Security role testing using an embeddable container and properties object

摘要

Mechanisms are provided for performing security role definition testing. An application is received in a container of a runtime environment of the data processing system. The application has methods and security role definitions associated with the methods. A properties object, which specifies a user identifier to security role mapping, is received in the container. A test application is executed, in the container, by the processor, on an execution of the methods of the application based on the user identifier to security role mapping and the security role definitions. The test application tests an operation of the application with regard to the security role definitions. A result of the execution of the test application on the execution of the methods of the application is then output.

主权项

1. A method, in a data processing system having at least one processor, for performing security role definition testing, comprising:
receiving, in a container of a runtime environment of the data processing system, an application having one or more methods and one or more security role definitions associated with the one or more methods; receiving, in the container, a properties object specifying both a user identifier to security role mapping structure that maps a plurality of user identifiers to corresponding security roles, and one or more test user identifiers to use to test an execution of the one or more methods of the application; executing, in the container, by the processor, a test application on the execution of the one or more methods of the application based on the user identifier to security role mapping structure in the properties object, the one or more test user identifiers in the properties object, and the security role definitions, wherein the test application tests an operation of the application with regard to the security role definitions by correlating the one or more test user identifiers with corresponding security roles using the user identifier to security role mapping structure and comparing the corresponding security roles of the one or more test user identifiers to the security role definitions associated with the one or more methods; and outputting a result of the execution of the test application on the execution of the one or more methods of the application, wherein the execution of the test application on the execution of the one or more methods of the application comprises: executing the application within the container; in response to a method, in the one or more methods, being invoked during the execution of the application, checking input properties from the properties object to determine if an invocation user identifier is supplied by the properties object; and in response to an invocation user identifier being supplied by the properties object, generating a Subject object prior to verification of the invocation user identifier.