README revision ada1678a4262b208a7b87391f520a7767d25287c
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt MlinacIt tests the security feature of JavaEE service engine. JavaEE SE is used on consumer as well as on the provider side.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt MlinacAn EJB webservice is invoked by a servlet that requires authentication. This webservice method returns the caller principal associated with the invocation.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt MlinacA temporary file user is created in this test.
feb1dc670b0d4e1c6fcff58b35b36da3dfc5f18cJenny DonnellyHere is the invocation flow-
feb1dc670b0d4e1c6fcff58b35b36da3dfc5f18cJenny Donnelly1. Standalone client invokes the servlet after passing proper user credential.
feb1dc670b0d4e1c6fcff58b35b36da3dfc5f18cJenny Donnelly2. Apserver invokes the servlet with a Principal.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt Mlinac3. Servlet calls the EJB webservice.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt Mlinac4. EJB webservice returns the caller principal associated with the EJBContext.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt Mlinac5. Servlet sends the returned value of EJB webservice in the response.
f8b3c1bd4ebc59ec549f9564e169957c1e9a8ff4Matt Mlinac6. Client checks whether the returned principal matches with the one it was invoked.