name=reza&password=secret1");
- assertDefaultAuthenticated(response);
- assertTrue("Response did not contain correct ordering of validateRequest,secureResponse",
- response.getContentAsString().contains("OrderingList: validateRequest,doGet,secureResponse"));
- }
-
- @Test
- public void testAuthenticatedcleanSubject() {
- WebResponse response = responseFromServer("/servlet?name=reza&password=secret1&doLogout=True");
- assertDefaultAuthenticated(response);
- assertTrue("Response did not correct ordering of validateRequest,secureResponse,cleanSubject",
- response.getContentAsString().contains("OrderingList: validateRequest,doGet,cleanSubject,secureResponse"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/pom.xml
deleted file mode 100644
index 0245a9f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-mem-basic</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-mem-basic</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/java/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/java/test/Servlet.java
deleted file mode 100644
index 4762328..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/java/test/Servlet.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
-import org.glassfish.soteria.identitystores.annotation.Credentials;
-import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@BasicAuthenticationMechanismDefinition(
- realmName="test realm"
-)
-
-@EmbeddedIdentityStoreDefinition({
- @Credentials(callerName = "reza", password = "secret1", groups = { "foo", "bar" }),
- @Credentials(callerName = "alex", password = "secret2", groups = { "foo", "kaz" }),
- @Credentials(callerName = "arjan", password = "secret3", groups = { "foo" }) }
-)
-
-@WebServlet("/servlet")
-@DeclareRoles({ "foo", "bar", "kaz" })
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java
deleted file mode 100644
index d68bb40..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-basic/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppMemBasicIT extends ArquillianBase {
-
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppMemBasic");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("reza", "secret1");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- assertDefaultAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticated() {
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("romo", "secret1");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("reza", "wrongpassword");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/pom.xml
deleted file mode 100644
index 35321b7..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/pom.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-mem-form</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-mem-form</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java
deleted file mode 100644
index aa66ff8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import jakarta.inject.Named;
-
-
-@ApplicationScoped
-@Named("appConfig")
-public class ApplicationConfig {
- public String getLoginPage(){
- return login_page;
- }
- private String login_page = "/login-servlet";
- private String error_page = "/login-error-servlet";
-
- public String getErrorPage() {
- return error_page;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginErrorServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginErrorServlet.java
deleted file mode 100644
index f7da2df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginErrorServlet.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Servlet that is invoked when the caller did not authenticate correctly
- *
- *
- */
-@WebServlet({"/login-error-servlet"})
-public class LoginErrorServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- response.getWriter().write(
- // Just as example for the mechanism, not likely to be used
- // in practice like this
- "<html><body> Login failed! \n" +
- "<a href=\"login-servlet\">Try again</a>" +
- "</body></html>");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginServlet.java
deleted file mode 100644
index c703d92..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/LoginServlet.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Servlet that is invoked when it's determined that the caller needs to authenticate/login.
- *
- */
-@WebServlet({"/login-servlet"})
-public class LoginServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- response.getWriter().write(
- "<html><body> Login to continue \n" +
- "<form method=\"POST\" action=\"j_security_check\">" +
- "<p><strong>Username </strong>" +
- "<input type=\"text\" name=\"j_username\">" +
-
- "<p><strong>Password </strong>" +
- "<input type=\"password\" name=\"j_password\">" +
- "<p>" +
- "<input type=\"submit\" value=\"Submit\">" +
- "</form>" +
- "</body></html>");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index 88ea4f0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import javax.security.enterprise.authentication.mechanism.http.*;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-
-@FormAuthenticationMechanismDefinition(
- loginToContinue = @LoginToContinue(
- loginPage="${appConfig.getLoginPage()}",
- errorPage="#{appConfig.getErrorPage()}"
- )
-)
-@WebServlet("/servlet")
-@DeclareRoles({ "foo", "bar", "kaz" })
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write(
- "<html><body> This is a servlet <br><br>\n" +
-
- "web username: " + webName + "<br><br>\n" +
-
- "web user has role \"foo\": " + request.isUserInRole("foo") + "<br>\n" +
- "web user has role \"bar\": " + request.isUserInRole("bar") + "<br>\n" +
- "web user has role \"kaz\": " + request.isUserInRole("kaz") + "<br><br>\n" +
-
-
- "<form method=\"POST\">" +
- "<input type=\"hidden\" name=\"logout\" value=\"true\" >" +
- "<input type=\"submit\" value=\"Logout\">" +
- "</form>" +
- "</body></html>");
- }
-
- @Override
- public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- if ("true".equals(request.getParameter("logout"))) {
- request.logout();
- request.getSession().invalidate();
- }
-
- doGet(request, response);
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index 1ac02f9..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.ApplicationScoped;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@ApplicationScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/test/java/org/glassfish/soteria/test/AppMemFormIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/test/java/org/glassfish/soteria/test/AppMemFormIT.java
deleted file mode 100644
index 1ac3a80..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-mem-form/src/test/java/org/glassfish/soteria/test/AppMemFormIT.java
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertTrue;
-
-import java.io.IOException;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-
-
-@RunWith(Arquillian.class)
-public class AppMemFormIT extends ArquillianBase {
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() throws IOException {
-
-
- // 1. Initially request protected page when we're not authenticated
-
- HtmlPage loginPage = pageFromServer("/servlet");
-
-
- // 2. Server should forward to login page
-
- assertTrue(
- "The login page should have been displayed, but was not",
- loginPage.getWebResponse().getContentAsString().contains("Login to continue")
- );
-
-
- // 3. Submit the form on the login page with the correct credentials
-
- HtmlForm form = loginPage.getForms().get(0);
-
- form.getInputByName("j_username")
- .setValueAttribute("reza");
-
- form.getInputByName("j_password")
- .setValueAttribute("secret1");
-
- HtmlPage page = form.getInputByValue("Submit")
- .click();
-
- // Has to be authenticted now
- assertDefaultAuthenticated(
- page.getWebResponse()
- .getContentAsString());
-
-
- // 4. Request page again. FORM is stateful (http session bound) so
- // still has to be authenticated.
-
- page = pageFromServer("/servlet");
-
- System.out.println("+++++++++++STEP 4 +++++++++++++ (before assertDefaultAuthenticated) \n\n\n\n" + page.getWebResponse()
- .getContentAsString());
-
- assertDefaultAuthenticated(
- page.getWebResponse()
- .getContentAsString());
-
-
- // 5. Logout
-
- System.out.println("*** STEP 5 ***** (before get logout) " + page.asXml());
-
- page = page.getForms()
- .get(0)
- .getInputByValue("Logout")
- .click();
-
- // Has to be logged out now (page will still be rendered, but with
- // web username null and no roles.
-
- assertDefaultNotAuthenticated(
- page.getWebResponse()
- .getContentAsString());
-
-
-
- // 6. Request page again. Should still be logged out
- // (and will display login to continue again now)
-
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
-
- }
-
- @Test
- public void testNotAuthenticatedWrongName() throws IOException {
-
- // 1. Initially request protected page when we're not authenticated
-
- HtmlPage loginPage = pageFromServer("/servlet");
-
-
- // 2. Server should forward to login page
-
- assertTrue(
- "The login page should have been displayed, but was not",
- loginPage.getWebResponse().getContentAsString().contains("Login to continue")
- );
-
-
- // 3. Submit the form on the login page with the correct credentials
-
- HtmlForm form = loginPage.getForms().get(0);
-
- form.getInputByName("j_username")
- .setValueAttribute("romo");
-
- form.getInputByName("j_password")
- .setValueAttribute("secret1");
-
- HtmlPage page = form.getInputByValue("Submit")
- .click();
-
- assertTrue(
- "The error page should have been displayed, but was not",
- page.getWebResponse().getContentAsString().contains("Login failed!")
- );
-
- // Should not be authenticted now
- assertDefaultNotAuthenticated(
- page.getWebResponse()
- .getContentAsString());
-
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() throws IOException {
-
- // 1. Initially request protected page when we're not authenticated
-
- HtmlPage loginPage = pageFromServer("/servlet");
-
-
- // 2. Server should forward to login page
-
- assertTrue(
- "The login page should have been displayed, but was not",
- loginPage.getWebResponse().getContentAsString().contains("Login to continue")
- );
-
-
- // 3. Submit the form on the login page with the *wrong* credentials
-
- HtmlForm form = loginPage.getForms().get(0);
-
- form.getInputByName("j_username")
- .setValueAttribute("reza");
-
- form.getInputByName("j_password")
- .setValueAttribute("wrongpassword");
-
- HtmlPage page = form.getInputByValue("Submit")
- .click();
-
- assertTrue(
- "The error page should have been displayed, but was not",
- page.getWebResponse().getContentAsString().contains("Login failed!")
- );
-
- // Should not be authenticted now
- assertDefaultNotAuthenticated(
- page.getWebResponse()
- .getContentAsString());
-
- }
-
- @Test
- public void testNotAuthenticatedInitiallyWrongNameThenCorrect() throws IOException {
-
- // 1. Initially request protected page when we're not authenticated
-
- HtmlPage loginPage = pageFromServer("/servlet");
-
-
- // 2. Server should forward to login page
-
- assertTrue(
- "The login page should have been displayed, but was not",
- loginPage.getWebResponse().getContentAsString().contains("Login to continue")
- );
-
-
- // 3. Submit the form on the login page with the correct credentials
-
- HtmlForm form = loginPage.getForms().get(0);
-
- form.getInputByName("j_username")
- .setValueAttribute("romo");
-
- form.getInputByName("j_password")
- .setValueAttribute("secret1");
-
- HtmlPage errorPage = form.getInputByValue("Submit")
- .click();
-
- // Should not be authenticted now
- assertDefaultNotAuthenticated(
- errorPage.getWebResponse()
- .getContentAsString());
-
-
- // 4. Request login page directly, and now submit with the correct credentials
- // (note that the initial target URL of /servlet should still be remembered)
-
- loginPage = pageFromServer("/login-servlet");
-
- form = loginPage.getForms().get(0);
-
- form.getInputByName("j_username")
- .setValueAttribute("reza");
-
- form.getInputByName("j_password")
- .setValueAttribute("secret1");
-
- HtmlPage page = form.getInputByValue("Submit")
- .click();
-
- // Has to be authenticted now
- assertDefaultAuthenticated(
- page.getWebResponse()
- .getContentAsString());
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/pom.xml
deleted file mode 100644
index 4e77b7b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/pom.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-multiple-store-backup</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-multiple-store-backup</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index 407a705..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index ce6f324..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-import static org.glassfish.soteria.Utils.notNull;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (notNull(request.getParameter("name"), request.getParameter("password"))) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- }
-
- return httpMessageContext.responseUnauthorized();
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestBackupIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestBackupIdentityStore.java
deleted file mode 100644
index a468058..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestBackupIdentityStore.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@RequestScoped
-public class TestBackupIdentityStore implements IdentityStore {
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- if (credential instanceof UsernamePasswordCredential) {
- return validate((UsernamePasswordCredential) credential);
- }
-
- return NOT_VALIDATED_RESULT;
- }
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.getCaller().equals("reza") &&
- usernamePasswordCredential.getPassword().compareTo("secret2")) {
-
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- if (usernamePasswordCredential.getCaller().equals("alex") &&
- usernamePasswordCredential.getPassword().compareTo("verysecret")) {
-
- return new CredentialValidationResult("alex", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
- public int priority() {
- return 20;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index 2cbf9b2..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- if (credential instanceof UsernamePasswordCredential) {
- return validate((UsernamePasswordCredential) credential);
- }
-
- return NOT_VALIDATED_RESULT;
- }
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.getCaller().equals("reza") &&
- usernamePasswordCredential.getPassword().compareTo("secret1")) {
-
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
- public int priority() {
- return 10;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 11d0ee6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/test/java/org/glassfish/soteria/test/AppMultipleStoreBackupIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/test/java/org/glassfish/soteria/test/AppMultipleStoreBackupIT.java
deleted file mode 100644
index 46b0ecf..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store-backup/src/test/java/org/glassfish/soteria/test/AppMultipleStoreBackupIT.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-@RunWith(Arquillian.class)
-public class AppMultipleStoreBackupIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppMultipleStoreBackup");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testAuthenticatedBackupPassword() {
- // This will first try the initial store which will fail, then
- // tries the second store, which should succeeded. The user
- // is present in both stores but with different passwords.
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret2"));
- }
-
- @Test
- public void testAuthenticatedBackupUser() {
- // This will first try the initial store which will fail, then
- // tries the second store, which should succeeded. The user
- // is only present in the second store.
- Assert.assertAuthenticated(
- "web", "alex",
- readFromServer("/servlet?name=alex&password=verysecret"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/pom.xml
deleted file mode 100644
index d99d57a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-multiple-store</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-multiple-store</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthenticationIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthenticationIdentityStore.java
deleted file mode 100644
index a434ae8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthenticationIdentityStore.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.VALIDATE;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.credential.Credential;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-/**
- *
- */
-@RequestScoped
-public class AuthenticationIdentityStore implements IdentityStore {
-
- private Map<String, String> callerToPassword;
-
- @PostConstruct
- public void init() {
- callerToPassword = new HashMap<>();
- callerToPassword.put("reza", "secret1");
- callerToPassword.put("alex", "secret2");
- callerToPassword.put("arjan", "secret3");
- }
-
- @Override
- public CredentialValidationResult validate(Credential credential) {
- CredentialValidationResult result;
-
- if (credential instanceof UsernamePasswordCredential) {
- UsernamePasswordCredential usernamePassword = (UsernamePasswordCredential) credential;
- String expectedPW = callerToPassword.get(usernamePassword.getCaller());
- // We don't allow empty passwords :)
- if (expectedPW != null && expectedPW.equals(usernamePassword.getPasswordAsString())) {
- result = new CredentialValidationResult(usernamePassword.getCaller());
- } else {
- result = INVALID_RESULT;
- }
- } else {
- result = NOT_VALIDATED_RESULT;
- }
-
- return result;
- }
-
- @Override
- public Set<ValidationType> validationTypes() {
- return new HashSet<>(asList(VALIDATE));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthorizationIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthorizationIdentityStore.java
deleted file mode 100644
index 3a518df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/AuthorizationIdentityStore.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.IdentityStore.ValidationType.PROVIDE_GROUPS;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import jakarta.annotation.PostConstruct;
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-
-/**
- *
- */
-@RequestScoped
-public class AuthorizationIdentityStore implements IdentityStore {
-
- private Map<String, Set<String>> authorization;
-
- @PostConstruct
- public void init() {
- authorization = new HashMap<>();
-
- authorization.put("reza", new HashSet<>(asList("foo", "bar")));
- authorization.put("alex", new HashSet<>(asList("foo", "foo", "kaz")));
- authorization.put("arjan", new HashSet<>(asList("foo", "foo")));
-
- }
-
- @Override
- public Set<String> getCallerGroups(CredentialValidationResult validationResult) {
- return authorization.get(validationResult.getCallerPrincipal().getName());
- }
-
- @Override
- public Set<ValidationType> validationTypes() {
- return new HashSet<>(asList(PROVIDE_GROUPS));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index 407a705..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({ "foo", "bar", "kaz" })
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 4cd0736..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-import static org.glassfish.soteria.Utils.notNull;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.Password;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (notNull(request.getParameter("name"), request.getParameter("password"))) {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- Password password = new Password(request.getParameter("password"));
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- // Communicate the details of the authenticated user to the
- // container. In many cases the underlying handler will just store the details
- // and the container will actually handle the login after we return from
- // this method.
- return httpMessageContext.notifyContainerAboutLogin(
- result.getCallerPrincipal(), result.getCallerGroups());
- }
-
- return httpMessageContext.responseUnauthorized();
-
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/glassfish-web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/glassfish-web.xml
deleted file mode 100644
index 11d0ee6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/main/webapp/WEB-INF/glassfish-web.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<glassfish-web-app>
-
- <security-role-mapping>
- <role-name>foo</role-name>
- <group-name>foo</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>bar</role-name>
- <group-name>bar</group-name>
- </security-role-mapping>
-
- <security-role-mapping>
- <role-name>kaz</role-name>
- <group-name>kaz</group-name>
- </security-role-mapping>
-
- <parameter-encoding default-charset="UTF-8" />
-
-</glassfish-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/test/java/org/glassfish/soteria/test/AppMultipleStoreIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/test/java/org/glassfish/soteria/test/AppMultipleStoreIT.java
deleted file mode 100644
index 7cbba69..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-multiple-store/src/test/java/org/glassfish/soteria/test/AppMultipleStoreIT.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-@RunWith(Arquillian.class)
-public class AppMultipleStoreIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppMultipleStore");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=romo&password=secret1"));
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet?name=reza&password=wrongpassword"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/README.md b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/README.md
deleted file mode 100644
index fea016a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-
-### app-no-application-caller-principal
-
-**From JSR 375 Specification**
-
-> **1.2.2. Caller Principal Types**
-
-> When no specific application caller principal is supplied during authentication, the caller’s identity should be represented by a single principal, the container’s caller principal.
-
-In this test, no application caller principal is provided when container gets notified about login inside `TestAuthenticationMechanism`.
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/pom.xml
deleted file mode 100644
index abda6da..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/pom.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-no-application-caller-principal</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-no-application-caller-principal</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java
deleted file mode 100644
index 8735509..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/AppPrincipal.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.security.Principal;
-
-public class AppPrincipal implements Principal {
- String name;
-
- public AppPrincipal(String name){
- this.name = name;
- }
-
- @Override
- public String getName() {
- return name;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index 7e2b663..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
-
-import jakarta.enterprise.context.RequestScoped;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStoreHandler;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Inject
- private IdentityStoreHandler identityStoreHandler;
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- // Get the (caller) name and password from the request
- // NOTE: This is for the smallest possible example only. In practice
- // putting the password in a request query parameter is highly
- // insecure
- String name = request.getParameter("name");
- String password = request.getParameter("password");
-
- if (name != null && password != null) {
-
- // Delegate the {credentials in -> identity data out} function to
- // the Identity Store
- CredentialValidationResult result = identityStoreHandler.validate(
- new UsernamePasswordCredential(name, password));
-
- if (result.getStatus() == VALID) {
- return httpMessageContext.notifyContainerAboutLogin(result);
-
- } else {
- return httpMessageContext.responseUnauthorized();
- }
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
deleted file mode 100644
index c4556df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/TestIdentityStore.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.identitystore.CredentialValidationResult;
-import javax.security.enterprise.identitystore.IdentityStore;
-import javax.security.enterprise.credential.UsernamePasswordCredential;
-
-@RequestScoped
-public class TestIdentityStore implements IdentityStore {
-
- public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
-
- if (usernamePasswordCredential.compareTo("reza", "secret1")) {
- return new CredentialValidationResult("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- return INVALID_RESULT;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/ValidateAvailablePrincipalServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/ValidateAvailablePrincipalServlet.java
deleted file mode 100644
index d8f65e8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/java/org/glassfish/soteria/test/ValidateAvailablePrincipalServlet.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import java.io.IOException;
-
-import jakarta.inject.Inject;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.CallerPrincipal;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.security.Principal;
-import java.util.Optional;
-import java.util.Set;
-
-/**
- * The Servlet which validates if for the authenticated user, both
- * container and caller principals are present in the subject
- * representing the caller.
- */
-@WebServlet("/valildateAvailablePrincipalServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class ValidateAvailablePrincipalServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- boolean isUserInRole = securityContext.isCallerInRole("foo");
- boolean hasContainerCallerPrincipal = false;
- boolean hasApplicationCallerPrincipal = false;
-
- Principal containerCallerPrincipal = securityContext.getCallerPrincipal();
-
- if (containerCallerPrincipal instanceof javax.security.enterprise.CallerPrincipal) {
- hasContainerCallerPrincipal = true;
- }
-
- Set<Principal> principals = securityContext.getPrincipalsByType(java.security.Principal.class);
-
- Optional<Principal> principalOptional = principals.stream().filter((p) -> p.getClass().getName() == CallerPrincipal.class
- .getName())
- .findAny();
- if (principalOptional.isPresent()) {
- Principal applicationPrincipal = principalOptional.get();
- if(applicationPrincipal.equals(containerCallerPrincipal)) {
- response.getWriter().write("containerPrincipal:" + containerCallerPrincipal + "\n");
- response.getWriter().write("appPrincipal:" + applicationPrincipal + "\n");
- hasApplicationCallerPrincipal = true;
- response.getWriter().write("hasApplicationCallerPrincipal:" + hasApplicationCallerPrincipal + "\n");
- }
- }
- if (!hasApplicationCallerPrincipal && hasContainerCallerPrincipal && isUserInRole) {
- response.getWriter().write(String.format("Container caller principal and application caller principal must have " +
- "been one and the same but are not for user %s in role " +
- "%s",
- containerCallerPrincipal.getName(), "foo"));
- } else {
- response.getWriter().write(String.format("Both container caller principal and application caller principals are one" +
- " and the same for user %s in role %s",
- containerCallerPrincipal.getName(), "foo"));
- }
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/web.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index ca37ae0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app
- xmlns="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1">
-
- <!-- Security constraints and roles. -->
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>User pages</web-resource-name>
- <url-pattern>/protectedServlet</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>foo</role-name>
- </auth-constraint>
- </security-constraint>
-
-
- <security-role>
- <role-name>foo</role-name>
- </security-role>
-
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/test/java/org/glassfish/soteria/test/ValidateAvailablePrincipalIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/test/java/org/glassfish/soteria/test/ValidateAvailablePrincipalIT.java
deleted file mode 100644
index af9cd34..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-application-caller-principal/src/test/java/org/glassfish/soteria/test/ValidateAvailablePrincipalIT.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.*;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-
-import org.glassfish.soteria.test.ArquillianBase;
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class ValidateAvailablePrincipalIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::ValidateAvailablePrincipalIT");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testCallerSubjectPrincipals() {
- assertBothContainerAndApplicationPrincipalsAreSame(
- responseFromServer("/valildateAvailablePrincipalServlet?name=reza&password=secret1"));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/pom.xml
deleted file mode 100644
index ccf1c2b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/pom.xml
+++ /dev/null
@@ -1,50 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-no-role-mapping</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-no-role-mapping</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/java/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/java/test/Servlet.java
deleted file mode 100644
index 67d381b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/java/test/Servlet.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package test;
-
-import java.io.IOException;
-
-import jakarta.annotation.security.DeclareRoles;
-import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
-import org.glassfish.soteria.identitystores.annotation.Credentials;
-import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@BasicAuthenticationMechanismDefinition(
- realmName="test realm"
-)
-
-@EmbeddedIdentityStoreDefinition({
- @Credentials(callerName = "reza", password = "secret1", groups = { "foo", "bar" }),
- @Credentials(callerName = "alex", password = "secret2", groups = { "foo", "kaz" }),
- @Credentials(callerName = "arjan", password = "secret3", groups = { "foo" }) ,
- @Credentials(callerName = "sameer", password = "pandit", groups = { "bar" })}
-)
-
-@WebServlet("/servlet")
-@DeclareRoles({ "foo", "bar", "kaz" })
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java
deleted file mode 100644
index 3eb6946..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/test/java/org/glassfish/soteria/test/AppMemBasicIT.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
-import com.gargoylesoftware.htmlunit.WebResponse;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-@RunWith(Arquillian.class)
-public class AppMemBasicIT extends ArquillianBase {
-
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppNoRoleMapping");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("reza", "secret1");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- assertDefaultAuthenticated(
- readFromServer("/servlet"));
- }
-
- @Test
- public void testNotAuthenticated() {
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
- @Test
- public void testNotAuthenticatedWrongName() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("romo", "secret1");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
- @Test
- public void testNotAuthenticatedWrongPassword() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("reza", "wrongpassword");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(401, response.getStatusCode());
-
- assertTrue(
- "Response did not contain the \"WWW-Authenticate\" header, but should have",
- response.getResponseHeaderValue("WWW-Authenticate") != null);
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
- @Test
- public void testNotAuthenticatedNotAllowedRole() {
-
- DefaultCredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
- credentialsProvider.addCredentials("sameer", "pandit");
-
- getWebClient().setCredentialsProvider(credentialsProvider);
-
- WebResponse response = responseFromServer("/servlet");
-
- assertEquals(403, response.getStatusCode());
-
- assertDefaultNotAuthenticated(
- response.getContentAsString());
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/pom.xml
deleted file mode 100644
index a7518de..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-securitycontext-auth-ejb</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-securitycontext-auth-ejb</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
deleted file mode 100644
index a0f1b02..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.glassfish.soteria.SecurityContextImpl;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Set;
-
-import static javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters.withParams;
-import static org.glassfish.soteria.Utils.notNull;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({"foo", "bar", "kaz"})
-@WebServlet("/protectedServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class ProtectedServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String name = request.getParameter("name");
-
- if (notNull(name)) {
-
- AuthenticationStatus status = securityContext.authenticate(
- request, response,
- withParams()
- .credential(
- new CallerOnlyCredential(name)));
-
- response.getWriter().write("Authenticated with status: " + status.name() + "\n");
- }
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access to /protectedServlet: " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- Set<String> roles = ((SecurityContextImpl) securityContext).getAllDeclaredCallerRoles();
-
- response.getWriter().write("All declared roles of user " + roles + "\n");
-
- response.getWriter().write("all roles has role \"foo\": " + roles.contains("foo") + "\n");
- response.getWriter().write("all roles has role \"bar\": " + roles.contains("bar") + "\n");
- response.getWriter().write("all roles has role \"kaz\": " + roles.contains("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index 4c43cf1..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.glassfish.soteria.SecurityContextImpl;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.ejb.EJB;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Set;
-import jakarta.inject.Inject;
-
-import static javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters.withParams;
-import static org.glassfish.soteria.Utils.notNull;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({"foo", "bar", "kaz"})
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @EJB
- private TestEJB bean;
- @Inject
- private SecurityContext securityContext;
-
- /**
- * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
- * methods.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- protected void processRequest(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- response.setContentType("text/html;charset=UTF-8");
- response.getWriter().write("This is a servlet \n");
- String name = request.getParameter("name");
-
- if (notNull(name)) {
-
- AuthenticationStatus status = securityContext.authenticate(
- request, response,
- withParams()
- .credential(
- new CallerOnlyCredential(name)));
-
- response.getWriter().write("Authenticated with status: " + status.name() + "\n");
- }
-
- String ejbName = null;
- if (bean.getUserPrincipalFromEJBContext() != null) {
- ejbName = bean.getUserPrincipalFromEJBContext().getName();
- }
-
- response.getWriter().write("ejb username: " + ejbName + "\n");
-
- response.getWriter().write("ejb user has role \"foo\": " + bean.isCallerInRoleFromEJBContext("foo") + "\n");
- response.getWriter().write("ejb user has role \"bar\": " + bean.isCallerInRoleFromEJBContext("bar") + "\n");
- response.getWriter().write("ejb user has role \"kaz\": " + bean.isCallerInRoleFromEJBContext("kaz") + "\n");
-
- String contextName = null;
- if (bean.getUserPrincipalFromSecContext() != null) {
- contextName = bean.getUserPrincipalFromSecContext().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + bean.isCallerInRoleFromSecContext("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + bean.isCallerInRoleFromSecContext("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + bean.isCallerInRoleFromSecContext("kaz") + "\n");
-
- response.getWriter().write("web user has access to /protectedServlet: " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- Set<String> roles = bean.getAllDeclaredCallerRoles();
-
- response.getWriter().write("All declared roles of user " + roles + "\n");
-
- response.getWriter().write("all roles has role \"foo\": " + roles.contains("foo") + "\n");
- response.getWriter().write("all roles has role \"bar\": " + roles.contains("bar") + "\n");
- response.getWriter().write("all roles has role \"kaz\": " + roles.contains("kaz") + "\n");
- }
-
-
- /**
- * Handles the HTTP <code>GET</code> method.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
-
- /**
- * Handles the HTTP <code>POST</code> method.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
-
- /**
- * Returns a short description of the servlet.
- *
- * @return a String containing servlet description
- */
- @Override
- public String getServletInfo() {
- return "Short description";
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index da648d4..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.AuthenticationStatus.SEND_FAILURE;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import javax.security.enterprise.credential.Credential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (httpMessageContext.isAuthenticationRequest()) {
-
- Credential credential = httpMessageContext.getAuthParameters().getCredential();
- if (!(credential instanceof CallerOnlyCredential)) {
- throw new IllegalStateException("This authentication mechanism requires a programmatically provided CallerOnlyCredential");
- }
-
- CallerOnlyCredential callerOnlyCredential = (CallerOnlyCredential) credential;
-
- if ("reza".equals(callerOnlyCredential.getCaller())) {
- return httpMessageContext.notifyContainerAboutLogin("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- if ("rezax".equals(callerOnlyCredential.getCaller())) {
- throw new AuthenticationException();
- }
-
- return SEND_FAILURE;
-
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestEJB.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestEJB.java
deleted file mode 100644
index 67d10f4..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/java/org/glassfish/soteria/test/TestEJB.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import jakarta.ejb.Stateless;
-import jakarta.inject.Inject;
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.annotation.security.PermitAll;
-import jakarta.annotation.Resource;
-import jakarta.ejb.EJBContext;
-import jakarta.annotation.security.RolesAllowed;
-import org.glassfish.soteria.SecurityContextImpl;
-import javax.security.enterprise.SecurityContext;
-import java.security.Principal;
-import java.util.Set;
-@Stateless
-@DeclareRoles({ "foo" , "bar", "kaz"})
-public class TestEJB {
-
- @Inject
- private SecurityContext securityContext;
-
- @Resource
- private EJBContext ejbContext;
-
- public Principal getUserPrincipalFromEJBContext() {
- try {
- return ejbContext.getCallerPrincipal();
- } catch (Exception e) {
- e.printStackTrace();
- }
- return null;
- }
-
- public boolean isCallerInRoleFromEJBContext(String role) {
- try {
- return ejbContext.isCallerInRole(role);
- } catch (Exception e) {
- e.printStackTrace();
- }
- return false;
- }
-
-
- public Principal getUserPrincipalFromSecContext() {
- return securityContext.getCallerPrincipal();
- }
-
- public boolean isCallerInRoleFromSecContext(String role) {
- return securityContext.isCallerInRole(role);
- }
-
- public Set<String> getAllDeclaredCallerRoles() {
- return ((SecurityContextImpl)securityContext).getAllDeclaredCallerRoles();
- }
-
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java
deleted file mode 100644
index 8c3dcd3..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth-ejb/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertTrue;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-
-@RunWith(Arquillian.class)
-public class AppSecurityContextAuthIT extends ArquillianBase {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppSecurityContextEJB");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticatedStatus() {
- assertTrue(
- readFromServer("/servlet?name=reza")
- .contains("Authenticated with status: SUCCESS"));
- }
-
- /**
- * The name "rezax" will cause the custom authentication provider
- * to throw an auth exception, which should ultimately result in
- * a SEND_FAILURE outcome from SecurityContext.authenticate.
- */
- @Test
- public void testAuthenticatedStatusException() {
- assertTrue(
- readFromServer("/servlet?name=rezax")
- .contains("Authenticated with status: SEND_FAILURE"));
- }
-
- /**
- * The name "unknown" will cause the custom authentication provider
- * to return SEND_FAILURE, which should ultimately result in
- * a SEND_FAILURE outcome from SecurityContext.authenticate as well.
- */
- @Test
- public void testAuthenticatedStatusFail() {
- assertTrue(
- readFromServer("/servlet?name=unknown")
- .contains("Authenticated with status: SEND_FAILURE"));
- }
-
- @Test
- public void testAuthenticated() {
- Assert.assertAuthenticated(
- "ejb",
- "reza",
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testContextAuthenticated() {
- Assert.assertAuthenticated(
- "context",
- "reza",
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testContextIsCallerInRole(){
- Assert.assertAuthenticated(
- "context",
- "reza",
- readFromServer("/servlet?name=reza"), "foo", "bar");
- }
-
- @Test
- public void testContextAllCallers(){
- Assert.assertAuthenticatedRoles(
- "all roles",
- readFromServer("/servlet?name=reza"), "foo", "bar");
- }
-
- @Test
- public void testContextHasAccessToResource(){
- Assert.assertHasAccessToResource(
- "web",
- "reza",
- "/protectedServlet",
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
-
-
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/pom.xml
deleted file mode 100644
index 120a9f0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>app-securitycontext-auth</artifactId>
- <packaging>war</packaging>
-
- <build>
- <finalName>app-securitycontext-auth</finalName>
- </build>
-
- <properties>
- <failOnMissingWebXml>false</failOnMissingWebXml>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>common</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
deleted file mode 100644
index a0f1b02..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/ProtectedServlet.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.glassfish.soteria.SecurityContextImpl;
-import javax.security.enterprise.SecurityContext;
-import jakarta.servlet.annotation.ServletSecurity;
-import jakarta.servlet.annotation.HttpConstraint;
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Set;
-
-import static javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters.withParams;
-import static org.glassfish.soteria.Utils.notNull;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({"foo", "bar", "kaz"})
-@WebServlet("/protectedServlet")
-@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
-public class ProtectedServlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String name = request.getParameter("name");
-
- if (notNull(name)) {
-
- AuthenticationStatus status = securityContext.authenticate(
- request, response,
- withParams()
- .credential(
- new CallerOnlyCredential(name)));
-
- response.getWriter().write("Authenticated with status: " + status.name() + "\n");
- }
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("has access to /protectedServlet: " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- Set<String> roles = ((SecurityContextImpl) securityContext).getAllDeclaredCallerRoles();
-
- response.getWriter().write("All declared roles of user " + roles + "\n");
-
- response.getWriter().write("all roles has role \"foo\": " + roles.contains("foo") + "\n");
- response.getWriter().write("all roles has role \"bar\": " + roles.contains("bar") + "\n");
- response.getWriter().write("all roles has role \"kaz\": " + roles.contains("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/Servlet.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/Servlet.java
deleted file mode 100644
index faaecdf..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/Servlet.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.glassfish.soteria.SecurityContextImpl;
-
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.inject.Inject;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.SecurityContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Set;
-
-import static javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters.withParams;
-import static org.glassfish.soteria.Utils.notNull;
-
-/**
- * Test Servlet that prints out the name of the authenticated caller and whether
- * this caller is in any of the roles {foo, bar, kaz}
- */
-@DeclareRoles({"foo", "bar", "kaz"})
-@WebServlet("/servlet")
-public class Servlet extends HttpServlet {
-
- private static final long serialVersionUID = 1L;
-
- @Inject
- private SecurityContext securityContext;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-
- response.getWriter().write("This is a servlet \n");
-
- String name = request.getParameter("name");
-
- if (notNull(name)) {
-
- AuthenticationStatus status = securityContext.authenticate(
- request, response,
- withParams()
- .credential(
- new CallerOnlyCredential(name)));
-
- response.getWriter().write("Authenticated with status: " + status.name() + "\n");
- }
-
- String webName = null;
- if (request.getUserPrincipal() != null) {
- webName = request.getUserPrincipal().getName();
- }
-
- response.getWriter().write("web username: " + webName + "\n");
-
- response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
- response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
- response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
-
- String contextName = null;
- if (securityContext.getCallerPrincipal() != null) {
- contextName = securityContext.getCallerPrincipal().getName();
- }
-
- response.getWriter().write("context username: " + contextName + "\n");
-
- response.getWriter().write("context user has role \"foo\": " + securityContext.isCallerInRole("foo") + "\n");
- response.getWriter().write("context user has role \"bar\": " + securityContext.isCallerInRole("bar") + "\n");
- response.getWriter().write("context user has role \"kaz\": " + securityContext.isCallerInRole("kaz") + "\n");
-
- response.getWriter().write("web user has access to /protectedServlet: " + securityContext.hasAccessToWebResource("/protectedServlet") + "\n");
-
- Set<String> roles = ((SecurityContextImpl) securityContext).getAllDeclaredCallerRoles();
-
- response.getWriter().write("All declared roles of user " + roles + "\n");
-
- response.getWriter().write("all roles has role \"foo\": " + roles.contains("foo") + "\n");
- response.getWriter().write("all roles has role \"bar\": " + roles.contains("bar") + "\n");
- response.getWriter().write("all roles has role \"kaz\": " + roles.contains("kaz") + "\n");
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
deleted file mode 100644
index da648d4..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/java/org/glassfish/soteria/test/TestAuthenticationMechanism.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.Arrays.asList;
-import static javax.security.enterprise.AuthenticationStatus.SEND_FAILURE;
-
-import java.util.HashSet;
-
-import jakarta.enterprise.context.RequestScoped;
-import javax.security.enterprise.AuthenticationStatus;
-import javax.security.enterprise.AuthenticationException;
-import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
-import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
-import javax.security.enterprise.credential.CallerOnlyCredential;
-import javax.security.enterprise.credential.Credential;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@RequestScoped
-public class TestAuthenticationMechanism implements HttpAuthenticationMechanism {
-
- @Override
- public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
-
- if (httpMessageContext.isAuthenticationRequest()) {
-
- Credential credential = httpMessageContext.getAuthParameters().getCredential();
- if (!(credential instanceof CallerOnlyCredential)) {
- throw new IllegalStateException("This authentication mechanism requires a programmatically provided CallerOnlyCredential");
- }
-
- CallerOnlyCredential callerOnlyCredential = (CallerOnlyCredential) credential;
-
- if ("reza".equals(callerOnlyCredential.getCaller())) {
- return httpMessageContext.notifyContainerAboutLogin("reza", new HashSet<>(asList("foo", "bar")));
- }
-
- if ("rezax".equals(callerOnlyCredential.getCaller())) {
- throw new AuthenticationException();
- }
-
- return SEND_FAILURE;
-
- }
-
- return httpMessageContext.doNothing();
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/webapp/WEB-INF/beans.xml b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/webapp/WEB-INF/beans.xml
deleted file mode 100644
index e69de29..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/main/webapp/WEB-INF/beans.xml
+++ /dev/null
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java b/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java
deleted file mode 100644
index cfddf88..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/app-securitycontext-auth/src/test/java/org/glassfish/soteria/test/AppSecurityContextAuthIT.java
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.glassfish.soteria.test.Assert.assertDefaultAuthenticated;
-import static org.glassfish.soteria.test.Assert.assertDefaultNotAuthenticated;
-import static org.glassfish.soteria.test.ShrinkWrap.mavenWar;
-import static org.junit.Assert.assertTrue;
-
-import org.jboss.arquillian.container.test.api.Deployment;
-import org.jboss.arquillian.junit.Arquillian;
-import org.jboss.shrinkwrap.api.Archive;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-import org.junit.Rule;
-import org.junit.AfterClass;
-import org.junit.rules.TestWatcher;
-
-
-@RunWith(Arquillian.class)
-public class AppSecurityContextAuthIT extends ArquillianBase {
-
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- @Rule
- public TestWatcher reportWatcher=new ReportWatcher(stat, "Security::soteria::AppSecurityContextServlet");
-
- @AfterClass
- public static void printSummary(){
- stat.printSummary();
- }
-
- @Deployment(testable = false)
- public static Archive<?> createDeployment() {
- return mavenWar();
- }
-
- @Test
- public void testAuthenticated() {
- assertDefaultAuthenticated(
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testAuthenticatedStatus() {
- assertTrue(
- readFromServer("/servlet?name=reza")
- .contains("Authenticated with status: SUCCESS"));
- }
-
- /**
- * The name "rezax" will cause the custom authentication provider
- * to throw an auth exception, which should ultimately result in
- * a SEND_FAILURE outcome from SecurityContext.authenticate.
- */
- @Test
- public void testAuthenticatedStatusException() {
- assertTrue(
- readFromServer("/servlet?name=rezax")
- .contains("Authenticated with status: SEND_FAILURE"));
- }
-
- /**
- * The name "unknown" will cause the custom authentication provider
- * to return SEND_FAILURE, which should ultimately result in
- * a SEND_FAILURE outcome from SecurityContext.authenticate as well.
- */
- @Test
- public void testAuthenticatedStatusFail() {
- assertTrue(
- readFromServer("/servlet?name=unknown")
- .contains("Authenticated with status: SEND_FAILURE"));
- }
-
- @Test
- public void testContextAuthenticated() {
- Assert.assertAuthenticated(
- "context",
- "reza",
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testContextIsCallerInRole(){
- Assert.assertAuthenticated(
- "context",
- "reza",
- readFromServer("/servlet?name=reza"), "foo", "bar");
- }
-
- @Test
- public void testContextAllCallers(){
- Assert.assertAuthenticatedRoles(
- "all roles",
- readFromServer("/servlet?name=reza"), "foo", "bar");
- }
-
- @Test
- public void testContextHasAccessToResource(){
- Assert.assertHasAccessToResource(
- "web",
- "reza",
- "/protectedServlet",
- readFromServer("/servlet?name=reza"));
- }
-
- @Test
- public void testNotAuthenticated() {
- assertDefaultNotAuthenticated(
- readFromServer("/servlet"));
- }
-
-
-
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/build.properties b/appserver/tests/appserv-tests/devtests/security/soteria/build.properties
deleted file mode 100644
index fabf1d0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/build.properties
+++ /dev/null
@@ -1,22 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security"/>
-<property name="sub-module" value="${module}-soteria"/>
-<property name="appname" value="${sub-module}"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/build.xml b/appserver/tests/appserv-tests/devtests/security/soteria/build.xml
deleted file mode 100644
index 6ad5c9c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/build.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "./../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "./../../../config/common.xml">
-<!ENTITY commonRun SYSTEM "./../../../config/run.xml">
-<!ENTITY testProperties SYSTEM "./build.properties">
-<!ENTITY commonSecurity SYSTEM "./../common.xml">
-]>
-
-
-<project name="jsr375R" basedir="." default="usage" xmlns:artifact="antlib:org.apache.maven.artifact.ant">
-
- &commonSetup;
- &commonBuild;
- &commonRun;
- &testProperties;
- &commonSecurity;
- <property environment="env"/>
- <get src="https://repo1.maven.org/maven2/org/apache/maven/maven-ant-tasks/2.1.3/maven-ant-tasks-2.1.3.jar" dest="${env.APS_HOME}/lib/maven-ant-tasks-2.1.3.jar"/>
- <path id="maven-ant-tasks.classpath" path="${env.APS_HOME}/lib/maven-ant-tasks-2.1.3.jar" />
- <typedef resource="org/apache/maven/artifact/ant/antlib.xml"
- uri="antlib:org.apache.maven.artifact.ant"
- classpathref="maven-ant-tasks.classpath" />
- <target name="all" depends="runMaven"/>
- <target name="runMaven">
- <artifact:mvn mavenHome="${env.M2_HOME}" fork="true">
- <jvmarg value="-Dmaven.multiModuleProjectDirectory"/>
- <jvmarg value="-Dmaven.javadoc.skip=true" />
- <arg value="clean"/>
- <arg value="verify"/>
- </artifact:mvn>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/common/pom.xml
deleted file mode 100644
index eafc6df..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/pom.xml
+++ /dev/null
@@ -1,50 +0,0 @@
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- </parent>
-
- <artifactId>common</artifactId>
-
- <packaging>jar</packaging>
-
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>4.13.2</version>
- </dependency>
- <dependency>
- <groupId>org.jboss.arquillian.junit</groupId>
- <artifactId>arquillian-junit-container</artifactId>
- </dependency>
-
- <dependency>
- <groupId>net.sourceforge.htmlunit</groupId>
- <artifactId>htmlunit</artifactId>
- <version>2.29</version>
- </dependency>
- </dependencies>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ArquillianBase.java b/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ArquillianBase.java
deleted file mode 100644
index 25724da..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ArquillianBase.java
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.util.logging.Level.SEVERE;
-import static org.apache.http.HttpStatus.SC_MULTIPLE_CHOICES;
-import static org.apache.http.HttpStatus.SC_OK;
-
-import java.io.IOException;
-import java.net.URL;
-import java.util.logging.Logger;
-
-import org.jboss.arquillian.test.api.ArquillianResource;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.rules.TestWatcher;
-import org.junit.runner.Description;
-
-import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
-import com.gargoylesoftware.htmlunit.Page;
-import com.gargoylesoftware.htmlunit.WebClient;
-import com.gargoylesoftware.htmlunit.WebResponse;
-
-public class ArquillianBase {
-
- private static final Logger logger = Logger.getLogger(ArquillianBase.class.getName());
-
- private WebClient webClient;
- private String response;
-
- @ArquillianResource
- private URL base;
-
- @Rule
- public TestWatcher ruleExample = new TestWatcher() {
- @Override
- protected void failed(Throwable e, Description description) {
- super.failed(e, description);
-
- logger.log(SEVERE,
- "\n\nTest failed: " +
- description.getClassName() + "." + description.getMethodName() +
-
- "\nMessage: " + e.getMessage() +
-
- "\nLast response: " +
-
- "\n\n" + response + "\n\n");
-
- }
- };
-
- @Before
- public void setUp() {
- response = null;
- webClient = new WebClient() {
-
- private static final long serialVersionUID = 1L;
-
- @Override
- public void printContentIfNecessary(WebResponse webResponse) {
- int statusCode = webResponse.getStatusCode();
- if (getOptions().getPrintContentOnFailingStatusCode() && !(statusCode >= SC_OK && statusCode < SC_MULTIPLE_CHOICES)) {
- logger.log(SEVERE, webResponse.getWebRequest().getUrl().toExternalForm());
- }
- super.printContentIfNecessary(webResponse);
- }
- };
- webClient.getOptions().setThrowExceptionOnFailingStatusCode(false);
- }
-
- @After
- public void tearDown() {
- webClient.getCookieManager().clearCookies();
- webClient.close();
- }
-
- protected String readFromServer(String path) {
- response = "";
- WebResponse localResponse = responseFromServer(path);
- if (localResponse != null) {
- response = localResponse.getContentAsString();
- }
-
- return response;
- }
-
- protected WebResponse responseFromServer(String path) {
-
- WebResponse webResponse = null;
-
- Page page = pageFromServer(path);
- if (page != null) {
- webResponse = page.getWebResponse();
- if (webResponse != null) {
- response = webResponse.getContentAsString();
- }
- }
-
- return webResponse;
- }
-
- protected <P extends Page> P pageFromServer(String path) {
-
- if (base.toString().endsWith("/") && path.startsWith("/")) {
- path = path.substring(1);
- }
-
- try {
- response = "";
-
- P page = webClient.getPage(base + path);
-
- if (page != null) {
- WebResponse localResponse = page.getWebResponse();
- if (localResponse != null) {
- response = localResponse.getContentAsString();
- }
- }
-
- return page;
-
- } catch (FailingHttpStatusCodeException | IOException e) {
- throw new IllegalStateException(e);
- }
- }
-
- protected WebClient getWebClient() {
- return webClient;
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/Assert.java b/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/Assert.java
deleted file mode 100644
index 0cdad6f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/Assert.java
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import java.util.ArrayList;
-import java.util.List;
-import com.gargoylesoftware.htmlunit.WebResponse;
-
-public final class Assert {
-
- public static void assertDefaultAuthenticated(String response) {
- assertAuthenticated("web", "reza", response, "foo", "bar");
- }
-
- public static void assertDefaultAuthenticated(WebResponse response) {
- assertNotNull(response);
- assertEquals(200, response.getStatusCode());
- assertAuthenticated("web", "reza", response.getContentAsString(), "foo", "bar");
- }
-
- public static void assertDefaultNotAuthenticated(String response) {
- assertNotAuthenticated("web", "reza", response, "foo", "bar");
- }
-
- public static void assertDefaultNotAuthenticated(WebResponse response) {
- assertNotNull(response);
- assertEquals(401, response.getStatusCode());
- assertNotAuthenticated("web", "reza", response.getContentAsString(), "foo", "bar");
- }
-
- public static void assertDefaultNotAuthenticatedUnprotected(WebResponse response) {
- assertNotNull(response);
- assertEquals(200, response.getStatusCode());
- assertNotAuthenticatedUnprotected("web", "null", response.getContentAsString(), new ArrayList<String>());
- }
-
- public static void assertNotAuthenticatedError(WebResponse response) {
- assertNotNull(response);
- assertEquals(500, response.getStatusCode());
- }
-
- public static void assertApplicationPrincipalAndContainerPrincipalName(WebResponse response) {
- assertNotNull(response);
- assertEquals(200, response.getStatusCode());
- assertApplicationPrincipalAndContainerPrincipalSubject("reza", "foo", response
- .getContentAsString());
- }
-
- public static void assertBundledHAMPrecedenceOverLoginConfig(WebResponse response) {
- assertNotNull(response);
- assertEquals(200, response.getStatusCode());
- assertBundledHAMPrecedenceOverLoginConfig("reza", "foo", response
- .getContentAsString());
- }
-
- public static void assertBothContainerAndApplicationPrincipalsAreSame(WebResponse response) {
- assertNotNull(response);
- assertEquals(200, response.getStatusCode());
- assertBothContainerAndApplicationPrincipalsAreSame("reza", "foo", response
- .getContentAsString());
- }
-
- public static void assertAuthenticated(String userType, String name, String response, String... roles) {
- assertTrue(
- "Should be authenticated as user " + name + " but was not \n Response: \n" +
- response + "\n search: " + userType + " username: " + name,
- response.contains(userType + " username: " + name));
-
- for (String role : roles) {
- assertTrue(
- "Authenticated user should have role \"" + role + "\", but did not \n Response: \n" +
- response,
- response.contains(userType + " user has role \"" + role + "\": true"));
- }
- }
-
- public static void assertNotAuthenticated(String userType, String name, String response, String... roles) {
- assertFalse(
- "Should not be authenticated as user " + name + " but was \n Response: \n" +
- response + "\n search: " + userType + " username: " + name,
- response.contains(userType + " username: " + name));
-
- for (String role : roles) {
- assertFalse(
- "Authenticated user should not have role \"" + role + "\", but did \n Response: \n" +
- response,
- response.contains(userType + " user has role \"" + role + "\": true"));
- }
- }
-
- public static void assertAuthenticatedRoles(String userType, String response, String... roles) {
- for (String role : roles) {
- assertTrue(
- "Authenticated user should have role \"" + role + "\", but did not \n Response: \n" +
- response,
- response.contains(userType + " has role \"" + role + "\": true"));
- }
- }
-
- public static void assertNotAuthenticatedRoles(String userType, String name, String response, String... roles) {
-
- for (String role : roles) {
- assertFalse(
- "Authenticated user should not have role \"" + role + "\", but did \n Response: \n" +
- response,
- response.contains(userType + " has role \"" + role + "\": true"));
- }
- }
- public static void assertNotAuthenticatedUnprotected(String userType, String name, String response, List<String> roles) {
- assertTrue(
- "Should not be authenticated as user " + name + " but was \n Response: \n" +
- response + "\n search: " + userType + " username: " + name,
- response.contains(userType + " username: " + name));
-
- for (String role : roles) {
- assertFalse(
- "Authenticated user should not have role \"" + role + "\", but did \n Response: \n" +
- response,
- response.contains(userType + " user has role \"" + role + "\": true"));
- }
- }
-
- public static void assertHasAccessToResource(String userType, String name, String resource, String response) {
- assertTrue(
- "user " + name + " should have access to resource "+ resource +" but was not \n Response: \n" +
- response,
- response.contains(userType + " user has access to " + resource + ": true"));
- }
-
- public static void assertNotHasAccessToResource(String userType, String name, String resource, String response) {
- assertFalse(
- "user " + name + " should have access to resource "+ resource +" but was not \n Response: \n" +
- response,
- response.contains(userType + " user has access to " + resource + ": true"));
- }
-
- public static void assertBundledHAMPrecedenceOverLoginConfig(String name, String role, String response) {
- assertTrue(
- "For " + name + " authentication should have been performed by TestAuthenticationMechanism, but wasn't. \n" +
- "+ Response: \n" +
- response,
- response.contains(String.format("Authentication Mechanism:TestAuthenticationMechanism")));
- }
-
- public static void assertApplicationPrincipalAndContainerPrincipalSubject(String name, String role, String response) {
- assertTrue(
- "Both application principal's and container principal's name should have been same as "
- + " but was not. \n Response: \n" +
- response,
- response.contains(String.format("Container caller principal and application caller principal both are " +
- "represented by same principal for user %s and is in role %s", name, role)));
- }
-
- public static void assertBothContainerAndApplicationPrincipalsAreSame(String name, String role, String response) {
- assertTrue(
- "For user " + name + " both container caller principal and application caller principal should have been same, " +
- "but " +
- "wasn't. \n" +
- "+ Response: \n" +
- response,
- response.contains(String.format("Both container caller principal and application caller principals are one and " +
- "the same for user %s in role %s",
- name, role)));
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ReportWatcher.java b/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ReportWatcher.java
deleted file mode 100644
index 6398064..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ReportWatcher.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import org.junit.rules.TestWatcher;
-import org.junit.runner.Description;
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-public class ReportWatcher extends TestWatcher{
-
- private SimpleReporterAdapter stat;
- private String testId;
-
- public ReportWatcher(SimpleReporterAdapter stat, String testId) {
- this.stat=stat;
- this.testId=testId;
- }
-
- @Override
- protected void starting(Description description){
- stat.addDescription(testId + " " + description.getMethodName());
- }
-
- @Override
- protected void failed(Throwable e, Description description) {
- stat.addStatus(testId + " " + description.getMethodName() , stat.FAIL);
- }
-
- @Override
- protected void succeeded(Description description) {
- stat.addStatus(testId + " " + description.getMethodName() , stat.PASS);
- }
-
- protected void printSummary(){
- stat.printSummary();
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ShrinkWrap.java b/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ShrinkWrap.java
deleted file mode 100644
index 01757f1..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/java/org/glassfish/soteria/test/ShrinkWrap.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package org.glassfish.soteria.test;
-
-import static java.lang.System.getProperty;
-import static org.jboss.shrinkwrap.api.ShrinkWrap.create;
-
-import java.io.File;
-
-import org.jboss.shrinkwrap.api.importer.ZipImporter;
-import org.jboss.shrinkwrap.api.spec.WebArchive;
-
-public class ShrinkWrap {
-
- public static WebArchive mavenWar() {
- return
- create(ZipImporter.class, getProperty("finalName") + ".war")
- .importFrom(new File("target/" + getProperty("finalName") + ".war"))
- .as(WebArchive.class);
- }
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/resources/server.xml b/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/resources/server.xml
deleted file mode 100644
index dad2bcd..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/common/src/main/resources/server.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<server description="new server">
-
- <featureManager>
- <feature>javaee-7.0</feature>
- <feature>localConnector-1.0</feature>
- </featureManager>
-
- <httpEndpoint httpPort="9080" httpsPort="9443" id="defaultHttpEndpoint"/>
-
- <applicationManager autoExpand="true"/>
-
-</server>
diff --git a/appserver/tests/appserv-tests/devtests/security/soteria/pom.xml b/appserver/tests/appserv-tests/devtests/security/soteria/pom.xml
deleted file mode 100644
index 56512ed..0000000
--- a/appserver/tests/appserv-tests/devtests/security/soteria/pom.xml
+++ /dev/null
@@ -1,136 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2021 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.glassfish.soteria.test</groupId>
- <artifactId>soteria</artifactId>
- <version>6.2.6-SNAPSHOT</version>
- <packaging>pom</packaging>
-
- <name>Soteria ${project.version} Integration tests and examples</name>
-
- <properties>
- <glassfish.version>5.0</glassfish.version>
- <maven.compiler.source>1.8</maven.compiler.source>
- <maven.compiler.target>1.8</maven.compiler.target>
- </properties>
-
- <modules>
- <module>common</module>
- <module>app-mem-basic</module>
- <module>app-custom</module>
- <module>app-custom-session</module>
- <module>app-custom-rememberme</module>
- <module>app-securitycontext-auth</module>
- <module>app-securitycontext-auth-ejb</module>
- <module>app-double-ham</module>
- <module>app-ham-ordering</module>
-<!-- <module>app-db</module> -->
- <module>app-custom-identity-store-handler</module>
- <module>app-multiple-store</module>
- <module>app-multiple-store-backup</module>
- <module>app-no-role-mapping</module>
- <module>app-bundled-ham-basic-login-config-form</module>
- <module>app-caller-principal</module>
- <module>app-no-application-caller-principal</module>
- </modules>
-
- <dependencyManagement>
- <dependencies>
- <dependency>
- <groupId>org.jboss.arquillian</groupId>
- <artifactId>arquillian-bom</artifactId>
- <version>1.3.0.Final</version>
- <scope>import</scope>
- <type>pom</type>
- </dependency>
- <dependency>
- <groupId>com.unboundid</groupId>
- <artifactId>unboundid-ldapsdk</artifactId>
- <version>4.0.4</version>
- </dependency>
- </dependencies>
- </dependencyManagement>
-
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>4.13.2</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>javax</groupId>
- <artifactId>javaee-api</artifactId>
- <version>7.0</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>javax.security.enterprise</groupId>
- <artifactId>javax.security.enterprise-api</artifactId>
- <version>1.0</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.glassfish.soteria</groupId>
- <artifactId>javax.security.enterprise</artifactId>
- <version>1.0</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.jboss.arquillian.container</groupId>
- <artifactId>arquillian-glassfish-remote-3.1</artifactId>
- <version>1.0.2</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.sun.ejte.ccl.reporter</groupId>
- <artifactId>SimpleReporterAdapter</artifactId>
- <version>1.0</version>
- <scope>system</scope>
- <systemPath>${APS_HOME}/lib/reporter.jar</systemPath>
- </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <artifactId>maven-failsafe-plugin</artifactId>
- <version>2.20</version>
- <executions>
- <execution>
- <goals>
- <goal>integration-test</goal>
- <goal>verify</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <systemPropertyVariables>
- <finalName>${project.build.finalName}</finalName>
- </systemPropertyVariables>
- <environmentVariables>
- <GLASSFISH_HOME>${env.S1AS_HOME}/..</GLASSFISH_HOME>
- </environmentVariables>
- </configuration>
- </plugin>
- </plugins>
- </build>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/uncovered-http-methods/client/Client.java b/appserver/tests/appserv-tests/devtests/security/uncovered-http-methods/client/Client.java
index 75dd7ae..fa33889 100644
--- a/appserver/tests/appserv-tests/devtests/security/uncovered-http-methods/client/Client.java
+++ b/appserver/tests/appserv-tests/devtests/security/uncovered-http-methods/client/Client.java
@@ -18,6 +18,7 @@
import java.net.*;
import java.io.*;
+import java.util.Base64;
import java.util.Enumeration;
import java.util.Hashtable;
@@ -404,7 +405,7 @@
if ((user != null) && (user.length() > 0)) {
// Add BASIC header for authentication
String auth = user + ":" + password;
- String authEncoded = new sun.misc.BASE64Encoder().encode(auth.getBytes());
+ String authEncoded = Base64.getEncoder().encodeToString(auth.getBytes());
c1.setRequestProperty("Authorization", "Basic " + authEncoded);
}
c1.setUseCaches(false);
diff --git a/appserver/tests/appserv-tests/devtests/security/weblogic-dd/client/TestRoleAssignments.java b/appserver/tests/appserv-tests/devtests/security/weblogic-dd/client/TestRoleAssignments.java
index 48a0c30..92d5c56 100644
--- a/appserver/tests/appserv-tests/devtests/security/weblogic-dd/client/TestRoleAssignments.java
+++ b/appserver/tests/appserv-tests/devtests/security/weblogic-dd/client/TestRoleAssignments.java
@@ -19,7 +19,9 @@
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
-import sun.misc.BASE64Encoder;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.util.Base64.Encoder;
class TestRoleAssignment {
@@ -45,14 +47,12 @@
URL u = new URL(url);
URLConnection uconn = u.openConnection();
- String up = username + ":" + password;
- BASE64Encoder be = new BASE64Encoder();
- up = be.encode(up.getBytes());
+ up = Base64.getEncoder().encodeToString((username + ":" + password).getBytes(StandardCharsets.UTF_8));
uconn.setRequestProperty("authorization", "Basic " + up);
- BufferedReader reader = new BufferedReader(new InputStreamReader(
- uconn.getInputStream()));
- while (reader.readLine() != null) {
+ try (BufferedReader reader = new BufferedReader(new InputStreamReader(uconn.getInputStream()))) {
+ while (reader.readLine() != null) {
+ }
}
} catch (Exception e) {
e.printStackTrace();
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/build.xml
index 0c37194..50458b1 100644
--- a/appserver/tests/appserv-tests/devtests/security/wss/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/wss/build.xml
@@ -33,17 +33,7 @@
<target name="all">
<record name="security-wss.output" action="start" />
-
- <ant dir="encThenSign-default-conf" target="all"/>
- <ant dir="permethod" target="all"/>
-
- <!-- JWS 2.0 -->
<ant dir="gartner" target="all"/>
-<!-- <ant dir="roles" target="all"/> --> <!-- AppClient environment: not authorized for invocation -->
-<!-- <ant dir="roles2" target="all"/> -->
-<!-- <ant dir="ssl" target="all"/>-->
-<!-- <ant dir="sslclientcert" target="all"/>-->
-
<record name="security-wss.output" action="stop" />
</target>
</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/README b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/README
deleted file mode 100644
index 068303a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/README
+++ /dev/null
@@ -1,35 +0,0 @@
-A Simple WSS test. It is a simple servlet based webservice. Runs on j2sdk1.4.2
-It performs the following:
-1. Signs then Encrypts the message. (aka before-content)
-2. It is setup manually for now. To set up do the following:
- Domain.xml
- <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="ClientProvider" provider-type="client">
- <request-policy auth-recipient="before-content" auth-source="content"/>
- <response-policy auth-recipient="after-content" auth-source="content"/>
- <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config.xml"/>
- </provider-config>
- <provider-config class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-id="ServerProvider" provider-type="server">
- <request-policy auth-recipient="before-content" auth-source="content"/>
- <response-policy auth-recipient="after-content" auth-source="content"/>
- <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config.xml"/>
- </provider-config>
-
- sun-acc.xml
-
- <message-security-config auth-layer="SOAP" default-client-provider="ClientProvider">
- <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="ClientProvider" provider-type="client">
- <request-policy auth-source="content" auth-recipient="before-content"/>
- <response-policy auth-source="content" auth-recipient="after-content"/>
- <property name="security.config" value="/export/local/hsingh/SUNWappserver.ssl/lib/appclient/wss-client-config.xml"/>
- </provider-config>
-
-3. setup bouncy-castle provider
- Copy bouncy castle to jre/lib/ext directory
- java.security
- security.provider.1=sun.security.provider.Sun
- security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
- security.provider.3=com.sun.net.ssl.internal.ssl.Provider
- security.provider.4=com.sun.rsajca.Provider
- security.provider.5=com.sun.crypto.provider.SunJCE
- security.provider.6=sun.security.jgss.SunProvider
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/build.xml
deleted file mode 100644
index ae138e8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/build.xml
+++ /dev/null
@@ -1,188 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:../../../../config/common.xml">
-<!ENTITY commonRun SYSTEM "file:../../../../config/run.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-]>
-
-
-<project name="wss-encryptThenSign-default" default="usage" basedir=".">
- &commonSetup;
- &commonBuild;
- &commonSecurity;
- &commonRun;
-
- <property name="ws-target" value="all"/>
-
-<!-- ======== Targets by execution granularity ========== -->
- <target name="all">
- <antcall target="setup"/>
- <antcall target="runwstargets">
- <param name="ws-target" value="all"/>
- </antcall>
- <antcall target="unsetup"/>
- </target>
-
- <target name="run-test">
- <antcall target="runwstargets">
- <param name="ws-target" value="run-test"/>
- </antcall>
- </target>
-
- <target name="clean">
- <antcall target="runwstargets">
- <param name="ws-target" value="clean"/>
- </antcall>
- </target>
-
- <target name="build">
- <antcall target="runwstargets">
- <param name="ws-target" value="build"/>
- </antcall>
- </target>
-
- <target name="deploy">
- <antcall target="runwstargets">
- <param name="ws-target" value="deploy"/>
- </antcall>
- </target>
-
- <target name="undeploy">
- <antcall target="runwstargets">
- <param name="ws-target" value="undeploy"/>
- </antcall>
- </target>
-
- <target name="run">
- <antcall target="runwstargets">
- <param name="ws-target" value="run"/>
- </antcall>
- </target>
-
- <target name="setup" depends="init-common">
- <!-- exports certdb stuff and imports into keystore -->
- <antcall target="prepare-store-nickname-common">
- <param name="cert.nickname" value="s1as"/>
- </antcall>
- <antcall target="enable-wss-message-security-provider">
- <param name="wss.server.provider.name" value="ServerProvider"/>
- <param name="wss.client.provider.name" value="ClientProvider"/>
- </antcall>
-
- <antcall target="set-wss-provider-request-auth-recipient">
- <param name="wss.provider.name" value="ServerProvider"/>
- <param name="request.auth.recipient" value="before-content"/>
- </antcall>
- <antcall target="set-wss-provider-response-auth-recipient">
- <param name="wss.provider.name" value="ServerProvider"/>
- <param name="response.auth.recipient" value="after-content"/>
- </antcall>
- <antcall target="set-wss-provider-request-auth-recipient">
- <param name="wss.provider.name" value="ClientProvider"/>
- <param name="request.auth.recipient" value="before-content"/>
- </antcall>
- <antcall target="set-wss-provider-response-auth-recipient">
- <param name="wss.provider.name" value="ClientProvider"/>
- <param name="response.auth.recipient" value="after-content"/>
- </antcall>
-
- <antcall target="backup-glassfish-acc.xml"/>
- <antcall target="enable-wss-appclient-message-security-provider">
- <param name="wss.client.provider.name" value="ClientProvider"/>
- </antcall>
- <antcall target="set-wss-appclient-request-recipient">
- <param name="request.auth.recipient" value="before-content"/>
- </antcall>
- <antcall target="set-wss-appclient-response-recipient">
- <param name="response.auth.recipient" value="after-content"/>
- </antcall>
- <antcall target="restart-server-instance-common" />
- </target>
-
- <target name="unsetup" depends="init-common" >
- <antcall target="set-wss-provider-request-auth-recipient">
- <param name="wss.provider.name" value="ServerProvider"/>
- <param name="request.auth.recipient" value=""/>
- </antcall>
- <antcall target="set-wss-provider-response-auth-recipient">
- <param name="wss.provider.name" value="ServerProvider"/>
- <param name="response.auth.recipient" value=""/>
- </antcall>
- <antcall target="set-wss-provider-request-auth-recipient">
- <param name="wss.provider.name" value="ClientProvider"/>
- <param name="request.auth.recipient" value=""/>
- </antcall>
- <antcall target="set-wss-provider-response-auth-recipient">
- <param name="wss.provider.name" value="ClientProvider"/>
- <param name="response.auth.recipient" value=""/>
- </antcall>
- <antcall target="disable-wss-message-security-provider"/>
- <antcall target="disable-wss-appclient-message-security-provider">
- <param name="wss.client.provider.name" value="ClientProvider"/>
- </antcall>
- <antcall target="unset-wss-appclient-request-recipient">
- <param name="request.auth.recipient" value="before-content"/>
- </antcall>
- <antcall target="unset-wss-appclient-response-recipient">
- <param name="response.auth.recipient" value="after-content"/>
- </antcall>
- <antcall target="restart-server-instance-common" />
- </target>
-
-
- <target name="runwstargets">
- <antcall target="servletws"/>
- </target>
-
-<!-- ======== Targets by technology ========== -->
-
- <target name="servletws">
- <record name="security-wss.output" action="start" />
- <ant dir="servletws" target="${ws-target}"/>
- <record name="security-wss.output" action="stop" />
- </target>
- <target name="usage">
- <echo> Usage:
- ======== Targets by execution granularity =========
-
- ant clean (Cleans all ws tests)
- ant build (builds all ws tests)
- ant setup (setup all required resources)
- ant deploy (deploy all test apps)
- ant run (Executes all tests)
- ant undeploy (undeploy all test apps)
- ant unsetup (remove all set resources)
-
- ======== Targets by technology =========
-
- ant servletws (Executes the servletws tests)
- ant all (Executes all the ws tests)
-
- ===== Targets by technoloy and execution granularity ======
- Note: Run the command of the following type:
-
- % ant servletws -Dws-target=clean
-
- to run the 'clean' target for 'servletws' tests
- </echo>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/README b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/README
deleted file mode 100644
index 07dbc73..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/README
+++ /dev/null
@@ -1,2 +0,0 @@
-Run ant all from the above directory.
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.properties
deleted file mode 100644
index 082c99c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.properties
+++ /dev/null
@@ -1,42 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="ws"/>
-<property name="appname" value="${module}-taxcal"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client" value="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.client.TaxCalClient"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="application-client.xml" value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml" value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
-<property name="wsdl-file" value="wsdl/TaxCalServletService.wsdl"/>
-<property name="client-mapping.xml" value="TaxCalClientMapping.xml"/>
-<property name="wsdlfile.location" value="wsdl"/>
-
-<!--- servlet based endpoint params -->
-<!--property name="mappingfile.location" value=""/-->
-<property name="web-mapping.xml" value="TaxCalServletMapping.xml"/>
-<property name="sun-web.xml" value="descriptor/sun-web.xml"/>
-<property name="web.xml" value="descriptor/web.xml"/>
-<property name="web-webservices.xml" value="descriptor/webservices.xml"/>
-<property name="wsdlfile.name" value="TaxCalServletService.wsdl"/>
-<property name="wsdlfile.location" value="wsdl"/>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.xml
deleted file mode 100644
index 7d699c6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/build.xml
+++ /dev/null
@@ -1,204 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="SbMdbApp" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all"
- depends="clean, build, setup, deploy, run, undeploy, unsetup"/>
-
- <target name="run-test"
- depends="clean, build, deploy, run, undeploy"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup"/>
-
- <target name="unsetup"/>
-
- <target name="compile" depends="init-common,clean-common, generate-artifacts">
- <antcall target="compile-common">
- <param name="src" value="client"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="web"/>
- </antcall>
- </target>
-
- <target name="generate-artifacts">
- <echo message=" Client Mapping file : ${client-mapping.xml}"/>
- <antcall target="import-wsdl">
- <param name="mapping.file"
- value="${client-mapping.xml}"/>
- <param name="config-wsdl.file"
- value="config/config-client.xml"/>
- </antcall>
- <echo message="Web Mapping File : ${web-mapping.xml}"/>
- <antcall target="import-wsdl">
- <param name="mapping.file"
- value="${web-mapping.xml}"/>
- <param name="config-wsdl.file"
- value="config/config-web.xml"/>
- </antcall>
- </target>
- <target name="ws-package-appclientjar-common">
- <mkdir dir="${assemble.dir}"/>
- <delete file="${appclient.jar}" failonerror="false"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
- <copy file="${application-client.xml}"
- tofile="${build.classes.dir}/META-INF/application-client.xml"/>
- <copy file="${wsdl-file}"
- tofile="${build.classes.dir}/META-INF/${wsdl-file}"/>
- <jar jarfile="${appclient.jar}" basedir="${appclientjar.files}"
- update="true" includes="${appclientjar.classes}"
- manifest="./client/MANIFEST.MF">
-
- <fileset dir="${build.classes.dir}" includes="${client-mapping.xml}"/>
- <metainf dir="${build.classes.dir}/META-INF">
- <include name="application-client.xml"/>
- <include name="${wsdl-file}"/>
- </metainf>
- </jar>
- <delete dir="${build.classes.dir}/META-INF" failonerror="false"/>
- </target>
- <target name="ws-package-war-common">
- <echo message="my build classes dir is:${build.classes.dir}"/>
- <delete file="${war.file}"/>
- <mkdir dir="${build.classes.dir}/tmp"/>
- <mkdir dir="${build.classes.dir}/tmp/WEB-INF"/>
- <mkdir dir="${build.classes.dir}/tmp/WEB-INF/classes"/>
- <copy file="${webservices.xml}"
- tofile="${build.classes.dir}/tmp/WEB-INF/webservices.xml"
- failonerror="false"/>
- <copy file="${mappingfile.location}/${mappingfile.name}"
- tofile="${build.classes.dir}/tmp/${mappingfile.name}"
- failonerror="false"/>
- <copy file="${wsdlfile.location}/${wsdlfile.name}"
- tofile="${build.classes.dir}/tmp/WEB-INF/wsdl/${wsdlfile.name}"
- failonerror="false"/>
- <copy file="${web.xml}"
- tofile="${build.classes.dir}/tmp/WEB-INF/web.xml"/>
- <copy todir="${build.classes.dir}/tmp/WEB-INF/classes">
- <fileset dir="${build.classes.dir}">
- <include name="${war.classes}"/>
- </fileset>
- </copy>
- <echo message="Creating war file ${war.file}"/>
- <jar jarfile="${war.file}" update="true">
- <fileset dir="${build.classes.dir}/tmp" casesensitive="yes">
- <include name="**/*class*"/>
- </fileset>
- <fileset dir="${basedir}/web" casesensitive="yes">
- <include name="**/*.html"/>
- <include name="**/*.jsp"/>
- <include name="**/*.gif"/>
- <include name="**/*.do"/>
- <exclude name="**/*.java,**/*.xml,**/*.properties"/>
- </fileset>
- <fileset dir="${build.classes.dir}/tmp/" casesensitive="true">
- <include name="WEB-INF/web.xml"/>
- <include name="WEB-INF/webservices.xml"/>
- <include name="WEB-INF/wsdl/${wsdlfile.name}"/>
- <include name="${mappingfile.name}"/>
- </fileset>
- </jar>
- <echo message="created war file ${war.file}"/>
- <delete dir="${build.classes.dir}/tmp/WEB-INF" failonerror="false"/>
- <echo message="my webclient war classes are:${webclient.war.classes}"/>
- </target>
-
- <target name="build" depends="init-common,compile">
- <antcall target="ws-package-appclientjar-common">
- <param name="appclientjar.classes"
- value="com/sun/s1asdev/security/wss/defprovider/servlet/taxcal/client/*.class" />
- <param name="appclientjar.files"
- value="${build.classes.dir}"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- </antcall>
- <!--antcall target="ws-war-common"-->
- <antcall target="ws-package-war-common">
- <param name="war.file" value="${assemble.dir}/${appname}-web.war"/>
- <param name="war.classes"
- value="com/sun/s1asdev/security/wss/defprovider/servlet/taxcal/*.class" />
- <param name="mappingfile.name"
- value="${web-mapping.xml}" />
- <param name="mappingfile.location"
- value="${build.classes.dir}"/>
- <param name="webservices.xml"
- value="${web-webservices.xml}" />
- </antcall>
- <antcall target="ear-common"/>
- </target>
-
- <target name="deploy"
- depends="init-common">
- <antcall target="deploy-common"/>
- </target>
-
- <target name="run" depends="init-common">
- <property name="VMARGS" value="-Djavax.net.ssl.keyStore=${mykeystore.db.file} -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.keyStorePassword=${ssl.password} -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <property name="statetax-endpoint-url"
- value="http://${http.host}:${http.port}/TaxCalWSServlet/statetaxservlet"/>
- <echo message="State Tax Endpoint URL = ${statetax-endpoint-url}"/>
- <property name="fedtax-endpoint-url"
- value="http://${http.host}:${http.port}/TaxCalWSServlet/fedtaxservlet"/>
- <echo message="Fed Tax Endpoint URL = ${fedtax-endpoint-url}"/>
- <echo message="VMARGS= ${VMARGS}"/>
- <exec executable="${APPCLIENT}">
- <env key="VMARGS" value="${VMARGS}"/>
- <arg value="-client" />
- <arg value="${assemble.dir}/${appname}AppClient.jar"/>
- <arg value="-textauth"/>
- <arg value="-user"/>
- <arg value="j2ee"/>
- <arg value="-password"/>
- <arg value="j2ee"/>
- <arg line="-xml ${admin.domain.dir}/${admin.domain}/config/glassfish-acc.xml"/>
- <arg line="${statetax-endpoint-url} ${fedtax-endpoint-url}"/>
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-
- <!--
- =======================================================
- User Defined specific targets
- =======================================================
- -->
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/MANIFEST.MF
deleted file mode 100644
index 8edeacc..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.client.TaxCalClient
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/TaxCalClient.java b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/TaxCalClient.java
deleted file mode 100644
index b9e1712..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/client/TaxCalClient.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Copyright (c) 2003, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.client;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-import javax.naming.*;
-import javax.xml.rpc.Stub;
-
-
-public class TaxCalClient {
-
- private static SimpleReporterAdapter stat = new SimpleReporterAdapter("appserv-tests");
- private static String stateTaxEndpoint = null;
- private static String fedTaxEndpoint = null;
- private static String testSuite = "Sec::Servlet_Based_WSS_test Encrypt then Sign";
- private static String testCase = null;
- private static TaxCalServletService taxCalService = null;
-
- public static void main (String[] args) {
-
- if(args[0] == null || args[1] == null){
- System.out.println("TaxCal client: Argument missing. Please provide target" +
- "endpoint address as argument");
- System.exit(1);
- } else {
- stateTaxEndpoint = args[0];
- fedTaxEndpoint = args[1];
- }
-
- stat.addDescription(testSuite);
- try {
- TaxCalClient client = new TaxCalClient();
- Context ic = new InitialContext();
- taxCalService = (TaxCalServletService)
- ic.lookup("java:comp/env/service/TaxCalServletService");
-
- client.callStateTaxService();
- client.callFedTaxService();
- stat.addStatus(testSuite, stat.PASS);
- }catch(Exception e){
- stat.addStatus(testSuite, stat.FAIL);
- e.printStackTrace();
- }
-
- stat.printSummary(testSuite);
- }
-
- public void callStateTaxService() {
- double income = 85000.00;
- double deductions = 5000.00;
-
- //String targetEndpointAddress =
- // "http://localhost:1024/taxcalculator";
-
- try {
-
- StateTaxIF taxCalIFPort = taxCalService.getStateTaxIFPort();
-
- ((Stub)taxCalIFPort)._setProperty (Stub.ENDPOINT_ADDRESS_PROPERTY,
- stateTaxEndpoint);
-
- double stateTax = taxCalIFPort.getStateTax(income, deductions);
- System.out.println("State tax from servlet based TaxCalService :" + stateTax);
-
- if(stateTax == 24000.00)
- stat.addStatus(testSuite + " StateTaxPort", stat.PASS);
- else
- stat.addStatus(testSuite + " StateTaxPort", stat.FAIL);
-
- } catch (Exception ex) {
- System.out.println("TaxCalEjbWebservice client failed");
- stat.addStatus(testSuite + " StateTaxPort", stat.FAIL);
- ex.printStackTrace();
- }
- }
-
- public void callFedTaxService() {
- double income = 97000.00;
- double deductions = 7000.00;
- try {
- //String targetEndpointAddress =
- //"http://localhost:1024/FindInterestServlet/FindInterest";
-
- FedTaxIF taxCalIFPort = taxCalService.getFedTaxIFPort();
- ((Stub)taxCalIFPort)._setProperty (Stub.ENDPOINT_ADDRESS_PROPERTY,
- fedTaxEndpoint);
-
- double fedTax = taxCalIFPort.getFedTax(income, deductions);
- System.out.println("Fed tax from Servlet based TaxCalService :" + fedTax);
-
- if(fedTax == 18000.00)
- stat.addStatus(testSuite + " FedTaxPort", stat.PASS);
- else
- stat.addStatus(testSuite + " FedTaxPort", stat.FAIL);
-
- } catch (Exception ex) {
- System.out.println("TaxCalServletWebService client failed");
- stat.addStatus(testSuite + " FedTaxPort", stat.FAIL);
- ex.printStackTrace();
- }
- }
-}
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-client.xml
deleted file mode 100644
index e998508..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-client.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <wsdl
- location="wsdl/TaxCalServletService.wsdl"
- packageName="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.client"/>
-</configuration>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-sei.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-sei.xml
deleted file mode 100644
index 7f875d3..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-sei.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <service name="TaxCalServletService"
- targetNamespace="http://tax.org/wsdl"
- typeNamespace="http://tax.org/types"
- packageName="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal">
- <interface name="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.FedTaxIF"
- servantName="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.FedTaxServlet"/>
- <interface name="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.StateTaxIF"
- servantName="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.StateTaxServlet">
- </interface>
- </service>
-</configuration>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-web.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-web.xml
deleted file mode 100644
index 4b01e8b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/config/config-web.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <wsdl
- location="wsdl/TaxCalServletService.wsdl"
- packageName="com.sun.s1asdev.security.wss.defprovider.servlet.taxcal"/>
-</configuration>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application-client.xml
deleted file mode 100644
index 5a6949f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application-client.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application-client version="1.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/application-client_1_4.xsd">
- <description>app client dd for taxcalculator</description>
- <display-name>ws-taxcalClient</display-name>
- <service-ref>
- <description>taxcal service ref</description>
- <service-ref-name>service/TaxCalServletService</service-ref-name>
- <service-interface>com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.client.TaxCalServletService</service-interface>
- <wsdl-file>META-INF/wsdl/TaxCalServletService.wsdl</wsdl-file>
- <jaxrpc-mapping-file>TaxCalClientMapping.xml</jaxrpc-mapping-file>
- </service-ref>
-</application-client>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application.xml
deleted file mode 100644
index c12a697..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/application.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN" "http://java.sun.com/dtd/application_1_3.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application>
- <display-name>TaxCalculatorApp</display-name>
- <module>
- <web>
- <web-uri>ws-taxcal-web.war</web-uri>
- <context-root>TaxCalWSServlet</context-root>
- </web>
- </module>
- <module>
- <java>ws-taxcal-client.jar</java>
- </module>
-</application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/web.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/web.xml
deleted file mode 100644
index fd88537..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/web.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
- <display-name>TaxCal ServletWS</display-name>
- <servlet>
- <servlet-name>StateTaxServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.StateTaxServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet>
- <servlet-name>FedTaxServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.FedTaxServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>StateTaxServlet</servlet-name>
- <url-pattern>/statetaxservlet</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>FedTaxServlet</servlet-name>
- <url-pattern>/fedtaxservlet</url-pattern>
- </servlet-mapping>
- <session-config>
- <session-timeout>54</session-timeout>
- </session-config>
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/webservices.xml b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/webservices.xml
deleted file mode 100644
index 1ed4f08..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/descriptor/webservices.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<webservices xmlns="http://java.sun.com/xml/ns/j2ee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
- http://www.ibm.com/webservices/xsd/j2ee_web_services_1_1.xsd"
- version="1.1">
- <description>desc</description>
- <webservice-description>
- <webservice-description-name>TaxCalculator Servlet</webservice-description-name>
- <wsdl-file>WEB-INF/wsdl/TaxCalServletService.wsdl</wsdl-file>
- <jaxrpc-mapping-file>TaxCalServletMapping.xml</jaxrpc-mapping-file>
- <port-component>
- <description>port component description</description>
- <port-component-name>StateTaxIFPort</port-component-name>
- <wsdl-port xmlns:taxns="http://tax.org/wsdl">taxns:StateTaxIFPort
- </wsdl-port>
- <service-endpoint-interface>com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.StateTaxIF
- </service-endpoint-interface>
- <service-impl-bean>
- <servlet-link>StateTaxServlet</servlet-link>
- </service-impl-bean>
- </port-component>
- <port-component>
- <description>port component description</description>
- <port-component-name>FedTaxIFPort</port-component-name>
- <wsdl-port xmlns:taxns="http://tax.org/wsdl">taxns:FedTaxIFPort
- </wsdl-port>
- <service-endpoint-interface>com.sun.s1asdev.security.wss.defprovider.servlet.taxcal.FedTaxIF
- </service-endpoint-interface>
- <service-impl-bean>
- <servlet-link>FedTaxServlet</servlet-link>
- </service-impl-bean>
- </port-component>
- </webservice-description>
-</webservices>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxIF.java b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxIF.java
deleted file mode 100644
index 282d888..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxIF.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.defprovider.servlet.taxcal;
-
-import java.rmi.RemoteException;
-import java.rmi.Remote;
-
-
-public interface FedTaxIF extends Remote{
-
- public double getFedTax(double income, double deductions) throws RemoteException;
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxServlet.java
deleted file mode 100644
index 1a7d117..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/FedTaxServlet.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2002, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.defprovider.servlet.taxcal;
-
-import java.util.Iterator;
-import java.net.URL;
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import java.io.Serializable;
-import java.rmi.RemoteException;
-import javax.naming.*;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.server.ServiceLifecycle;
-import javax.xml.namespace.QName;
-import jakarta.servlet.SingleThreadModel;
-
-public class FedTaxServlet implements
- SingleThreadModel, ServiceLifecycle {
-
- public FedTaxServlet() {
- System.out.println("FedTaxServlet() instantiated");
- }
-
- public void init(Object context) {
- System.out.println("Got ServiceLifecycle::init call " + context);
- }
-
- public void destroy() {
- System.out.println("Got ServiceLifecycle::destroy call");
- }
-
- public double getFedTax(double income, double deductions) {
- System.out.println("getStateTax invoked from servlet endpoint");
- return ((income - deductions) * 0.2);
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxIF.java b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxIF.java
deleted file mode 100644
index 5207a81..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxIF.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.defprovider.servlet.taxcal;
-
-import java.rmi.RemoteException;
-import java.rmi.Remote;
-
-
-public interface StateTaxIF extends Remote{
-
- public double getStateTax(double income, double deductions) throws RemoteException;
-
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxServlet.java
deleted file mode 100644
index d216b8b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/web/StateTaxServlet.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2002, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.defprovider.servlet.taxcal;
-
-import java.util.Iterator;
-import java.net.URL;
-import javax.xml.namespace.QName;
-import javax.xml.rpc.Call;
-import java.io.Serializable;
-import java.rmi.RemoteException;
-import javax.naming.*;
-import javax.xml.rpc.Service;
-import javax.xml.rpc.server.ServiceLifecycle;
-import javax.xml.namespace.QName;
-import jakarta.servlet.SingleThreadModel;
-
-public class StateTaxServlet implements
- SingleThreadModel, ServiceLifecycle {
-
- public StateTaxServlet() {
- System.out.println("StateTaxServlet() instantiated");
- }
-
- public void init(Object context) {
- System.out.println("Got ServiceLifecycle::init call " + context);
- }
-
- public void destroy() {
- System.out.println("Got ServiceLifecycle::destroy call");
- }
-
- public double getStateTax(double income, double deductions) {
- System.out.println("getStateTax invoked from servlet endpoint");
- return ((income - deductions) * 0.3);
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/wsdl/TaxCalServletService.wsdl b/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/wsdl/TaxCalServletService.wsdl
deleted file mode 100644
index 866c9d6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/encThenSign-default-conf/servletws/wsdl/TaxCalServletService.wsdl
+++ /dev/null
@@ -1,60 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<definitions name="TaxCalServletService" targetNamespace="http://tax.org/wsdl" xmlns:tns="http://tax.org/wsdl" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
- <types/>
- <message name="FedTaxIF_getFedTax">
- <part name="double_1" type="xsd:double"/>
- <part name="double_2" type="xsd:double"/></message>
- <message name="FedTaxIF_getFedTaxResponse">
- <part name="result" type="xsd:double"/></message>
- <message name="StateTaxIF_getStateTax">
- <part name="double_1" type="xsd:double"/>
- <part name="double_2" type="xsd:double"/></message>
- <message name="StateTaxIF_getStateTaxResponse">
- <part name="result" type="xsd:double"/></message>
- <portType name="FedTaxIF">
- <operation name="getFedTax" parameterOrder="double_1 double_2">
- <input message="tns:FedTaxIF_getFedTax"/>
- <output message="tns:FedTaxIF_getFedTaxResponse"/></operation></portType>
- <portType name="StateTaxIF">
- <operation name="getStateTax" parameterOrder="double_1 double_2">
- <input message="tns:StateTaxIF_getStateTax"/>
- <output message="tns:StateTaxIF_getStateTaxResponse"/></operation></portType>
- <binding name="FedTaxIFBinding" type="tns:FedTaxIF">
- <operation name="getFedTax">
- <input>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://tax.org/wsdl"/></input>
- <output>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://tax.org/wsdl"/></output>
- <soap:operation soapAction=""/></operation>
- <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="rpc"/></binding>
- <binding name="StateTaxIFBinding" type="tns:StateTaxIF">
- <operation name="getStateTax">
- <input>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://tax.org/wsdl"/></input>
- <output>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://tax.org/wsdl"/></output>
- <soap:operation soapAction=""/></operation>
- <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="rpc"/></binding>
- <service name="TaxCalServletService">
- <port name="FedTaxIFPort" binding="tns:FedTaxIFBinding">
- <soap:address location="REPLACE_WITH_ACTUAL_URL"/></port>
- <port name="StateTaxIFPort" binding="tns:StateTaxIFBinding">
- <soap:address location="REPLACE_WITH_ACTUAL_URL"/></port></service></definitions>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/gartner/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/gartner/build.xml
index aecdd5f..3ae27ac 100644
--- a/appserver/tests/appserv-tests/devtests/security/wss/gartner/build.xml
+++ b/appserver/tests/appserv-tests/devtests/security/wss/gartner/build.xml
@@ -89,7 +89,8 @@
</antcall>
<javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/ejbws:${build.classes.dir}/servletws/WEB-INF/classes:${build.classes.dir}/client" debug="on" failonerror="true"/>
+ classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/javaee.jar:${env.S1AS_HOME}/modules/webservices-osgi.jar:${build.classes.dir}/ejbws:${build.classes.dir}/servletws/WEB-INF/classes:${build.classes.dir}/client"
+ debug="on" failonerror="true"/>
</target>
<target name="build" depends="compile">
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/gartner/descriptor/sun-application-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/gartner/descriptor/sun-application-client.xml
index 7d16e8e..21251cc 100644
--- a/appserver/tests/appserv-tests/devtests/security/wss/gartner/descriptor/sun-application-client.xml
+++ b/appserver/tests/appserv-tests/devtests/security/wss/gartner/descriptor/sun-application-client.xml
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-application-client PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE
+<!DOCTYPE sun-application-client PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 Application Client 1.4//EN'
+ 'http://www.sun.com/software/sunone/appserver/dtds/sun-application-client_1_4-0.dtd'>
<!--
Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
@@ -18,8 +19,6 @@
-->
-Application Server 8.0 Application Client 1.4//EN' 'http://www.sun.com/software/
-sunone/appserver/dtds/sun-application-client_1_4-0.dtd'>
<sun-application-client>
<service-ref>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/build.xml
deleted file mode 100644
index 6a479b7..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/build.xml
+++ /dev/null
@@ -1,128 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:../../../../config/common.xml">
-<!ENTITY commonRun SYSTEM "file:../../../../config/run.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-]>
-
-
-<project name="wss-permethod" default="usage" basedir=".">
- &commonSetup;
- &commonBuild;
- &commonSecurity;
- &commonRun;
-
- <property name="ws-target" value="all"/>
-
-<!-- ======== Targets by execution granularity ========== -->
- <target name="all">
- <antcall target="setup"/>
- <antcall target="runwstargets">
- <param name="ws-target" value="all"/>
- </antcall>
- <antcall target="unsetup"/>
- </target>
-
- <target name="run-test">
- <antcall target="runwstargets">
- <param name="ws-target" value="run-test"/>
- </antcall>
- </target>
-
- <target name="clean">
- <antcall target="runwstargets">
- <param name="ws-target" value="clean"/>
- </antcall>
- </target>
-
- <target name="build">
- <antcall target="runwstargets">
- <param name="ws-target" value="build"/>
- </antcall>
- </target>
-
- <target name="deploy">
- <antcall target="runwstargets">
- <param name="ws-target" value="deploy"/>
- </antcall>
- </target>
-
- <target name="undeploy">
- <antcall target="runwstargets">
- <param name="ws-target" value="undeploy"/>
- </antcall>
- </target>
-
- <target name="run">
- <antcall target="runwstargets">
- <param name="ws-target" value="run"/>
- </antcall>
- </target>
-
- <target name="setup" depends="init-common">
- <!-- exports certdb stuff and imports into keystore -->
- <antcall target="prepare-store-nickname-common">
- <param name="cert.nickname" value="s1as"/>
- </antcall>
- </target>
-
- <target name="unsetup" depends="init-common" >
- </target>
-
-
- <target name="runwstargets">
- <antcall target="servletws"/>
- </target>
-
-<!-- ======== Targets by technology ========== -->
-
- <target name="servletws">
- <record name="security-wss.output" action="start" />
- <ant dir="servletws" target="${ws-target}"/>
- <record name="security-wss.output" action="stop" />
- </target>
- <target name="usage">
- <echo> Usage:
- ======== Targets by execution granularity =========
-
- ant clean (Cleans all ws tests)
- ant build (builds all ws tests)
- ant setup (setup all required resources)
- ant deploy (deploy all test apps)
- ant run (Executes all tests)
- ant undeploy (undeploy all test apps)
- ant unsetup (remove all set resources)
-
- ======== Targets by technology =========
-
- ant servletws (Executes the servletws tests)
- ant all (Executes all the ws tests)
-
- ===== Targets by technoloy and execution granularity ======
- Note: Run the command of the following type:
-
- % ant servletws -Dws-target=clean
-
- to run the 'clean' target for 'servletws' tests
- </echo>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.properties
deleted file mode 100644
index 79f306a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.properties
+++ /dev/null
@@ -1,42 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security-wss-permethod-servlet"/>
-<property name="appname" value="${module}"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client" value="com.sun.s1asdev.security.wss.permethod.servlet.client.Client"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="application-client.xml" value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml" value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
-<property name="wsdl-file" value="wsdl/HelloServletService.wsdl"/>
-<property name="client-mapping.xml" value="HelloClientMapping.xml"/>
-<property name="wsdlfile.location" value="wsdl"/>
-
-<!--- servlet based endpoint params -->
-<!--property name="mappingfile.location" value=""/-->
-<property name="web-mapping.xml" value="HelloServletMapping.xml"/>
-<property name="sun-web.xml" value="descriptor/sun-web.xml"/>
-<property name="web.xml" value="descriptor/web.xml"/>
-<property name="web-webservices.xml" value="descriptor/webservices.xml"/>
-<property name="wsdlfile.name" value="HelloServletService.wsdl"/>
-<property name="wsdlfile.location" value="wsdl"/>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.xml
deleted file mode 100644
index e182731..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/build.xml
+++ /dev/null
@@ -1,216 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="wss-permethod" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all"
- depends="clean, build, setup, deploy, run, undeploy, unsetup"/>
-
- <target name="run-test"
- depends="clean, build, deploy, run, undeploy"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup">
- <antcall target="create-user-common">
- <param name="user" value="j2ee"/>
- <param name="password" value="j2ee"/>
- <param name="groups" value="j2ee"/>
- </antcall>
- </target>
-
- <target name="unsetup">
- <antcall target="delete-user-common">
- <param name="user" value="j2ee"/>
- </antcall>
- </target>
-
- <target name="compile" depends="init-common,clean-common, generate-artifacts">
- <antcall target="compile-common">
- <param name="src" value="client"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="web"/>
- </antcall>
- </target>
-
- <target name="generate-artifacts">
- <echo message=" Client Mapping file : ${client-mapping.xml}"/>
- <antcall target="import-wsdl">
- <param name="mapping.file"
- value="${client-mapping.xml}"/>
- <param name="config-wsdl.file"
- value="config/config-client.xml"/>
- </antcall>
- <echo message="Web Mapping File : ${web-mapping.xml}"/>
- <antcall target="import-wsdl">
- <param name="mapping.file"
- value="${web-mapping.xml}"/>
- <param name="config-wsdl.file"
- value="config/config-web.xml"/>
- </antcall>
- </target>
- <target name="ws-package-appclientjar-common">
- <mkdir dir="${assemble.dir}"/>
- <delete file="${appclient.jar}" failonerror="false"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
- <copy file="${application-client.xml}"
- tofile="${build.classes.dir}/META-INF/application-client.xml"/>
- <copy file="${sun-application-client.xml}"
- tofile="${build.classes.dir}/META-INF/sun-application-client.xml"/>
- <copy file="${wsdl-file}"
- tofile="${build.classes.dir}/META-INF/${wsdl-file}"/>
- <jar jarfile="${appclient.jar}" basedir="${appclientjar.files}"
- update="true" includes="${appclientjar.classes}"
- manifest="./client/MANIFEST.MF">
-
- <fileset dir="${build.classes.dir}" includes="${client-mapping.xml}"/>
- <metainf dir="${build.classes.dir}/META-INF">
- <include name="application-client.xml"/>
- <include name="sun-application-client.xml"/>
- <include name="${wsdl-file}"/>
- </metainf>
- </jar>
- <delete dir="${build.classes.dir}/META-INF" failonerror="false"/>
- </target>
- <target name="ws-package-war-common">
- <echo message="my build classes dir is:${build.classes.dir}"/>
- <delete file="${war.file}"/>
- <mkdir dir="${build.classes.dir}/tmp"/>
- <mkdir dir="${build.classes.dir}/tmp/WEB-INF"/>
- <mkdir dir="${build.classes.dir}/tmp/WEB-INF/classes"/>
- <copy file="${sun-web.xml}"
- tofile="${build.classes.dir}/tmp/WEB-INF/sun-web.xml" failonerror="false"/>
- <copy file="${webservices.xml}"
- tofile="${build.classes.dir}/tmp/WEB-INF/webservices.xml"
- failonerror="false"/>
- <copy file="${mappingfile.location}/${mappingfile.name}"
- tofile="${build.classes.dir}/tmp/${mappingfile.name}"
- failonerror="false"/>
- <copy file="${wsdlfile.location}/${wsdlfile.name}"
- tofile="${build.classes.dir}/tmp/WEB-INF/wsdl/${wsdlfile.name}"
- failonerror="false"/>
- <copy file="${web.xml}"
- tofile="${build.classes.dir}/tmp/WEB-INF/web.xml"/>
- <copy todir="${build.classes.dir}/tmp/WEB-INF/classes">
- <fileset dir="${build.classes.dir}">
- <include name="${war.classes}"/>
- </fileset>
- </copy>
- <echo message="Creating war file ${war.file}"/>
- <jar jarfile="${war.file}" update="true">
- <fileset dir="${build.classes.dir}/tmp" casesensitive="yes">
- <include name="**/*class*"/>
- </fileset>
- <fileset dir="${basedir}/web" casesensitive="yes">
- <include name="**/*.html"/>
- <include name="**/*.jsp"/>
- <include name="**/*.gif"/>
- <include name="**/*.do"/>
- <exclude name="**/*.java,**/*.xml,**/*.properties"/>
- </fileset>
- <fileset dir="${build.classes.dir}/tmp/" casesensitive="true">
- <include name="WEB-INF/web.xml"/>
- <include name="WEB-INF/sun-web.xml"/>
- <include name="WEB-INF/webservices.xml"/>
- <include name="WEB-INF/wsdl/${wsdlfile.name}"/>
- <include name="${mappingfile.name}"/>
- </fileset>
- </jar>
- <echo message="created war file ${war.file}"/>
- <delete dir="${build.classes.dir}/tmp/WEB-INF" failonerror="false"/>
- <echo message="my webclient war classes are:${webclient.war.classes}"/>
- </target>
-
- <target name="build" depends="init-common,compile">
- <antcall target="ws-package-appclientjar-common">
- <param name="appclientjar.classes"
- value="com/sun/s1asdev/security/wss/permethod/servlet/client/*.class" />
- <param name="appclientjar.files"
- value="${build.classes.dir}"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- </antcall>
- <!--antcall target="ws-war-common"-->
- <antcall target="ws-package-war-common">
- <param name="war.file" value="${assemble.dir}/${appname}-web.war"/>
- <param name="war.classes"
- value="com/sun/s1asdev/security/wss/permethod/servlet/*.class" />
- <param name="mappingfile.name"
- value="${web-mapping.xml}" />
- <param name="mappingfile.location"
- value="${build.classes.dir}"/>
- <param name="webservices.xml"
- value="${web-webservices.xml}" />
- </antcall>
- <antcall target="ear-common"/>
- </target>
-
- <target name="deploy"
- depends="init-common">
- <antcall target="deploy-common"/>
- </target>
-
- <target name="run" depends="init-common">
- <property name="VMARGS" value="-Djavax.net.ssl.keyStore=${mykeystore.db.file} -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.keyStorePassword=${ssl.password} -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <property name="hello-endpoint-url"
- value="http://${http.host}:${http.port}/${appname}/helloservlet"/>
- <echo message="VMARGS= ${VMARGS}"/>
- <exec executable="${APPCLIENT}">
- <env key="VMARGS" value="${VMARGS}"/>
- <arg value="-client" />
- <arg value="${assemble.dir}/${appname}AppClient.jar"/>
- <arg value="-textauth"/>
- <arg value="-user"/>
- <arg value="j2ee"/>
- <arg value="-password"/>
- <arg value="j2ee"/>
- <arg line="-xml ${admin.domain.dir}/${admin.domain}/config/glassfish-acc.xml"/>
- <arg line="${hello-endpoint-url}"/>
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-
- <!--
- =======================================================
- User Defined specific targets
- =======================================================
- -->
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/Client.java b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/Client.java
deleted file mode 100644
index 4592276..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/Client.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright (c) 2003, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.permethod.servlet.client;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-import javax.naming.Context;
-import javax.naming.InitialContext;
-import javax.xml.rpc.Stub;
-
-public class Client {
-
- private static SimpleReporterAdapter stat = new SimpleReporterAdapter("appserv-tests");
- private static String testSuite = "Sec:Servlet Per method WSS test ";
-
- public static void main (String[] args) {
- String helloEndpoint = null;
- if (args[0] == null){
- System.out.println("WSS Permethod client: Argument missing. Please provide target endpoint address as argument");
- System.exit(1);
- } else {
- helloEndpoint = args[0];
- }
-
- stat.addDescription(testSuite);
-
- HelloIF helloIFPort = null;
- try {
- Context ic = new InitialContext();
- HelloServletService helloService = (HelloServletService)
- ic.lookup("java:comp/env/service/HelloServletService");
- helloIFPort = helloService.getHelloIFPort();
- ((Stub)helloIFPort)._setProperty(
- Stub.ENDPOINT_ADDRESS_PROPERTY, helloEndpoint);
- System.out.println("Calling sayHello");
- String reply = helloIFPort.sayHello("Hello World");
- System.out.println("Reply sayHello: " + reply);
- stat.addStatus(testSuite + " sayHello", stat.PASS);
- } catch(Exception e){
- stat.addStatus(testSuite + " sayHello", stat.FAIL);
- e.printStackTrace();
- }
-
- try {
- System.out.println("Calling sendSecret");
- int code = helloIFPort.sendSecret("It is a secret");
- System.out.println("Reply sendSecret: " + code);
- stat.addStatus(testSuite + " sendSecret", stat.PASS);
- } catch(Exception e){
- stat.addStatus(testSuite + "sendSecret", stat.FAIL);
- e.printStackTrace();
- }
-
- try {
- System.out.println("Calling getSecret");
- String secret = helloIFPort.getSecret(100.0);
- System.out.println("Reply getSecret: " + secret);
- stat.addStatus(testSuite + " getSecret", stat.PASS);
- } catch(Exception e){
- stat.addStatus(testSuite + " getSecret", stat.FAIL);
- e.printStackTrace();
- }
-
- stat.printSummary(testSuite);
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/MANIFEST.MF
deleted file mode 100644
index 32c6d74..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.permethod.servlet.client.Client
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-client.xml
deleted file mode 100644
index 7118cee..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-client.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <wsdl
- location="wsdl/HelloServletService.wsdl"
- packageName="com.sun.s1asdev.security.wss.permethod.servlet.client"/>
-</configuration>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-sei.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-sei.xml
deleted file mode 100644
index e4ccf47..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-sei.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <service name="HelloServletService"
- targetNamespace="http://hello.org/wsdl"
- typeNamespace="http://hello.org/types"
- packageName="com.sun.s1asdev.security.wss.permethod.servlet">
- <interface name="com.sun.s1asdev.security.wss.permethod.servlet.HelloIF"
- servantName="com.sun.s1asdev.security.wss.permethod.servlet.HelloServlet"/>
- </interface>
- </service>
-</configuration>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-web.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-web.xml
deleted file mode 100644
index d8a751d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/config/config-web.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<configuration
- xmlns="http://java.sun.com/xml/ns/jax-rpc/ri/config">
- <wsdl
- location="wsdl/HelloServletService.wsdl"
- packageName="com.sun.s1asdev.security.wss.permethod.servlet"/>
-</configuration>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application-client.xml
deleted file mode 100644
index ce75975..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application-client.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application-client version="1.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/application-client_1_4.xsd">
- <description>app client dd for hello</description>
- <display-name>ws-permethod-hello</display-name>
- <service-ref>
- <description>hello service ref</description>
- <service-ref-name>service/HelloServletService</service-ref-name>
- <service-interface>com.sun.s1asdev.security.wss.permethod.servlet.client.HelloServletService</service-interface>
- <wsdl-file>META-INF/wsdl/HelloServletService.wsdl</wsdl-file>
- <jaxrpc-mapping-file>HelloClientMapping.xml</jaxrpc-mapping-file>
- </service-ref>
-</application-client>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application.xml
deleted file mode 100644
index d266f7c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/application.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN" "http://java.sun.com/dtd/application_1_3.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application>
- <display-name>WSSServletHelloApp</display-name>
- <module>
- <web>
- <web-uri>security-wss-permethod-servlet-web.war</web-uri>
- <context-root>security-wss-permethod-servlet</context-root>
- </web>
- </module>
- <module>
- <java>security-wss-permethod-servlet-client.jar</java>
- </module>
-</application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-application-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-application-client.xml
deleted file mode 100644
index b551342..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-application-client.xml
+++ /dev/null
@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-application-client PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 Application Client 1.4//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-application-client_1_4-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-application-client>
- <service-ref>
- <service-ref-name>service/HelloServletService</service-ref-name>
- <port-info>
- <wsdl-port>
- <namespaceURI>http://hello.org/wsdl</namespaceURI>
- <localpart>HelloIFPort</localpart>
- </wsdl-port>
- <message-security-binding auth-layer="SOAP"
- provider-id="ClientProvider">
- <message-security>
- <message>
- <operation-name>sayHello</operation-name>
- </message>
- <request-protection/>
- <response-protection/>
- </message-security>
- <message-security>
- <message>
- <operation-name>sendSecret</operation-name>
- </message>
- <request-protection
- auth-source="content"/>
- <response-protection
- auth-source="content"/>
- </message-security>
- <message-security>
- <message>
- <operation-name>getSecret</operation-name>
- </message>
- <request-protection
- auth-source="sender"/>
- <response-protection
- auth-source="content"/>
- </message-security>
- </message-security-binding>
- </port-info>
- </service-ref>
-</sun-application-client>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-web.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-web.xml
deleted file mode 100644
index e811ba3..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/sun-web.xml
+++ /dev/null
@@ -1,50 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 Servlet 2.4//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-web-app_2_4-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-web-app>
- <servlet>
- <servlet-name>HelloServlet</servlet-name>
- <webservice-endpoint>
- <port-component-name>HelloIFPort</port-component-name>
- <endpoint-address-uri>helloservlet</endpoint-address-uri>
- <message-security-binding auth-layer="SOAP"
- provider-id="ServerProvider">
- <message-security>
- <message>
- <operation-name>sendSecret</operation-name>
- </message>
- <request-protection
- auth-source="content"/>
- <response-protection
- auth-source="content"/>
- </message-security>
- <message-security>
- <message>
- <operation-name>getSecret</operation-name>
- </message>
- <request-protection
- auth-source="sender"/>
- <response-protection
- auth-source="content"/>
- </message-security>
- </message-security-binding>
- </webservice-endpoint>
- </servlet>
-</sun-web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/web.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/web.xml
deleted file mode 100644
index 3bdd4e9..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/web.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
- <display-name>Hello ServletWS</display-name>
- <servlet>
- <servlet-name>HelloServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.permethod.servlet.HelloServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>HelloServlet</servlet-name>
- <url-pattern>/helloservlet</url-pattern>
- </servlet-mapping>
- <session-config>
- <session-timeout>54</session-timeout>
- </session-config>
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/webservices.xml b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/webservices.xml
deleted file mode 100644
index 0ca2051..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/descriptor/webservices.xml
+++ /dev/null
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<webservices xmlns="http://java.sun.com/xml/ns/j2ee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
- http://www.ibm.com/webservices/xsd/j2ee_web_services_1_1.xsd"
- version="1.1">
- <description>desc</description>
- <webservice-description>
- <webservice-description-name>Hello Servlet</webservice-description-name>
- <wsdl-file>WEB-INF/wsdl/HelloServletService.wsdl</wsdl-file>
- <jaxrpc-mapping-file>HelloServletMapping.xml</jaxrpc-mapping-file>
- <port-component>
- <description>port component description</description>
- <port-component-name>HelloIFPort</port-component-name>
- <wsdl-port xmlns:hellons="http://hello.org/wsdl">hellons:HelloIFPort
- </wsdl-port>
- <service-endpoint-interface>com.sun.s1asdev.security.wss.permethod.servlet.HelloIF
- </service-endpoint-interface>
- <service-impl-bean>
- <servlet-link>HelloServlet</servlet-link>
- </service-impl-bean>
- </port-component>
- </webservice-description>
-</webservices>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloIF.java b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloIF.java
deleted file mode 100644
index 6a3bd1d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloIF.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.permethod.servlet;
-
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-
-public interface HelloIF extends Remote {
- public String sayHello(String message) throws RemoteException;
- public int sendSecret(String message) throws RemoteException;
- public String getSecret(double key) throws RemoteException;
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloServlet.java
deleted file mode 100644
index d28184c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/web/HelloServlet.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (c) 2002, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.permethod.servlet;
-
-import jakarta.servlet.SingleThreadModel;
-import javax.xml.rpc.server.ServiceLifecycle;
-
-public class HelloServlet implements
- SingleThreadModel, ServiceLifecycle {
-
- public HelloServlet() {
- System.out.println("HelloServlet() instantiated");
- }
-
- public void init(Object context) {
- System.out.println("Got ServiceLifecycle::init call " + context);
- }
-
- public void destroy() {
- System.out.println("Got ServiceLifecycle::destroy call");
- }
-
- public String sayHello(String message) {
- System.out.println("sayHello invoked from servlet endpoint");
- return "reply from " + message;
- }
-
- public int sendSecret(String message) {
- System.out.println("sendSecret invoked from servlet endpoint");
- return message.hashCode();
- }
-
- public String getSecret(double key) {
- System.out.println("getSecret invoked from servlet endpoint");
- return "Secret-" + key;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/wsdl/HelloServletService.wsdl b/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/wsdl/HelloServletService.wsdl
deleted file mode 100644
index af7cfc0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/permethod/servletws/wsdl/HelloServletService.wsdl
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<definitions name="HelloServletService" targetNamespace="http://hello.org/wsdl" xmlns:tns="http://hello.org/wsdl" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
- <types/>
- <message name="HelloIF_sayHello">
- <part name="string" type="xsd:string"/>
- </message>
- <message name="HelloIF_sayHelloResponse">
- <part name="result" type="xsd:string"/>
- </message>
- <message name="HelloIF_sendSecret">
- <part name="string" type="xsd:string"/>
- </message>
- <message name="HelloIF_sendSecretResponse">
- <part name="result" type="xsd:int"/>
- </message>
- <message name="HelloIF_getSecret">
- <part name="string" type="xsd:double"/>
- </message>
- <message name="HelloIF_getSecretResponse">
- <part name="result" type="xsd:string"/>
- </message>
- <portType name="HelloIF">
- <operation name="sayHello">
- <input message="tns:HelloIF_sayHello"/>
- <output message="tns:HelloIF_sayHelloResponse"/>
- </operation>
- <operation name="sendSecret">
- <input message="tns:HelloIF_sendSecret"/>
- <output message="tns:HelloIF_sendSecretResponse"/>
- </operation>
- <operation name="getSecret">
- <input message="tns:HelloIF_getSecret"/>
- <output message="tns:HelloIF_getSecretResponse"/>
- </operation>
- </portType>
- <binding name="HelloIFBinding" type="tns:HelloIF">
- <operation name="sayHello">
- <input>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></input>
- <output>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></output>
- <soap:operation soapAction=""/>
- </operation>
- <operation name="sendSecret">
- <input>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></input>
- <output>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></output>
- <soap:operation soapAction=""/>
- </operation>
- <operation name="getSecret">
- <input>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></input>
- <output>
- <soap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" use="encoded" namespace="http://hello.org/wsdl"/></output>
- <soap:operation soapAction=""/>
- </operation>
- <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="rpc"/> </binding>
- <service name="HelloServletService">
- <port name="HelloIFPort" binding="tns:HelloIFBinding">
- <soap:address location="REPLACE_WITH_ACTUAL_URL"/>
- </port>
- </service>
-</definitions>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/roles/build.properties
deleted file mode 100644
index 331310a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/build.properties
+++ /dev/null
@@ -1,37 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security-wss-roles"/>
-<property name="appname" value="${module}"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client"
- value="com.sun.s1asdev.security.wss.roles.client.Client"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="sun-application.xml" value="descriptor/sun-application.xml"/>
-<property name="ejb-jar.xml" value="descriptor/ejb-jar.xml"/>
-<property name="sun-ejb-jar.xml" value="descriptor/sun-ejb-jar.xml"/>
-<property name="sun-ejb-jar2.xml" value="descriptor/sun-ejb-jar2.xml"/>
-<property name="web.xml" value="descriptor/web.xml"/>
-<property name="application-client.xml"
- value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml"
- value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles/build.xml
deleted file mode 100644
index 1941a54..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/build.xml
+++ /dev/null
@@ -1,191 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="security-wss-roles" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all" depends="clean, setup, build-deploy, run, undeploy, unsetup"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup" depends="init-common">
- <antcall target="create-auth-filerealm">
- <param name="file.realm.name" value="file2"/>
- <param name="keyfile.path" value="${admin.domain.dir}/${admin.domain}/config/keyfile2"/>
- </antcall>
- <!-- <antcall target="reconfig-common"/>-->
-
- <antcall target="create-user-common">
- <param name="user" value="javaee"/>
- <param name="password" value="javaee"/>
- <param name="groups" value="javaee"/>
- <param name="authrealmname" value="file2"/>
- </antcall>
- </target>
-
- <target name="unsetup" depends="init-common">
- <antcall target="delete-user-common">
- <param name="user" value="javaee"/>
- <param name="authrealmname" value="file2"/>
- </antcall>
- <antcall target="asadmin-common">
- <param name="admin.command" value="delete-auth-realm" />
- <param name="operand.props" value="file2"/>
- </antcall>
- </target>
-
- <target name="compile-server" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="ejbws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="ejbws2"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws2"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="servletws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/servletws"/>
- </antcall>
- </target>
-
- <target name="compile-client">
- <mkdir dir="${build.classes.dir}/client"/>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client http://${http.host}:${http.port}/WssRolesEjbService/HelloEjb?WSDL"/>
- </antcall>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client http://${http.host}:${http.port}/WssRolesEjb2Service/HelloEjb2?WSDL"/>
- </antcall>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client http://${http.host}:${http.port}/security-wss-roles-web/webservice/WssRolesServletService/HelloServlet?WSDL"/>
- </antcall>
-
- <delete file="client/Client.java" failonerror="false"/>
- <copy file="client/Client.java.template" tofile="client/Client.java"/>
- <replace file="client/Client.java">
- <replacefilter token="@HOST@" value="${http.host}"/>
- <replacefilter token="@PORT@" value="${http.port}"/>
- </replace>
- <javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
- </target>
-
- <target name="build-server" depends="compile-server">
- <mkdir dir="${assemble.dir}"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
-
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- </antcall>
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws2"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb2.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- <param name="sun-ejb-jar.xml" value="${sun-ejb-jar2.xml}"/>
- </antcall>
- <war destfile="${assemble.dir}/${appname}-web.war" webxml="${web.xml}">
- <classes dir="${build.classes.dir}/servletws"/>
- </war>
-
- <copy file="${sun-application.xml}" tofile="${build.classes.dir}/META-INF/sun-application.xml" failonerror="false"/>
- <jar jarfile="${assemble.dir}/${appname}App.ear">
- <fileset dir="${assemble.dir}">
- <include name="*.jar"/>
- <include name="*.war"/>
- </fileset>
- <fileset dir="${build.classes.dir}">
- <include name="META-INF/sun-application.xml"/>
- </fileset>
- </jar>
- </target>
-
- <target name="build-client" depends="compile-client">
- <mkdir dir="${assemble.dir}"/>
-
- <unjar src="${env.APS_HOME}/lib/reporter.jar" dest="${build.classes.dir}/client"/>
- <antcall target="package-appclientjar-common">
- <param name="appclientjar.files"
- value="${build.classes.dir}/client"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- <param name="appclientjar.classes"
- value="com/sun/**/*.class"/>
- </antcall>
- </target>
-
- <target name="build-deploy" depends="init-common">
- <antcall target="build-server"/>
- <antcall target="deploy-common"/>
- <antcall target="build-client"/>
- <antcall target="deploy-client-common"/>
- </target>
-
- <target name="run" depends="init-common">
- <antcall target="runclient1"/>
- <antcall target="runclient2"/>
- </target>
-
- <target name="runclient1" depends="init-common">
- <exec executable="${APPCLIENT}">
- <arg line="-client" />
- <arg line="${assemble.dir}/${appname}-clientClient.jar"/>
- <arg line="-textauth"/>
- <arg line="-user" />
- <arg line="javaee" />
- <arg line="-password" />
- <arg line="javaee" />
- </exec>
- </target>
-
- <target name="runclient2" depends="init-common">
- <exec executable="${APPCLIENT}">
- <arg line="-client" />
- <arg line="${assemble.dir}/${appname}-clientClient.jar"/>
- <arg line="authprop" />
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- <antcall target="undeploy-client-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/client/Client.java.template b/appserver/tests/appserv-tests/devtests/security/wss/roles/client/Client.java.template
deleted file mode 100644
index 1f0df6b..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/client/Client.java.template
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.client;
-
-import java.util.Map;
-
-import jakarta.xml.ws.BindingProvider;
-import jakarta.xml.ws.WebServiceRef;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-import com.sun.s1asdev.security.wss.roles.ejbws.HelloEjb;
-import com.sun.s1asdev.security.wss.roles.ejbws.WssRolesEjbService;
-import com.sun.s1asdev.security.wss.roles.ejbws2.HelloEjb2;
-import com.sun.s1asdev.security.wss.roles.ejbws2.WssRolesEjb2Service;
-import com.sun.s1asdev.security.wss.roles.servletws.HelloServlet;
-import com.sun.s1asdev.security.wss.roles.servletws.WssRolesServletService;
-
-public class Client {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- private static String testSuite = "Sec:WSS Roles test ";
-
- @WebServiceRef(wsdlLocation="http://@HOST@:@PORT@/WssRolesEjbService/HelloEjb?WSDL")
- private static WssRolesEjbService service;
-
- @WebServiceRef(wsdlLocation="http://@HOST@:@PORT@/WssRolesEjb2Service/HelloEjb2?WSDL")
- private static WssRolesEjb2Service service2;
-
- @WebServiceRef(wsdlLocation="http://@HOST@:@PORT@/security-wss-roles-web/webservice/WssRolesServletService/HelloServlet?WSDL")
- private static WssRolesServletService service3;
-
- public static void main(String[] args) {
- boolean authprop =
- (args != null && args.length > 0 && "authprop".equals(args[0]));
-
- if (authprop) {
- System.out.println("Authenticate through BindingProvider property");
- stat.addDescription("security-wss-roles: authprop");
- } else {
- stat.addDescription("security-wss-roles");
- }
-
- String description = null;
- try {
- // first ejb ws
- HelloEjb port = service.getHelloEjbPort();
-
- if (authprop) {
- authenticate((BindingProvider)port);
- }
-
- description = testSuite + " ejbws1: hello";
- port.hello("Sun");
- stat.addStatus(description, stat.PASS);
-
- description = testSuite + " ejbws1: rolesAllowed1";
- port.rolesAllowed1("Sun");
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws1: rolesAllowed2";
- port.rolesAllowed2("Sun");
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- description = testSuite + " ejbws1: permitAll";
- port.permitAll("Sun");
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws1: denyAll";
- port.denyAll("Sun");
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- try {
- description = testSuite + " ejbws1: runAs1";
- port.runAs1();
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- description = testSuite + " ejbws1: runAs2";
- port.runAs2();
- stat.addStatus(description, stat.PASS);
-
- // second ejb ws
- HelloEjb2 port2 = service2.getHelloEjb2Port();
-
- if (authprop) {
- authenticate((BindingProvider)port2);
- }
-
- description = testSuite + " ejbws2: rolesAllowed1";
- port2.rolesAllowed1("Sun");
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws2: rolesAllowed2";
- port2.rolesAllowed2("Sun");
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- // first servlet ws
- HelloServlet port3 = service3.getHelloServletPort();
- if (authprop) {
- authenticate((BindingProvider)port3);
- }
- description = testSuite + " serlvet: hello";
- String msg = port3.hello("Sun");
- if (msg != null && msg.startsWith("javaee")) {
- stat.addStatus(description, stat.PASS);
- } else {
- stat.addStatus(description, stat.FAIL);
- }
-
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- if (authprop) {
- stat.printSummary("security-wss-roles: authprop");
- } else {
- stat.printSummary("security-wss-roles");
- }
- }
-
- private static void authenticate(BindingProvider bd) {
- System.out.println("authenticate through BindingProvider property");
- Map<String, Object> requestContext = bd.getRequestContext();
- requestContext.put(BindingProvider.USERNAME_PROPERTY, "javaee");
- requestContext.put(BindingProvider.PASSWORD_PROPERTY, "javaee");
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/roles/client/MANIFEST.MF
deleted file mode 100644
index 6e24fb0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.roles.client.Client
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-application.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-application.xml
deleted file mode 100644
index 5b3df2c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-application.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-application PUBLIC "-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 J2EE Application 1.4//EN" "http://www.sun.com/software/sunone/appserver/dtds/sun-application_1_4-0.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-application>
- <unique-id>0</unique-id>
- <security-role-mapping>
- <role-name>javaee</role-name>
- <principal-name>javaee</principal-name>
- </security-role-mapping>
- <security-role-mapping>
- <role-name>ejbuser</role-name>
- <principal-name>ejbuser</principal-name>
- </security-role-mapping>
- <realm>file2</realm>
-</sun-application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar.xml
deleted file mode 100644
index 3a6754d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 EJB 2.1//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-ejb-jar_2_1-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-ejb-jar>
- <enterprise-beans>
- <ejb>
- <ejb-name>HelloEjb</ejb-name>
- <webservice-endpoint>
- <port-component-name>HelloEjb</port-component-name>
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm>file2</realm>
- </login-config>
- </webservice-endpoint>
- </ejb>
- </enterprise-beans>
-</sun-ejb-jar>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar2.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar2.xml
deleted file mode 100644
index 7b2352a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/sun-ejb-jar2.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 EJB 2.1//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-ejb-jar_2_1-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-ejb-jar>
- <enterprise-beans>
- <ejb>
- <ejb-name>HelloEjb2</ejb-name>
- <webservice-endpoint>
- <port-component-name>HelloEjb2</port-component-name>
- <login-config>
- <auth-method>BASIC</auth-method>
- </login-config>
- </webservice-endpoint>
- </ejb>
- </enterprise-beans>
-</sun-ejb-jar>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/web.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/web.xml
deleted file mode 100644
index a008245..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/descriptor/web.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:j2ee="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
-
- <servlet>
- <servlet-name>HelloServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.roles.servletws.HelloServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>HelloServlet</servlet-name>
- <url-pattern>/webservice/WssRolesServletService/HelloServlet</url-pattern>
- </servlet-mapping>
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Secure Area</web-resource-name>
- <url-pattern>/webservice/WssRolesServletService/HelloServlet</url-pattern>
- <http-method>POST</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>javaee</role-name>
- </auth-constraint>
- </security-constraint>
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>file2</realm-name>
- </login-config>
- <security-role>
- <role-name>javaee</role-name>
- </security-role>
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/HelloEjb.java b/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/HelloEjb.java
deleted file mode 100644
index 5564a6c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/HelloEjb.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.ejbws;
-
-import jakarta.annotation.Resource;
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.annotation.security.DenyAll;
-import jakarta.annotation.security.PermitAll;
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.annotation.security.RunAs;
-import jakarta.ejb.EJB;
-import jakarta.ejb.Stateless;
-import jakarta.ejb.SessionContext;
-import jakarta.jws.WebService;
-import jakarta.xml.ws.WebServiceContext;
-
-import com.sun.s1asdev.security.wss.roles.ejb.SfulLocal;
-
-@Stateless
-@WebService(targetNamespace="http://ejbws.roles.wss.security.s1asdev.sun.com", serviceName="WssRolesEjbService")
-@DeclareRoles({"javaee", "webuser", "ejbuser"})
-@RunAs("ejbuser")
-public class HelloEjb {
- @EJB private SfulLocal sful;
- @Resource private SessionContext sc;
- @Resource WebServiceContext wsContext;
-
- public String hello(String who) {
- if (!sc.isCallerInRole("javaee") || sc.isCallerInRole("ejbuser")) {
- throw new RuntimeException("sc not of role javaee or of role ejbuser");
- }
-
- if (!wsContext.isUserInRole("javaee") || wsContext.isUserInRole("ejbuser")) {
- throw new RuntimeException("wsc not of role javaee or of role ejbuser");
- }
-
- return "Hello, " + who;
- }
-
- @RolesAllowed(value={"javaee"})
- public String rolesAllowed1(String who) {
- return "Hello, " + who;
- }
-
- @RolesAllowed(value={"webuser"})
- public String rolesAllowed2(String who) {
- return "Hello, " + who;
- }
-
- @DenyAll
- public String denyAll(String who) {
- return "Hello, " + who;
- }
-
- @PermitAll
- public String permitAll(String who) {
- return "Hello, " + who;
- }
-
- public String runAs1() {
- return sful.hello();
- }
-
- public String runAs2() {
- return sful.goodBye();
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulEJB.java b/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulEJB.java
deleted file mode 100644
index 1c98945..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulEJB.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.ejb;
-
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.ejb.Local;
-import jakarta.ejb.Stateful;
-
-@Stateful
-@Local({SfulLocal.class})
-public class SfulEJB implements SfulLocal {
- @RolesAllowed(value={"javaee"})
- public String hello() {
- return "hello from Sful";
- }
-
- @RolesAllowed(value={"ejbuser"})
- public String goodBye() {
- return "goodBye from Sful";
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulLocal.java b/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulLocal.java
deleted file mode 100644
index e73d0da..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws/SfulLocal.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.ejb;
-
-public interface SfulLocal {
- public String hello();
-
- public String goodBye();
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws2/HelloEjb2.java b/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws2/HelloEjb2.java
deleted file mode 100644
index d722d7d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/ejbws2/HelloEjb2.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.ejbws2;
-
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.ejb.Stateless;
-import jakarta.jws.WebService;
-
-@Stateless
-@WebService(targetNamespace="http://ejbws2.roles.wss.security.s1asdev.sun.com", serviceName="WssRolesEjb2Service")
-public class HelloEjb2 {
- @RolesAllowed(value={"javaee"})
- public String rolesAllowed1(String who) {
- return "Hello, " + who;
- }
-
- @RolesAllowed(value={"webuser"})
- public String rolesAllowed2(String who) {
- return "Hello, " + who;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles/servletws/HelloServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/roles/servletws/HelloServlet.java
deleted file mode 100644
index ed684cc..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles/servletws/HelloServlet.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles.servletws;
-
-import jakarta.annotation.Resource;
-import jakarta.jws.WebService;
-import jakarta.xml.ws.WebServiceContext;
-
-@WebService(targetNamespace="http://servletws.roles.wss.security.s1asdev.sun.com", serviceName="WssRolesServletService")
-public class HelloServlet {
- @Resource WebServiceContext wsContext;
-
- public String hello(String who) {
- if (!wsContext.isUserInRole("javaee") ||
- wsContext.isUserInRole("ejbuser")) {
- throw new RuntimeException("not of role javaee or of role ejbuser");
- }
-
- return wsContext.getUserPrincipal() + "Hello, " + who;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.properties
deleted file mode 100644
index 7097c0c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security-wss-roles2"/>
-<property name="appname" value="${module}"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client"
- value="com.sun.s1asdev.security.wss.roles2.client.Client"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="sun-application.xml" value="descriptor/sun-application.xml"/>
-<property name="ejb-jar.xml" value="descriptor/ejb-jar.xml"/>
-<property name="sun-ejb-jar.xml" value="descriptor/sun-ejb-jar.xml"/>
-<property name="application-client.xml"
- value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml"
- value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.xml
deleted file mode 100644
index 04a70cb..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/build.xml
+++ /dev/null
@@ -1,136 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="security-wss-roles2" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all" depends="clean, setup, build-deploy, run, undeploy, unsetup"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup" depends="init-common">
- <antcall target="create-user-common">
- <param name="user" value="javaee"/>
- <param name="password" value="javaee"/>
- <param name="groups" value="javaee"/>
- </antcall>
- <!-- exports certdb stuff and imports into keystore -->
- <antcall target="prepare-store-nickname-common">
- <param name="cert.nickname" value="s1as"/>
- </antcall>
- </target>
-
- <target name="unsetup" depends="init-common">
- <antcall target="delete-user-common">
- <param name="user" value="javaee"/>
- </antcall>
- </target>
-
- <target name="compile-server" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="ejbws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws"/>
- </antcall>
- </target>
-
- <target name="compile-client">
- <mkdir dir="${build.classes.dir}/client"/>
- <antcall target="wsimport">
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client http://${http.host}:${http.port}/WssRoles2EjbService/HelloEjb?WSDL"/>
- </antcall>
-
- <delete file="client/Client.java" failonerror="false"/>
- <copy file="client/Client.java.template" tofile="client/Client.java"/>
- <replace file="client/Client.java">
- <replacefilter token="@HOST@" value="${http.host}"/>
- <replacefilter token="@PORT@" value="${http.port}"/>
- </replace>
- <javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
- </target>
-
- <target name="build-server" depends="compile-server">
- <mkdir dir="${assemble.dir}"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
-
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- </antcall>
- </target>
-
- <target name="build-client" depends="compile-client">
- <mkdir dir="${assemble.dir}"/>
-
- <unjar src="${env.APS_HOME}/lib/reporter.jar" dest="${build.classes.dir}/client"/>
- <antcall target="package-appclientjar-common">
- <param name="appclientjar.files"
- value="${build.classes.dir}/client"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- <param name="appclientjar.classes"
- value="com/sun/**/*.class"/>
- </antcall>
- </target>
-
- <target name="build-deploy" depends="init-common">
- <antcall target="build-server"/>
- <antcall target="deploy-jar-common"/>
- <antcall target="build-client"/>
- <antcall target="deploy-client-common"/>
- </target>
-
- <target name="run" depends="init-common">
- <exec executable="${APPCLIENT}">
- <env key="VMARGS" value="-Djavax.net.ssl.keyStore=${mykeystore.db.file} -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.keyStorePassword=${ssl.password} -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <arg line="-xml ${env.S1AS_HOME}/domains/domain1/config/glassfish-acc.xml" />
- <arg line="-client" />
- <arg line="${assemble.dir}/${appname}-clientClient.jar"/>
- <arg line="-texauth"/>
- <arg line="-user" />
- <arg line="javaee" />
- <arg line="-password" />
- <arg line="javaee" />
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-jar-common"/>
- <antcall target="undeploy-client-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/Client.java.template b/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/Client.java.template
deleted file mode 100644
index c3b1161..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/Client.java.template
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.client;
-
-import java.util.Map;
-
-import jakarta.xml.ws.BindingProvider;
-import jakarta.xml.ws.WebServiceRef;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-import com.sun.s1asdev.security.wss.roles2.ejbws.HelloEjb;
-import com.sun.s1asdev.security.wss.roles2.ejbws.WssRoles2EjbService;
-
-public class Client {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- private static String testSuite = "Sec:WSS Roles2 test ";
-
- @WebServiceRef(wsdlLocation="http://@HOST@:@PORT@/WssRoles2EjbService/HelloEjb?WSDL")
- private static WssRoles2EjbService service;
-
- public static void main(String[] args) {
- stat.addDescription("security-wss-roles2");
- String description = null;
- try {
- HelloEjb port = service.getHelloEjbPort();
-
- description = testSuite + " ejbws: hello";
- port.hello("Sun");
- stat.addStatus(description, stat.PASS);
-
- description = testSuite + " ejbws: rolesAllowed1";
- port.rolesAllowed1("Sun");
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws: rolesAllowed2";
- port.rolesAllowed2("Sun");
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- description = testSuite + " ejbws: permitAll";
- port.permitAll("Sun");
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws: denyAll";
- port.denyAll("Sun");
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- try {
- description = testSuite + " ejbws: runAs1";
- port.runAs1();
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- description = testSuite + " ejbws: runAs2";
- port.runAs2();
- stat.addStatus(description, stat.PASS);
-
- description = testSuite + " ejbws: runAsRunAs1";
- port.runAsRunAs1();
- stat.addStatus(description, stat.PASS);
-
- try {
- description = testSuite + " ejbws: runAsRunAs2";
- port.runAsRunAs2();
- stat.addStatus(description, stat.FAIL);
- } catch(Exception e) {
- System.out.println("Expected failure: " + e);
- stat.addStatus(description, stat.PASS);
- }
-
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- stat.printSummary("security-wss-roles2");
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/MANIFEST.MF
deleted file mode 100644
index f9a55a7..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.roles2.client.Client
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-application-client.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-application-client.xml
deleted file mode 100644
index 7fef3f0..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-application-client.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-application-client PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 Application Client 1.4//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-application-client_1_4-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-application-client>
- <service-ref>
- <service-ref-name>com.sun.s1asdev.security.wss.roles2.client.Client/service</service-ref-name>
- <port-info>
- <wsdl-port>
- <namespaceURI>http://ejbws.roles2.wss.security.s1asdev.sun.com</namespaceURI>
- <localpart>HelloEjbPort</localpart>
- </wsdl-port>
- <message-security-binding auth-layer="SOAP"
- provider-id="XWS_ClientProvider">
- <message-security>
- <message/>
- <request-protection auth-source="sender"/>
- <response-protection auth-source="content"/>
- </message-security>
- </message-security-binding>
- </port-info>
- </service-ref>
-</sun-application-client>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-ejb-jar.xml b/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-ejb-jar.xml
deleted file mode 100644
index 81ea10e..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/descriptor/sun-ejb-jar.xml
+++ /dev/null
@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 EJB 2.1//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-ejb-jar_2_1-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-ejb-jar>
- <security-role-mapping>
- <role-name>javaee</role-name>
- <principal-name>javaee</principal-name>
- </security-role-mapping>
- <security-role-mapping>
- <role-name>javaeegp</role-name>
- <group-name>javaee</group-name>
- </security-role-mapping>
- <security-role-mapping>
- <role-name>ejbuser</role-name>
- <principal-name>ejbuser</principal-name>
- </security-role-mapping>
- <security-role-mapping>
- <role-name>j2ee</role-name>
- <principal-name>j2ee</principal-name>
- </security-role-mapping>
-
- <enterprise-beans>
- <ejb>
- <ejb-name>HelloEjb</ejb-name>
- <webservice-endpoint>
- <port-component-name>HelloEjb</port-component-name>
- <endpoint-address-uri>/WssRoles2EjbService/HelloEjb</endpoint-address-uri>
- <message-security-binding auth-layer="SOAP"
- provider-id="XWS_ServerProvider">
- <message-security>
- <message/>
- <request-protection auth-source="sender"/>
- <response-protection auth-source="content"/>
- </message-security>
- </message-security-binding>
- </webservice-endpoint>
- </ejb>
- </enterprise-beans>
-</sun-ejb-jar>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/HelloEjb.java b/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/HelloEjb.java
deleted file mode 100644
index 467f0fa..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/HelloEjb.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.ejbws;
-
-import jakarta.annotation.Resource;
-import jakarta.annotation.security.DeclareRoles;
-import jakarta.annotation.security.DenyAll;
-import jakarta.annotation.security.PermitAll;
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.annotation.security.RunAs;
-import jakarta.ejb.EJB;
-import jakarta.ejb.Stateless;
-import jakarta.ejb.SessionContext;
-import jakarta.jws.WebService;
-
-import com.sun.s1asdev.security.wss.roles2.ejb.SfulLocal;
-
-@Stateless
-@WebService(targetNamespace="http://ejbws.roles2.wss.security.s1asdev.sun.com", serviceName="WssRoles2EjbService")
-@DeclareRoles({"javaee", "webuser", "ejbuser"})
-@RunAs("ejbuser")
-public class HelloEjb {
- @EJB private SfulLocal sful;
- @Resource private SessionContext sc;
-
- public String hello(String who) {
- if (!sc.isCallerInRole("javaee")) {
- throw new RuntimeException("not of role javaee");
- }
- if (sc.isCallerInRole("ejbuser")) {
- throw new RuntimeException("of role ejbuser");
- }
- return "Hello, " + who;
- }
-
- @RolesAllowed(value={"javaee"})
- public String rolesAllowed1(String who) {
- return "Hello, " + who;
- }
-
- @RolesAllowed(value={"webuser"})
- public String rolesAllowed2(String who) {
- return "Hello, " + who;
- }
-
- @DenyAll
- public String denyAll(String who) {
- return "Hello, " + who;
- }
-
- @PermitAll
- public String permitAll(String who) {
- return "Hello, " + who;
- }
-
- public String runAs1() {
- return sful.hello();
- }
-
- public String runAs2() {
- return sful.goodBye();
- }
-
- @RolesAllowed(value={"javaeegp"})
- public String runAsRunAs1() {
- return sful.slessHello();
- }
-
- public String runAsRunAs2() {
- return sful.slessGoodBye();
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulEJB.java b/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulEJB.java
deleted file mode 100644
index 4f1faf8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulEJB.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.ejb;
-
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.annotation.security.RunAs;
-import jakarta.ejb.EJB;
-import jakarta.ejb.Local;
-import jakarta.ejb.Stateful;
-
-@Stateful
-@Local({SfulLocal.class})
-@RunAs("j2ee")
-public class SfulEJB implements SfulLocal {
- @EJB private SlessLocal sless;
-
- @RolesAllowed(value={"javaee"})
- public String hello() {
- return "hello from Sful";
- }
-
- @RolesAllowed(value={"ejbuser"})
- public String goodBye() {
- return "goodBye from Sful";
- }
-
- public String slessHello() {
- return sless.hello();
- }
-
- public String slessGoodBye() {
- return sless.goodBye();
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulLocal.java b/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulLocal.java
deleted file mode 100644
index 02a8411..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SfulLocal.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.ejb;
-
-public interface SfulLocal {
- public String hello();
-
- public String goodBye();
-
- public String slessHello();
-
- public String slessGoodBye();
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessEJB.java b/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessEJB.java
deleted file mode 100644
index debfd65..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessEJB.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.ejb;
-
-import jakarta.annotation.security.RolesAllowed;
-import jakarta.ejb.Local;
-import jakarta.ejb.Stateless;
-
-@Stateless
-@Local({SlessLocal.class})
-public class SlessEJB implements SlessLocal {
- @RolesAllowed(value={"j2ee"})
- public String hello() {
- return "hello from Sless";
- }
-
- @RolesAllowed(value={"javaee"})
- public String goodBye() {
- return "goodBye from Sless";
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessLocal.java b/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessLocal.java
deleted file mode 100644
index ae59099..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/roles2/ejbws/SlessLocal.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.roles2.ejb;
-
-public interface SlessLocal {
- public String hello();
-
- public String goodBye();
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.properties
deleted file mode 100644
index e91a248..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.properties
+++ /dev/null
@@ -1,36 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security-wss-ssl"/>
-<property name="appname" value="${module}"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client"
- value="com.sun.s1asdev.security.wss.ssl.client.Client"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="sun-application.xml" value="descriptor/sun-application.xml"/>
-<property name="ejb-jar.xml" value="descriptor/ejb-jar.xml"/>
-<property name="sun-ejb-jar.xml" value="descriptor/sun-ejb-jar.xml"/>
-<property name="web.xml" value="descriptor/web.xml"/>
-<property name="application-client.xml"
- value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml"
- value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.xml
deleted file mode 100644
index d7df978..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/build.xml
+++ /dev/null
@@ -1,150 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="security-wss-ssl" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all" depends="clean, setup, build-deploy, run, undeploy, unsetup"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup" depends="init-common">
- </target>
-
- <target name="unsetup" depends="init-common">
- </target>
-
- <target name="compile-server" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="ejbws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="servletws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/servletws"/>
- </antcall>
- </target>
-
- <target name="compile-client" depends="prepare-truststore-common, init-security-util">
- <mkdir dir="${build.classes.dir}/client"/>
- <antcall target="wsimport">
- <!--value="-keep -d ${build.classes.dir}/client https://${s1asCN}:${https.port}/WssSslEjbService/HelloEjb?WSDL"/>-->
- <param name="wsimport.VMARGS" value=" -Djavax.net.ssl.trustStore=${build.base.dir}/cacerts.jks -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client https://${s1asCN}:${https.port}/WssSslEjbService/HelloEjb?WSDL"/>
- </antcall>
- <antcall target="wsimport">
- <param name="wsimport.VMARGS" value=" -Djavax.net.ssl.trustStore=${build.base.dir}/cacerts.jks -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client https://${s1asCN}:${https.port}/security-wss-ssl/webservice/WssSslServletService/HelloServlet?WSDL"/>
- </antcall>
-
- <delete file="client/Client.java" failonerror="false"/>
- <copy file="client/Client.java.template" tofile="client/Client.java"/>
- <replace file="client/Client.java">
- <replacefilter token="@HOST@" value="${s1asCN}"/>
- <replacefilter token="@PORT@" value="${https.port}"/>
- </replace>
- <javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
- </target>
-
- <target name="build-server" depends="compile-server">
- <mkdir dir="${assemble.dir}"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
-
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- </antcall>
-
- <antcall target="package-war-common">
- <param name="war.classes" value="${build.classes.dir}/servletws"/>
- <param name="war.file" value="${assemble.dir}/${appname}-web.war"/>
- </antcall>
-
- <copy file="${application.xml}" tofile="${build.classes.dir}/META-INF/application.xml" failonerror="false"/>
- <jar jarfile="${assemble.dir}/${appname}App.ear">
- <fileset dir="${assemble.dir}">
- <include name="*.jar"/>
- <include name="*.war"/>
- </fileset>
- <fileset dir="${build.classes.dir}">
- <include name="META-INF/application.xml"/>
- </fileset>
- </jar>
- </target>
-
- <target name="build-client" depends="compile-client">
- <mkdir dir="${assemble.dir}"/>
-
- <unjar src="${env.APS_HOME}/lib/reporter.jar" dest="${build.classes.dir}/client"/>
- <antcall target="package-appclientjar-common">
- <param name="appclientjar.files"
- value="${build.classes.dir}/client"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- <param name="appclientjar.classes"
- value="com/sun/**/*.class"/>
- </antcall>
- </target>
-
- <target name="build-deploy" depends="init-common">
- <antcall target="build-server"/>
- <antcall target="deploy-common"/>
- <antcall target="build-client"/>
- <antcall target="deploy-client-common"/>
- </target>
-
- <target name="run" depends="prepare-truststore-common">
- <exec executable="${APPCLIENT}">
- <env key="VMARGS" value=" -Djavax.net.ssl.trustStore=${build.base.dir}/cacerts.jks -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <arg line="-client" />
- <arg line="${assemble.dir}/${appname}-clientClient.jar"/>
- <arg line="-texauth"/>
- <arg line="-user" />
- <arg line="dummy" />
- <arg line="-password" />
- <arg line="dummy" />
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- <antcall target="undeploy-client-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/Client.java.template b/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/Client.java.template
deleted file mode 100644
index 3a16825..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/Client.java.template
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.ssl.client;
-
-import jakarta.xml.ws.WebServiceRef;
-
-import com.sun.s1asdev.security.wss.ssl.ejbws.HelloEjb;
-import com.sun.s1asdev.security.wss.ssl.ejbws.WssSslEjbService;
-import com.sun.s1asdev.security.wss.ssl.servletws.HelloServlet;
-import com.sun.s1asdev.security.wss.ssl.servletws.WssSslServletService;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-public class Client {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- private static String testSuite = "Sec:WSS SSL test ";
-
- @WebServiceRef(wsdlLocation="https://@HOST@:@PORT@/WssSslEjbService/HelloEjb?WSDL")
- private static WssSslEjbService ejbService;
- @WebServiceRef(wsdlLocation="https://@HOST@:@PORT@/security-wss-ssl/webservice/WssSslServletService/HelloServlet?WSDL")
- private static WssSslServletService servletService;
-
- public static void main(String[] args) {
- stat.addDescription("security-wss-ssl");
- String description = null;
- try {
- // ejb ws
- HelloEjb ejbPort = ejbService.getHelloEjbPort();
- description = testSuite + " ssl: ejb hello";
- ejbPort.hello("Sun Ejb");
- stat.addStatus(description, stat.PASS);
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- try {
- // servlet ws
- HelloServlet servletPort = servletService.getHelloServletPort();
- description = testSuite + " ssl: servlet hello";
- servletPort.hello("Sun Servlet");
- stat.addStatus(description, stat.PASS);
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- stat.printSummary("security-wss-ssl");
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/MANIFEST.MF
deleted file mode 100644
index 4a95741..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.ssl.client.Client
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/application.xml b/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/application.xml
deleted file mode 100644
index cd0b2e9..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/application.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN" "http://java.sun.com/dtd/application_1_3.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application>
- <display-name>security-wss-sslApp</display-name>
- <module>
- <ejb>security-wss-ssl-ejb.jar</ejb>
- </module>
- <module>
- <web>
- <web-uri>security-wss-ssl-web.war</web-uri>
- <context-root>security-wss-ssl</context-root>
- </web>
- </module>
-</application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/sun-ejb-jar.xml b/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/sun-ejb-jar.xml
deleted file mode 100644
index 5cf6228..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/sun-ejb-jar.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 EJB 2.1//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-ejb-jar_2_1-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-ejb-jar>
- <enterprise-beans>
- <ejb>
- <ejb-name>HelloEjb</ejb-name>
- <webservice-endpoint>
- <port-component-name>HelloEjb</port-component-name>
- <transport-guarantee>CONFIDENTIAL</transport-guarantee>
- </webservice-endpoint>
- </ejb>
- </enterprise-beans>
-</sun-ejb-jar>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/web.xml b/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/web.xml
deleted file mode 100644
index 9ede38c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/descriptor/web.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:j2ee="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
-
- <description>SSL WebTier for the Hello Service</description>
- <display-name>HelloWAR</display-name>
- <servlet>
- <description>Endpoint for Hello Web Service</description>
- <display-name>HelloWebService</display-name>
- <servlet-name>HelloServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.ssl.servletws.HelloServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>HelloServlet</servlet-name>
- <url-pattern>/webservice/WssSslServletService/HelloServlet</url-pattern>
- </servlet-mapping>
- <session-config>
- <session-timeout>54</session-timeout>
- </session-config>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Protected Area</web-resource-name>
- <url-pattern>/webservice/WssSslServletService/HelloServlet</url-pattern>
- <http-method>GET</http-method>
- <http-method>POST</http-method>
- </web-resource-collection>
- <user-data-constraint>
- <transport-guarantee>CONFIDENTIAL</transport-guarantee>
- </user-data-constraint>
- </security-constraint>
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/ejbws/HelloEjb.java b/appserver/tests/appserv-tests/devtests/security/wss/ssl/ejbws/HelloEjb.java
deleted file mode 100644
index 8d14ac3..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/ejbws/HelloEjb.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.ssl.ejbws;
-
-import jakarta.ejb.Stateless;
-import jakarta.jws.WebService;
-
-@Stateless
-@WebService(targetNamespace="http://ejbws.ssl.wss.security.s1asdev.sun.com", serviceName="WssSslEjbService")
-public class HelloEjb {
- public String hello(String who) {
- return "Hello, SSL " + who;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/ssl/servletws/HelloServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/ssl/servletws/HelloServlet.java
deleted file mode 100644
index 57db6b6..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/ssl/servletws/HelloServlet.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.ssl.servletws;
-
-import jakarta.jws.WebService;
-
-@WebService(targetNamespace="http://servletws.ssl.wss.security.s1asdev.sun.com", serviceName="WssSslServletService")
-public class HelloServlet {
- public String hello(String who) {
- return "Hello, SSL " + who;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.properties b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.properties
deleted file mode 100644
index 050c8b5..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.properties
+++ /dev/null
@@ -1,36 +0,0 @@
-<!--
-
- Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-
-<property name="module" value="security-wss-sslclientcert"/>
-<property name="appname" value="${module}"/>
-<property name="assemble" value="${build.classes.dir}/archive"/>
-<property name="test.client"
- value="com.sun.s1asdev.security.wss.sslclientcert.client.Client"/>
-<property name="application.xml" value="descriptor/application.xml"/>
-<property name="sun-application.xml" value="descriptor/sun-application.xml"/>
-<property name="ejb-jar.xml" value="descriptor/ejb-jar.xml"/>
-<property name="sun-ejb-jar.xml" value="descriptor/sun-ejb-jar.xml"/>
-<property name="web.xml" value="descriptor/web.xml"/>
-<property name="application-client.xml"
- value="descriptor/application-client.xml"/>
-<property name="sun-application-client.xml"
- value="descriptor/sun-application-client.xml"/>
-<property name="appclientjar.files" value="${build.classes.dir}"/>
-<property name="appclient.jar" value="${assemble.dir}/${appname}-client.jar"/>
-<property name="app.type" value="application"/>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.xml b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.xml
deleted file mode 100644
index 2a8260e..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/build.xml
+++ /dev/null
@@ -1,158 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE project [
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<!ENTITY commonSetup SYSTEM "file:./../../../../config/properties.xml">
-<!ENTITY commonBuild SYSTEM "file:./../../../../config/common.xml">
-<!ENTITY commonSecurity SYSTEM "file:../../common.xml">
-<!ENTITY testproperties SYSTEM "file:./build.properties">
-]>
-
-<project name="security-wss-sslclientcert" default="usage" basedir=".">
-
- &commonSetup;
- &commonBuild;
- &testproperties;
- &commonSecurity;
-
- <target name="all" depends="clean, setup, build-deploy, run, undeploy, unsetup"/>
-
- <target name="clean" depends="init-common">
- <antcall target="clean-common"/>
- </target>
-
- <target name="setup" depends="init-common">
- <!-- exports certdb stuff and imports into keystore -->
- <antcall target="prepare-store-nickname-common">
- <param name="cert.nickname" value="s1as"/>
- </antcall>
- </target>
-
- <target name="unsetup" depends="init-common">
- </target>
-
- <target name="compile-server" depends="clean">
- <antcall target="compile-common">
- <param name="src" value="ejbws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/ejbws"/>
- </antcall>
- <antcall target="compile-common">
- <param name="src" value="servletws"/>
- <param name="build.classes.dir" value="${build.classes.dir}/servletws"/>
- </antcall>
- </target>
-
- <target name="compile-client" depends="init-common, init-security-util">
- <mkdir dir="${build.classes.dir}/client"/>
- <antcall target="wsimport">
- <param name="wsimport.VMARGS" value=" -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client https://${s1asCN}:${https.port}/WssSslClientCertEjbService/HelloEjb?WSDL"/>
- </antcall>
- <antcall target="wsimport">
- <param name="wsimport.VMARGS" value=" -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.trustStorePassword=${ssl.password}"/>
- <param name="wsimport.args"
- value="-keep -d ${build.classes.dir}/client https://${s1asCN}:${https.port}/security-wss-sslclientcert/webservice/WssSslClientCertServletService/HelloServlet?WSDL"/>
- </antcall>
-
- <delete file="client/Client.java" failonerror="false"/>
- <copy file="client/Client.java.template" tofile="client/Client.java"/>
- <replace file="client/Client.java">
- <replacefilter token="@HOST@" value="${s1asCN}"/>
- <replacefilter token="@PORT@" value="${https.port}"/>
- </replace>
- <javac srcdir="client" destdir="${build.classes.dir}/client"
- classpath="${env.APS_HOME}/lib/reporter.jar:${env.S1AS_HOME}/lib/j2ee.jar:${env.S1AS_HOME}/lib/webservices-rt.jar:${env.S1AS_HOME}/lib/webservices-tools.jar:${build.classes.dir}/client" debug="on" failonerror="true"/>
- </target>
-
- <target name="build-server" depends="compile-server, init-security-util">
- <mkdir dir="${assemble.dir}"/>
- <mkdir dir="${build.classes.dir}/META-INF"/>
-
- <antcall target="package-ejbjar-common">
- <param name="ejbjar.files" value="${build.classes.dir}/ejbws"/>
- <param name="ejb.jar" value="${assemble.dir}/${appname}-ejb.jar"/>
- <param name="ejbjar.classes" value="com/sun/**/*.class"/>
- </antcall>
-
- <antcall target="package-war-common">
- <param name="war.classes" value="${build.classes.dir}/servletws"/>
- <param name="war.file" value="${assemble.dir}/${appname}-web.war"/>
- </antcall>
-
- <copy file="descriptor/sun-application.xml.template" tofile="${build.classes.dir}/META-INF/sun-application.xml"/>
- <replace file="${build.classes.dir}/META-INF/sun-application.xml">
- <replacefilter token="@HOST@" value="${s1asCN}"/>
- </replace>
- <copy file="${application.xml}" tofile="${build.classes.dir}/META-INF/application.xml" failonerror="false"/>
- <jar jarfile="${assemble.dir}/${appname}App.ear">
- <fileset dir="${assemble.dir}">
- <include name="*.jar"/>
- <include name="*.war"/>
- </fileset>
- <fileset dir="${build.classes.dir}">
- <include name="META-INF/application.xml"/>
- <include name="META-INF/sun-application.xml"/>
- </fileset>
- </jar>
- </target>
-
- <target name="build-client" depends="compile-client">
- <mkdir dir="${assemble.dir}"/>
-
- <unjar src="${env.APS_HOME}/lib/reporter.jar" dest="${build.classes.dir}/client"/>
- <antcall target="package-appclientjar-common">
- <param name="appclientjar.files"
- value="${build.classes.dir}/client"/>
- <param name="appclient.jar"
- value="${assemble.dir}/${appname}-client.jar"/>
- <param name="appclientjar.classes"
- value="com/sun/**/*.class"/>
- </antcall>
- </target>
-
- <target name="build-deploy" depends="init-common">
- <antcall target="build-server"/>
- <antcall target="deploy-common"/>
- <antcall target="build-client"/>
- <antcall target="deploy-client-common"/>
- </target>
-
- <target name="run" depends="init-common">
- <exec executable="${APPCLIENT}">
- <env key="VMARGS" value=" -Djavax.net.ssl.trustStore=${mytruststore.db.file} -Djavax.net.ssl.trustStorePassword=${ssl.password} -Djavax.net.ssl.keyStore=${mykeystore.db.file} -Djavax.net.ssl.keyStorePassword=${ssl.password}"/>
- <arg line="-client" />
- <arg line="${assemble.dir}/${appname}-clientClient.jar"/>
- <arg line="-texauth"/>
- <arg line="-user" />
- <arg line="dummy" />
- <arg line="-password" />
- <arg line="dummy" />
- </exec>
- </target>
-
- <target name="undeploy" depends="init-common">
- <antcall target="undeploy-common"/>
- <antcall target="undeploy-client-common"/>
- </target>
-
- <target name="usage">
- <antcall target="usage-common"/>
- </target>
-</project>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/Client.java.template b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/Client.java.template
deleted file mode 100644
index 873fe6a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/Client.java.template
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.sslclientcert.client;
-
-import jakarta.xml.ws.WebServiceRef;
-
-import com.sun.s1asdev.security.wss.sslclientcert.ejbws.HelloEjb;
-import com.sun.s1asdev.security.wss.sslclientcert.ejbws.WssSslClientCertEjbService;
-import com.sun.s1asdev.security.wss.sslclientcert.servletws.HelloServlet;
-import com.sun.s1asdev.security.wss.sslclientcert.servletws.WssSslClientCertServletService;
-
-import com.sun.ejte.ccl.reporter.SimpleReporterAdapter;
-
-public class Client {
- private static SimpleReporterAdapter stat =
- new SimpleReporterAdapter("appserv-tests");
- private static String testSuite = "Sec:WSS SSL Client Cert test ";
-
- @WebServiceRef(wsdlLocation="https://@HOST@:@PORT@/WssSslClientCertEjbService/HelloEjb?WSDL")
- private static WssSslClientCertEjbService ejbService;
- @WebServiceRef(wsdlLocation="https://@HOST@:@PORT@/security-wss-sslclientcert/webservice/WssSslClientCertServletService/HelloServlet?WSDL")
- private static WssSslClientCertServletService servletService;
-
- public static void main(String[] args) {
- stat.addDescription("security-wss-sslclientcert");
- String description = null;
- try {
- // ejb ws
- HelloEjb ejbPort = ejbService.getHelloEjbPort();
- description = testSuite + " sslclientcert: ejb hello";
- String ejbMsg = ejbPort.hello("Sun Ejb");
- System.out.println(ejbMsg);
- if (ejbMsg != null && ejbMsg.startsWith("Hello Ejb, CN=@HOST@")) {
- stat.addStatus(description, stat.PASS);
- } else {
- stat.addStatus(description, stat.FAIL);
- }
-
- description = testSuite + " sslclientcert: ejb hello2";
- String ejbMsg2 = ejbPort.hello2("Sun Ejb - 2");
- System.out.println(ejbMsg2);
- if (ejbMsg2 != null && ejbMsg2.startsWith("Hello Ejb 2, CN=@HOST@")) {
- stat.addStatus(description, stat.PASS);
- } else {
- stat.addStatus(description, stat.FAIL);
- }
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- try {
- // servlet ws
- HelloServlet servletPort = servletService.getHelloServletPort();
- description = testSuite + " sslclientcert: servlet hello";
- String servletMsg = servletPort.hello("Sun Servlet");
- System.out.println(servletMsg);
- if (servletMsg != null && servletMsg.startsWith("Hello Servlet, CN=@HOST@")) {
- stat.addStatus(description, stat.PASS);
- } else {
- stat.addStatus(description, stat.FAIL);
- }
- } catch(Exception ex) {
- ex.printStackTrace();
- stat.addStatus(description, stat.FAIL);
- }
-
- stat.printSummary("security-wss-sslclientcert");
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/MANIFEST.MF b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/MANIFEST.MF
deleted file mode 100644
index 2f0095f..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/client/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-Main-Class: com.sun.s1asdev.security.wss.sslclientcert.client.Client
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/application.xml b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/application.xml
deleted file mode 100644
index 92757d8..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/application.xml
+++ /dev/null
@@ -1,32 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN" "http://java.sun.com/dtd/application_1_3.dtd">
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<application>
- <display-name>security-wss-sslclientcertApp</display-name>
- <module>
- <ejb>security-wss-sslclientcert-ejb.jar</ejb>
- </module>
- <module>
- <web>
- <web-uri>security-wss-sslclientcert-web.war</web-uri>
- <context-root>security-wss-sslclientcert</context-root>
- </web>
- </module>
-</application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-application.xml.template b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-application.xml.template
deleted file mode 100644
index 64a3d8c..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-application.xml.template
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-application>
- <security-role-mapping>
- <role-name>SECUSER</role-name>
- <principal-name>CN=@HOST@, OU=GlassFish, O=Sun Microsystems, L=Santa Clara, ST=California, C=US</principal-name>
- </security-role-mapping>
-</sun-application>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-ejb-jar.xml b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-ejb-jar.xml
deleted file mode 100644
index 4d7852d..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/sun-ejb-jar.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE sun-ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 8.0 EJB 2.1//EN' 'http://www.sun.com/software/sunone/appserver/dtds/sun-ejb-jar_2_1-0.dtd'>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<sun-ejb-jar>
- <enterprise-beans>
- <ejb>
- <ejb-name>HelloEjb</ejb-name>
- <webservice-endpoint>
- <port-component-name>HelloEjb</port-component-name>
- <login-config>
- <auth-method>CLIENT-CERT</auth-method>
- </login-config>
- <transport-guarantee>CONFIDENTIAL</transport-guarantee>
- </webservice-endpoint>
- </ejb>
- </enterprise-beans>
-</sun-ejb-jar>
-
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/web.xml b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/web.xml
deleted file mode 100644
index fc44e33..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/descriptor/web.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
- Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-
- This program and the accompanying materials are made available under the
- terms of the Eclipse Public License v. 2.0, which is available at
- http://www.eclipse.org/legal/epl-2.0.
-
- This Source Code may also be made available under the following Secondary
- Licenses when the conditions for such availability set forth in the
- Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- version 2 with the GNU Classpath Exception, which is available at
- https://www.gnu.org/software/classpath/license.html.
-
- SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-
--->
-
-<web-app xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:j2ee="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
-
- <description>SSL WebTier for the Hello Service</description>
- <display-name>HelloWAR</display-name>
- <servlet>
- <description>Endpoint for Hello Web Service</description>
- <display-name>HelloWebService</display-name>
- <servlet-name>HelloServlet</servlet-name>
- <servlet-class>com.sun.s1asdev.security.wss.sslclientcert.servletws.HelloServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>HelloServlet</servlet-name>
- <url-pattern>/webservice/WssSslClientCertServletService/HelloServlet</url-pattern>
- </servlet-mapping>
- <session-config>
- <session-timeout>54</session-timeout>
- </session-config>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Protected Area</web-resource-name>
- <url-pattern>/webservice/WssSslClientCertServletService/HelloServlet</url-pattern>
- <http-method>POST</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>SECUSER</role-name>
- </auth-constraint>
- <user-data-constraint>
- <transport-guarantee>CONFIDENTIAL</transport-guarantee>
- </user-data-constraint>
- </security-constraint>
- <login-config>
- <auth-method>CLIENT-CERT</auth-method>
- </login-config>
- <security-role>
- <role-name>SECUSER</role-name>
- </security-role>
-</web-app>
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/ejbws/HelloEjb.java b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/ejbws/HelloEjb.java
deleted file mode 100644
index 838e372..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/ejbws/HelloEjb.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.sslclientcert.ejbws;
-
-import jakarta.annotation.Resource;
-import jakarta.ejb.SessionContext;
-import jakarta.ejb.Stateless;
-import jakarta.jws.WebService;
-import jakarta.xml.ws.WebServiceContext;
-
-@Stateless
-@WebService(targetNamespace="http://ejbws.sslclientcert.wss.security.s1asdev.sun.com", serviceName="WssSslClientCertEjbService")
-public class HelloEjb {
- @Resource private SessionContext sc;
- @Resource WebServiceContext wsc;
-
- public String hello(String msg) {
- return "Hello Ejb, " + sc.getCallerPrincipal() + ": " + msg ;
- }
-
- public String hello2(String msg) {
- return "Hello Ejb 2, " + wsc.getUserPrincipal() + ": " + msg ;
- }
-}
diff --git a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/servletws/HelloServlet.java b/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/servletws/HelloServlet.java
deleted file mode 100644
index c5ab01a..0000000
--- a/appserver/tests/appserv-tests/devtests/security/wss/sslclientcert/servletws/HelloServlet.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v. 2.0, which is available at
- * http://www.eclipse.org/legal/epl-2.0.
- *
- * This Source Code may also be made available under the following Secondary
- * Licenses when the conditions for such availability set forth in the
- * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
- * version 2 with the GNU Classpath Exception, which is available at
- * https://www.gnu.org/software/classpath/license.html.
- *
- * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
- */
-
-package com.sun.s1asdev.security.wss.sslclientcert.servletws;
-
-import jakarta.annotation.Resource;
-import jakarta.jws.WebService;
-import jakarta.xml.ws.WebServiceContext;
-
-@WebService(targetNamespace="http://servletws.sslclientcert.wss.security.s1asdev.sun.com", serviceName="WssSslClientCertServletService")
-public class HelloServlet {
- @Resource WebServiceContext wsc;
-
- public String hello(String msg) {
- return "Hello Servlet, " + wsc.getUserPrincipal() + ": " + msg;
- }
-}