h1. Overview Builds upon the [Injection of EntityManager Example] but adds the use of *@RolesAllowed* and *@PermitAll* in the @Stateful bean to restrict who can perform create, persist and remove operations on the EntityManager. Shows a TestCase using the *@RunAs* annotation to execute and test the bean code as various users. In this example we restrict the ability to create Movie Entities to a _Manager_ or an _Employee_. Reads are open to anyone, logged in or not. And delete operations are only allowed by a _Manager_. See the [Security Annotations] page for a full description of how the security annotations work. _The source for this example is in the "testing-security" directory located in the [openejb-examples.zip|OPENEJB:Download] available on the download page._ h1. The Code Just as with the [Testing Transactions Example] the magic of this unit test is in the *ManagerBean* and *EmployeeBean* @Stateless beans that we've tucked into our TestCase as inner classes. These beans allow us to execute our test code as either a Manager or as an Employee and test that Movies @Stateful bean is setup to restrict and permit calls according to our intended design. {snippet:id=code|url=openejb3/examples/testing-security/src/main/java/org/superbiz/injection/secure/MoviesImpl.java|lang=java} h1. Writing a unit test for the example {snippet:id=code|url=openejb3/examples/testing-security/src/test/java/org/superbiz/injection/secure/MovieTest.java|lang=java} Curious on the InitialContext parameters used? See the [Injection of DataSource Example] for an explanation of how any Resource can be configured via properties in the TestCase itself or via an openejb.xml file. h1. Running Running the example is fairly simple. In the "testing-security" directory of the [examples zip|OPENEJB:Download], just run: $ mvn clean install Which should create output like the following. {noformat} ------------------------------------------------------- T E S T S ------------------------------------------------------- Running org.superbiz.injection.secure.MovieTest Apache OpenEJB 3.0 build: 20080408-04:13 http://openejb.apache.org/ INFO - openejb.home = /Users/dblevins/work/openejb-3.0/examples/testing-security INFO - openejb.base = /Users/dblevins/work/openejb-3.0/examples/testing-security INFO - Configuring Service(id=Default Security Service, type=SecurityService, provider-id=Default Security Service) INFO - Configuring Service(id=Default Transaction Manager, type=TransactionManager, provider-id=Default Transaction Manager) INFO - Configuring Service(id=movieDatabaseUnmanaged, type=Resource, provider-id=Default JDBC Database) INFO - Configuring Service(id=movieDatabase, type=Resource, provider-id=Default JDBC Database) INFO - Configuring Service(id=Default JDK 1.3 ProxyFactory, type=ProxyFactory, provider-id=Default JDK 1.3 ProxyFactory) INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Found EjbModule in classpath: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Configuring Service(id=Default Stateful Container, type=Container, provider-id=Default Stateful Container) INFO - Auto-creating a container for bean Movies: Container(type=STATEFUL, id=Default Stateful Container) INFO - Configuring PersistenceUnit(name=movie-unit) INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - Configuring app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Configuring Service(id=Default Stateless Container, type=Container, provider-id=Default Stateless Container) INFO - Auto-creating a container for bean EmployeeBean: Container(type=STATELESS, id=Default Stateless Container) INFO - Loaded Module: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes INFO - PersistenceUnit(name=movie-unit, provider=org.apache.openjpa.persistence.PersistenceProviderImpl) ERROR - JAVA AGENT NOT INSTALLED. The JPA Persistence Provider requested installation of a ClassFileTransformer which requires a JavaAgent. See http://openejb.apache.org/3.0/javaagent.html INFO - Jndi(name=MoviesLocal) --> Ejb(deployment-id=Movies) INFO - Created Ejb(deployment-id=Movies, ejb-name=Movies, container=Default Stateful Container) INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/classes) INFO - Assembling app: /Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes INFO - Jndi(name=EmployeeBeanLocal) --> Ejb(deployment-id=EmployeeBean) INFO - Jndi(name=ManagerBeanLocal) --> Ejb(deployment-id=ManagerBean) INFO - Created Ejb(deployment-id=EmployeeBean, ejb-name=EmployeeBean, container=Default Stateless Container) INFO - Created Ejb(deployment-id=ManagerBean, ejb-name=ManagerBean, container=Default Stateless Container) INFO - Deployed Application(path=/Users/dblevins/work/openejb-3.0/examples/testing-security/target/test-classes) Tests run: 3, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.109 sec Results : Tests run: 3, Failures: 0, Errors: 0, Skipped: 0 {noformat}