[
https://issues.apache.org/jira/browse/GERONIMO-5581?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Han Hong Fang updated GERONIMO-5581:
------------------------------------
Attachment: GERONIMO-5581.patch
Patch is ready with following test cases.
1. Test @ServletSecurity when servlet is added using ServletCotext.addServet ()
- servlet is added via servlet instance which is created using
ServletContext.createServlet()
- servlet is added via servlet instance which is NOT created using
ServletContext.createServlet() [...@servletsecurity will not take effect in
this case]
- servlet is added
2. Test setServletSecurity of ServletRegistration.Dynamic
- set servletSecurity on URL which is already configured in web.xml
<security-constraint>
- set servletSecurity on URL which is NOT configured in web.xml
- add URL mapping after servletSecurity
Please help to review, thanks!
BTW, the test case will success only when
https://issues.apache.org/jira/browse/GERONIMO-5577 is implemented.
> Add test case for programmatic access control on servlet
> --------------------------------------------------------
>
> Key: GERONIMO-5581
> URL: https://issues.apache.org/jira/browse/GERONIMO-5581
> Project: Geronimo
> Issue Type: Test
> Security Level: public(Regular issues)
> Components: testsuite
> Affects Versions: 3.0
> Reporter: Han Hong Fang
> Assignee: Han Hong Fang
> Priority: Minor
> Attachments: GERONIMO-5581.patch
>
>
> Servlet 3.0 provides annotations and apis provided to programmatically
> configure the security constraints enforced by the Servlet Container. Need
> test case for this feature.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
