如何使用Arquillian测试登录/身份验证 - Java EE 7 [英] How to test login/authentication with Arquillian - Java EE 7
问题描述
我们有一个Java EE 7应用程序并使用Arquillian来测试内容。现在我们要检查当前登录用户的一些权限。我的问题很基本,如何在测试用例中登录用户?我已阅读 ProgrammaticLogin在arquillian测试中不起作用和嵌入式Glassfish,安全性和Arquillian问题,但没有明确答案。我目前的做法是这样的:
We have a Java EE 7 application and use Arquillian to test stuff. Now we want to check for some permissions of the currently logged in user. My question is quite basic, how do I login a user when inside a testcase? I have read ProgrammaticLogin doesnt work in arquillian tests and Embedded Glassfish, security and Arquillian questions but they are not clearly answered. My current approach is something like this:
// Inject services etc.
@Test
public void testLogin(){
UserAccount user = new UserAccount();
user.setUsername("bob");
user.setPassword("bob");
userAccountService.save(user);
ProgrammaticLogin pl = new ProgrammaticLogin();
String realmName = "secureJDBCRealm";
try {
pl.login("bob", "bob".toCharArray(), realmName, true);
} catch (Exception e){
e.printStackTrace();
}
}
现在当我尝试运行它时,得到一个LoginException声称我没有为fileRealm配置LoginModule。但是fileRealm不是我正在寻找的领域(我把它放在那里进行第一次测试,但后来我将其改为secureJDBCRealm,这是我们为GlassFish定制的安全领域)。我们使用 arquillian-glassfish-embedded-3.1 进行测试。
Now when I try to run this, a get a LoginException claiming that I have no LoginModule configured for "fileRealm". But "fileRealm" is not the realm i am searching for (I put it there to test first time, but then i changed it to "secureJDBCRealm", which is our custom Security Realm for GlassFish). We use arquillian-glassfish-embedded-3.1 for testing.
- 有谁知道在哪里定义Arquillian的境界?
- 为什么我的应用程序一直在寻找fileRealm?这是默认值吗? (在这里找不到任何规格)
推荐答案
Arquillian不提供任何定义支持境界。相反,您需要自己在容器中配置域。使用嵌入式Glassfish容器时这有点棘手但是可行。
Arquillian does not provide any support for defining realms. Instead you need to configure the realm in the container yourself. This is somewhat tricky when using an embedded Glassfish container but it is doable.
我假设 secureJDBCRealm 是一个自定义领域而不是标准/内置Glassfish领域之一。要在嵌入式Glassfish容器中配置自定义域,您需要:
I am assuming that secureJDBCRealm is a custom realm and not one of the standard/built-in Glassfish Realms. In order to configure a custom realm in a embedded Glassfish container you need to:
-
放置
登录.conf引用该领域的测试类路径上的文件。为此,请在资源目录中添加一个config目录,并在该目录中放置login.conf。您的login.conf将如下所示
Place a
login.conffile on the test class path that references the realm. To do this add a config directory to your resources directory and placelogin.confinside that directory. Yourlogin.confwill look something like this
secureJDBCRealm {
com.blah.blah.LoginModule required;
};
您的自定义领域以及任何依赖项都需要位于测试类路径上。
Your custom realm along with any dependencies need to be on the test class path.
您需要以编程方式在glassfish中创建领域。这可以通过org.glassfish.embeddable.CommandRunner完成。幸运的是,Arquillian Embedded Container通过JNDI提供此功能,这意味着您可以执行以下操作:
You need to programmatically create the realm in glassfish. This can be done via org.glassfish.embeddable.CommandRunner. Luckily the Arquillian Embedded Container makes this available via JNDI which means you can do the following:
@Resource(mappedName = "org.glassfish.embeddable.CommandRunner") CommandRunner commandRunner;
public void configureLoginRealm() {
CommandResult commandResult = commandRunner.run("create-auth-realm", "--classname=com.blah.blah.SecureJDBCRealm", "--property=jaas-context= secureJDBCRealm", "secure-JDBC-realm");
log.debug(commandResult.getExitStatus().toString() + " " + commandResult.getOutput());
Throwable throwable = commandResult.getFailureCause();
if (throwable != null) {
log.error(throwable.getMessage(), throwable);
}
}
}
然后您可以通过编程方式登录
You can then programmatically login with
ProgrammaticLogin pl = new ProgrammaticLogin();
String realmName = "secureJDBCRealm";
try {
pl.login("bob", "bob".toCharArray(), realmName, true);
} catch (Exception e){
e.printStackTrace();
} finally {
pl.logout();
}
这篇关于如何使用Arquillian测试登录/身份验证 - Java EE 7的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
