Browse DevX
Sign up for e-mail newsletters from DevX


Unit Test Secured EJBs in Production : Page 5

Unit testing EJBs that are secured through permissions is complex. Learn how to unit test secured EJBs and EJB-based applications in the same production environment without needing to switch off the permission settings.


Run the Unit Tests

To run the unit tests from your browser, simply point your browser to: http://localhost:4085/SampleWeb/TestServlet. The port should be the one on which the Web Project (in this case, SampleWeb) is deployed. The browser will list all the tests to be run, which are listed in the testCase.txt file. You can select and run one, many, or all the tests.

To run the unit tests from an ant build script, take the following steps:

  1. Put the junitee-anttask.jar from JUnitEE in the WEB-INF/lib folder of the Web Project.
  2. Create a build.xml file similar to the following in the WebContent folder:
        <?xml version="1.0" encoding="iso-8859-1"?>
    <project name="SampleWeb" default="do-run-tests" basedir=".">
    	<taskdef name="sampletask" classname="org.junitee.anttask.JUnitEETask">
    	    <pathelement location="WEB-INF/lib/junitee-anttask.jar"/>
    	<target name=" do-run-tests ">
    	  <sampletask url="http://localhost:4085/SampleWeb/TestServlet" printsummary="true">
    	    <test runall="true"/>

Testing Secured EJB-based Apps in Production

Of course, you can use the concepts in this article to unit test secured EJBs that are deployed in application servers other than IBM WebSphere. To make programmatic login into the application server, you first need to identify the initial context factory relevant to your particular app server and then put it in the servlet code. Next, you need the proper JAAS login module in the app server in order to create a successful login context. You could also create and use a custom JAAS login module. Lastly, you need to modify your code so it can run the test cases in the authenticated context of your app server.

By unit testing secured EJBs in the way described here, you gain the advantage of testing EJB-based applications in the same runtime production environment without needing to switch off the role-based, method-level permission settings. As a result, you minimize the risk of your tests failing when they run in user acceptance test (UAT) or production environments.

Gopal Sharma is a manager with Capgemini India. He has a wide range of experience with Java technologies and has assumed many project roles, from developer to architect.
Thanks for your registration, follow us on our social networks to keep up-to-date