SecurityTests A secured project repository stateful session bean ProjRepository org.jboss.test.security.interfaces.ProjRepositoryHome org.jboss.test.security.interfaces.ProjRepository org.jboss.test.security.ejb.project.ProjRepositoryBean Stateful Container A secured project repository stateful session bean StatefulSession org.jboss.test.security.interfaces.StatefulSessionHome org.jboss.test.security.interfaces.StatefulSession org.jboss.test.security.ejb.StatefulSessionBean Stateful Container A secured trival echo session bean UncheckedSession org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.UncheckedSessionBean Stateless Container EchoCaller Echo A deployment of UncheckedSessionBean that requires the Echo security role for the echo method and unchecked for the rest. Its method permission for the echo method is defined before the unchecked methods. UncheckedSessionRemoteFirst org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.UncheckedSessionBean Stateless Container EchoCaller Echo A deployment of UncheckedSessionBean that requires the Echo security role for the echo method and unchecked for the rest. Its method permission for the echo method is defined after the unchecked methods. UncheckedSessionRemoteLast org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.UncheckedSessionBean Stateless Container EchoCaller Echo A secured trival echo session bean StatelessSession org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.StatelessSessionBean Stateless Container EchoCaller Echo A secured trival echo session bean StatelessSessionInDomain org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.StatelessSessionBean Stateless Container EchoCaller Echo A secured echo session bean that calls a StatelessSessionLocal when its invokeEcho method is called. CallerBean org.jboss.test.security.interfaces.CalledSessionHome org.jboss.test.security.interfaces.CalledSession org.jboss.test.security.ejb.CallerBean Stateless Container ejb/local/CalleeHome Session org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal CalleeBean EchoCaller Echo A secured echo session bean that calls its CalledSessionLocalHome ejb-local-ref link invokeEcho method to test identity propagation. testRunAsSFSB CallerFacadeBean-testRunAsSFSB.invokeEcho() CallerFacadeTargetSFSB.invokeEcho() CallerFacadeTargetCallee.echo() CallerFacadeBean-testRunAsSFSB org.jboss.test.security.interfaces.CalledSessionHome org.jboss.test.security.interfaces.CalledSession org.jboss.test.security.ejb.CallerFacadeBean Stateless Container ejb/CalledSessionLocalHome Session org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal CallerFacadeTargetSFSB A secured echo session bean that calls its SessionLocalHome ejb-local-ref link invokeEcho method to test identity propagation. CallerFacadeTargetSFSB org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal org.jboss.test.security.ejb.FacadeTargetBean Stateful Container ejb/local/StatelessSessionLocalHome Session org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal CallerFacadeTargetCallee EchoCaller EchoLocal Use a role that is not assigned to any users to access restricted server side functionallity InternalRole A secured echo session bean that is called by CallerFacadeTarget* CallerFacadeTargetCallee org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.CalleeBean Stateless Container EchoCaller EchoLocal A secured echo session bean that calls a StatelessSessionLocal when its invokeEcho method is called, and calls another CalledSession invokeEcho when its callEcho method is called. This uses a run-as role of InternalRole to test propagation of this role. Level1CallerBean.callEcho() + Level2CallerBean.invokeEcho() + Level3CalleeBean.echo() Level1CallerBean org.jboss.test.security.interfaces.CalledSessionHome org.jboss.test.security.interfaces.CalledSession org.jboss.test.security.ejb.CallerBean Stateless Container Another CallerBean used to test run-as propagation ejb/CallerHome Session org.jboss.test.security.interfaces.CalledSessionHome org.jboss.test.security.interfaces.CalledSession Level2CallerBean ejb/local/CalleeHome Session org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal CalleeBean EchoCaller Echo InternalRole InternalRole InternalRole A secured echo session bean that calls a StatelessSessionLocal when its invokeEcho method is called, and calls another CalledSession invokeEcho when its callEcho method is called. This uses a run-as role of InternalRole to test propagation of this role. DeepRunAsMDB + Level1CallerBean.callEcho() + Level2CallerBean.invokeEcho() + Level3CalleeBean.echo() Level1MDBCallerBean org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal org.jboss.test.security.ejb.CallerBean Stateless Container Another CallerBean used to test run-as propagation ejb/CallerHome Session org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal Level2CallerBean ejb/local/CalleeHome Session org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal CalleeBean EchoCaller Echo InternalRole InternalRole A caller bean that is called by the Level2CallerBean org.jboss.test.security.interfaces.CalledSessionHome org.jboss.test.security.interfaces.CalledSession org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal org.jboss.test.security.ejb.CallerBean Stateless Container ejb/local/CalleeHome Session org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal Level3CalleeBean EchoCaller Echo InternalRole InternalRole A secured echo session bean that is called by CallerBean CalleeBean org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.CalleeBean Stateless Container EchoCaller Echo A secured echo session bean that is called by CallerBean Level3CalleeBean org.jboss.test.security.interfaces.StatelessSessionLocalHome org.jboss.test.security.interfaces.StatelessSessionLocal org.jboss.test.security.ejb.CalleeBean Stateless Container EchoCaller Echo A secured trival echo session bean that calls getCallerPrincpal in ejbCreate SecureCreateSession org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean4 Stateless Container A secured trival echo session bean org/jboss/test/security/ejb/StatelessSession_test org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean Stateless Container EchoCaller Echo A secured trival echo session bean that uses Entity StatelessSession2 org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean2 Stateless Container ejb/Entity Entity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity Entity ejb/Session Session org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession StatelessSession A secured trival echo session bean that uses PrivateEntity, StatelessSession and itself via a runAs identity RunAsStatelessSession org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean3 Stateless Container ejb/Entity Entity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity PrivateEntity ejb/Session Session org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession StatelessSession Use a role that is not assigned to any users to access restricted server side functionallity InternalRole An unsecured trival echo session bean UnsecureStatelessSession org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean Stateless Container An unsecured trival echo session bean type 2 UnsecureStatelessSession2 org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession org.jboss.test.security.ejb.StatelessSessionBean2 Stateless Container ejb/Entity Entity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity Entity ejb/Session Session org.jboss.test.security.interfaces.StatelessSessionHome org.jboss.test.security.interfaces.StatelessSession StatelessSession A secured session bean that validates the UserInRoleContextSession org.jboss.test.security.interfaces.SecurityContextHome org.jboss.test.security.interfaces.SecurityContext org.jboss.test.security.ejb.SecurityContextBean Stateless Container ejb/CalledBean Session org.jboss.test.security.interfaces.SecurityContextHome org.jboss.test.security.interfaces.SecurityContext UserInRoleContextSessionTarget UserInRoleContextSessionTarget org.jboss.test.security.interfaces.SecurityContextHome org.jboss.test.security.interfaces.SecurityContext org.jboss.test.security.ejb.SecurityContextBean Stateless Container A stateless session echo bean facade PublicSessionFacade org.jboss.test.security.ejb.jbas1852.SessionFacadeHome org.jboss.test.security.ejb.jbas1852.SessionFacade org.jboss.test.security.ejb.jbas1852.PublicSessionFacade Stateless Container ejb/TargetEJB Session org.jboss.test.security.ejb.jbas1852.SessionHome org.jboss.test.security.ejb.jbas1852.Session PublicSession EchoUser Echo A trival stateless session echo bean PublicSession org.jboss.test.security.ejb.jbas1852.SessionHome org.jboss.test.security.ejb.jbas1852.Session org.jboss.test.security.ejb.jbas1852.PublicSessionBean Stateless Container ejb/PrivateSession Session org.jboss.test.security.ejb.jbas1852.SessionHome org.jboss.test.security.ejb.jbas1852.Session PrivateSession EchoUser Echo InternalUser A trival stateful session echo bean PrivateSession org.jboss.test.security.ejb.jbas1852.SessionHome org.jboss.test.security.ejb.jbas1852.Session org.jboss.test.security.ejb.jbas1852.PrivateSessionBean Stateful Container InternalUser InternalUser A trival echo entity bean Entity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity org.jboss.test.security.ejb.EntityBeanImpl Bean java.lang.String False A trival echo entity bean that should only be accessible via other beans PrivateEntity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity org.jboss.test.security.ejb.EntityBeanImpl Bean java.lang.String False InternalRole InternalRole An mdb that access an entity bean as InternalUser RunAsMDB org.jboss.test.security.ejb.RunAsMDB Container javax.jms.Queue NonDurable ejb/Entity Entity org.jboss.test.security.interfaces.EntityHome org.jboss.test.security.interfaces.Entity PrivateEntity Use a role that is not assigned to any users to access restricted server side functionallity InternalRole Default QueueFactory jms/QueFactory javax.jms.QueueConnectionFactory Container An mdb that access an entity bean as InternalUser to test propagation of the run-as role through several levels DeepRunAsMDB org.jboss.test.security.ejb.RunAsPropagationMDB Container javax.jms.Queue NonDurable ejb/CalledSessionLocalHome Entity org.jboss.test.security.interfaces.CalledSessionLocalHome org.jboss.test.security.interfaces.CalledSessionLocal Level1MDBCallerBean Use a role that is not assigned to any users to access restricted server side functionallity InternalRole Default QueueFactory jms/QueFactory javax.jms.QueueConnectionFactory Container An mdb that access a session bean with multiple roles RunAsWithRolesMDB org.jboss.test.security.ejb.RunAsWithRolesMDB Container javax.jms.Queue NonDurable ejb/ProjRepository Session org.jboss.test.security.interfaces.ProjRepositoryHome org.jboss.test.security.interfaces.ProjRepository ProjRepository Use a role that is not assigned to any users to access restricted server side functionallity. This needs to be augmented with additional roles by the jboss.xml security-identity element. InternalRole Default QueueFactory jms/QueFactory javax.jms.QueueConnectionFactory Container The role required to invoke the echo method Echo The role required to invoke the echo method using the StatelessSessionLocal interface EchoLocal The role used to prevent access to the PrivateEntity bean from external users. InternalRole ProjectAdmin CreateFolder DeleteFolder Role1 Role2 Echo UncheckedSessionRemoteFirst Remote echo InternalRole UncheckedSessionRemoteFirst Remote excluded UncheckedSessionRemoteFirst * UserInRoleContextSessionTarget * UncheckedSessionRemoteLast * Echo UncheckedSessionRemoteLast Remote echo InternalRole UncheckedSessionRemoteLast Remote excluded StatelessSession unchecked UncheckedSession create UncheckedSession unchecked Echo StatelessSession create StatelessSession remove StatelessSession echo StatelessSession npeError StatefulSession Home create StatefulSession Home remove StatefulSession Remote * CallerBean * CallerFacadeBean-testRunAsSFSB * Level1CallerBean * org/jboss/test/security/ejb/StatelessSession_test * SecureCreateSession * StatelessSession2 * Entity * RunAsStatelessSession create RunAsStatelessSession remove RunAsStatelessSession echo RunAsStatelessSession forward RunAsStatelessSession noop StatelessSessionInDomain * EchoLocal CalleeBean LocalHome create CalleeBean Local echo CallerFacadeTargetSFSB * InternalRole PrivateEntity * RunAsStatelessSession excluded Level1MDBCallerBean * Level2CallerBean * Level3CalleeBean * CallerFacadeTargetCallee * ProjectUser ProjRepository * ProjectAdmin ProjRepository Home * ProjRepository Remote remove CreateFolder ProjRepository Remote createFolder ProjRepository Remote createItem DeleteFolder ProjRepository Remote deleteFolder ProjRepository Remote deleteItem Role1 UserInRoleContextSession * Role2 UserInRoleContextSession * Echo PublicSession * PublicSessionFacade * InternalUser PrivateSession * A method that no one can access in this deployment StatelessSession excluded StatelessSession2 excluded StatelessSessionInDomain excluded