loginContext = new LoginContext("foo", new Subject(), new UsernamePasswordHandler(userName, new char[0]),
CLIENT_LOGIN_CONFIG);
loginContext.login();
// register the client side interceptor
final Registration clientInterceptorHandler = EJBClientContext.requireCurrent().registerInterceptor(112567,
new ClientSecurityInterceptor());
final Manage targetBean = EJBUtil.lookupEJB(TargetBean.class, Manage.class);
final Manage bridgeBean = EJBUtil.lookupEJB(BridgeBean.class, Manage.class);
//test direct access
testMethodAccess(targetBean, ManageMethodEnum.ALLROLES, true);
testMethodAccess(targetBean, ManageMethodEnum.ROLE1, hasRole1);
testMethodAccess(targetBean, ManageMethodEnum.ROLE2, hasRole2);
//test security context propagation
testMethodAccess(bridgeBean, ManageMethodEnum.ALLROLES, true);
testMethodAccess(bridgeBean, ManageMethodEnum.ROLE1, hasRole1);
testMethodAccess(bridgeBean, ManageMethodEnum.ROLE2, hasRole2);
clientInterceptorHandler.remove();
} finally {
if (loginContext != null) {
loginContext.logout();
}
}