geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xuhaih...@apache.org
Subject svn commit: r1001122 - in /geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src: main/java/org/apache/geronimo/testsuite/listener/ main/java/org/apache/geronimo/testsuite/servlet30/main/ main/webapp/WEB-INF/ test/java/org/apac...
Date Sat, 25 Sep 2010 01:50:54 GMT
Author: xuhaihong
Date: Sat Sep 25 01:50:54 2010
New Revision: 1001122

URL: http://svn.apache.org/viewvc?rev=1001122&view=rev
Log:
GERONIMO-5581 Add test case for programmatic access control on servlet (Patch from Han Hong
Fang)

Added:
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
  (with props)
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
  (with props)
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
  (with props)
Modified:
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet4.java
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServletContextListener.java
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
    geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java

Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java?rev=1001122&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
(added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
Sat Sep 25 01:50:54 2010
@@ -0,0 +1,71 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.testsuite.listener;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRegistration.Dynamic;
+import javax.servlet.annotation.WebListener;
+
+import org.apache.geronimo.testsuite.servlet30.main.SampleServlet5;
+import org.apache.geronimo.testsuite.servlet30.main.SampleServlet6;
+
+@WebListener (value="testListener")
+public class TestListener implements ServletContextListener {
+
+    /* (non-Javadoc)
+     * @see javax.servlet.ServletContextListener#contextDestroyed(javax.servlet.ServletContextEvent)
+     */
+    @Override
+    public void contextDestroyed(ServletContextEvent arg0) {
+        // TODO Auto-generated method stub
+
+    }
+
+    /* (non-Javadoc)
+     * @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)
+     */
+    @Override
+    public void contextInitialized(ServletContextEvent arg0) {
+        ServletContext servletContext = arg0.getServletContext();
+        try {
+            // addServlet takes instance created by ServletContext.createServlet()
+            Servlet servlet5_1 = servletContext.createServlet(SampleServlet5.class);
+            Dynamic dynamic5_1 = servletContext.addServlet("Sample Servlet 5_1", servlet5_1);
+            dynamic5_1.addMapping("/SampleServlet5_1", "/SampleServlet5_1/*");
+
+            // addServlet takes instance which is not created by ServletContext.createServlet()
+            Dynamic dynamic5_2 = servletContext.addServlet("Sample Servlet 5_2", new SampleServlet5());
+            dynamic5_2.addMapping("/SampleServlet5_2", "/SampleServlet5_2/*");
+
+            // addServlet takes className
+            Dynamic dynamic5_3 = servletContext.addServlet("Sample Servlet 5_3", SampleServlet5.class);
+            dynamic5_3.addMapping("/SampleServlet5_3", "/SampleServlet5_3/*");
+
+            //
+            Servlet servlet6 = servletContext.createServlet(SampleServlet6.class);
+            Dynamic dynamic6 = servletContext.addServlet("Sample Servlet 6", servlet6);
+            dynamic6.addMapping("/SampleServlet6_1");
+
+        } catch (ServletException e) {
+            e.printStackTrace();
+        }
+    }
+}

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/listener/TestListener.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet4.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet4.java?rev=1001122&r1=1001121&r2=1001122&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet4.java
(original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet4.java
Sat Sep 25 01:50:54 2010
@@ -20,11 +20,10 @@ package org.apache.geronimo.testsuite.se
 import java.io.IOException;
 import java.io.PrintWriter;
 
+import javax.servlet.ServletException;
 import javax.servlet.annotation.HttpMethodConstraint;
 import javax.servlet.annotation.ServletSecurity;
-import javax.servlet.annotation.HttpConstraint;
 import javax.servlet.annotation.WebServlet;
-import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java?rev=1001122&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
(added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
Sat Sep 25 01:50:54 2010
@@ -0,0 +1,50 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.testsuite.servlet30.main;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.HttpMethodConstraint;
+import javax.servlet.annotation.ServletSecurity;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * 
+ * 
+ * @version $Rev$ $Date$
+ */
+@ServletSecurity(httpMethodConstraints = { @HttpMethodConstraint(value = "GET", rolesAllowed
= "RoleA") })
+public class SampleServlet5 extends HttpServlet {
+
+    private static final long serialVersionUID = 5075453419235275644L;
+
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
+        PrintWriter printWriter = response.getWriter();
+        printWriter.write("SampleServlet5.doGet");
+    }
+
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException,
+            IOException {
+        PrintWriter printWriter = response.getWriter();
+        printWriter.write("SampleServlet5.doPost");
+    }
+
+}

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet5.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java?rev=1001122&view=auto
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
(added)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
Sat Sep 25 01:50:54 2010
@@ -0,0 +1,51 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.testsuite.servlet30.main;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.HttpMethodConstraint;
+import javax.servlet.annotation.ServletSecurity;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * 
+ *
+ * @version $Rev$ $Date$
+ */
+
+@ServletSecurity(httpMethodConstraints = { @HttpMethodConstraint(value = "POST", rolesAllowed
= "RoleB") })
+public class SampleServlet6 extends HttpServlet {
+
+    private static final long serialVersionUID = -1867040388042290640L;
+
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
+        PrintWriter printWriter = response.getWriter();
+        printWriter.write("SampleServlet6.doGet");
+    }
+
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException,
+            IOException {
+        PrintWriter printWriter = response.getWriter();
+        printWriter.write("SampleServlet6.doPost");
+    }
+    
+}

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServlet6.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServletContextListener.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServletContextListener.java?rev=1001122&r1=1001121&r2=1001122&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServletContextListener.java
(original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/java/org/apache/geronimo/testsuite/servlet30/main/SampleServletContextListener.java
Sat Sep 25 01:50:54 2010
@@ -23,12 +23,11 @@ import java.util.Set;
 
 import javax.servlet.HttpConstraintElement;
 import javax.servlet.HttpMethodConstraintElement;
-import javax.servlet.Servlet;
 import javax.servlet.ServletContext;
 import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletContextListener;
-import javax.servlet.ServletSecurityElement;
 import javax.servlet.ServletRegistration.Dynamic;
+import javax.servlet.ServletSecurityElement;
 import javax.servlet.annotation.ServletSecurity;
 import javax.servlet.annotation.WebListener;
 
@@ -44,9 +43,9 @@ public class SampleServletContextListene
 
     @Override
     public void contextInitialized(ServletContextEvent servletContextEvent) {
-    	
+
         ServletContext servletContext = servletContextEvent.getServletContext();
-                
+
         //dynamic register /SampleServlet3Dynamic and security constraint
         Dynamic servlet3Dynamic = servletContext.addServlet("SampleServlet3Dynamic", SampleServlet3.class);
         servlet3Dynamic.addMapping("/SampleServlet3Dynamic", "/TestDynamic");
@@ -58,5 +57,6 @@ public class SampleServletContextListene
         if (uneffectedUrlPatterns.size() == 0) {
             throw new RuntimeException("/SampleServlet3Dynamic should be returned as it is
defined in the web.xml file");
         }
+        servlet3Dynamic.addMapping("/TestDynamicAfter");
     }
 }

Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml?rev=1001122&r1=1001121&r2=1001122&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
(original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/main/webapp/WEB-INF/web.xml
Sat Sep 25 01:50:54 2010
@@ -38,6 +38,12 @@
         <servlet-name>SampleServlet3</servlet-name>
         <servlet-class>org.apache.geronimo.testsuite.servlet30.main.SampleServlet3</servlet-class>
     </servlet>
+     <servlet>
+        <description></description>
+        <display-name>SampleServlet6</display-name>
+        <servlet-name>SampleServlet6</servlet-name>
+        <servlet-class>org.apache.geronimo.testsuite.servlet30.main.SampleServlet6</servlet-class>
+    </servlet>
     <servlet>
         <description></description>
         <display-name>LoginServlet</display-name>
@@ -61,6 +67,10 @@
         <url-pattern>/SampleServlet3</url-pattern>
         <url-pattern>/SampleServlet3/*</url-pattern>
     </servlet-mapping>
+    <servlet-mapping>
+        <servlet-name>SampleServlet6</servlet-name>
+        <url-pattern>/SampleServlet6</url-pattern>
+    </servlet-mapping>
     
     <servlet-mapping>
         <servlet-name>LoginServlet</servlet-name>
@@ -95,6 +105,28 @@
         </auth-constraint>
     </security-constraint>
     
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>resource3</web-resource-name>
+            <url-pattern>/SampleServlet2</url-pattern>
+            <http-method>POST</http-method>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>RoleB</role-name>
+        </auth-constraint>
+    </security-constraint>
+    
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>resource6</web-resource-name>
+            <url-pattern>/SampleServlet6</url-pattern>
+            <http-method>GET</http-method>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>RoleA</role-name>
+        </auth-constraint>
+    </security-constraint>
+    
     <login-config>
         <auth-method>BASIC</auth-method>
         <realm-name>demo-properties-realm</realm-name>

Modified: geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java?rev=1001122&r1=1001121&r2=1001122&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java
(original)
+++ geronimo/server/trunk/testsuite/javaee6-testsuite/servlet3.0-security-test/src/test/java/org/apache/geronimo/testsuite/servlets/ServletsTest.java
Sat Sep 25 01:50:54 2010
@@ -21,11 +21,6 @@ package org.apache.geronimo.testsuite.se
 
 import java.net.HttpURLConnection;
 
-import javax.servlet.annotation.HttpMethodConstraint;
-import javax.servlet.annotation.ServletSecurity;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-
 import org.apache.commons.httpclient.Credentials;
 import org.apache.commons.httpclient.HttpClient;
 import org.apache.commons.httpclient.HttpMethodBase;
@@ -33,14 +28,13 @@ import org.apache.commons.httpclient.Use
 import org.apache.commons.httpclient.auth.AuthScope;
 import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.httpclient.methods.PostMethod;
-
+import org.apache.geronimo.testsupport.SeleniumTestSupport;
 import org.testng.Assert;
 import org.testng.annotations.Test;
-import org.apache.geronimo.testsupport.SeleniumTestSupport;
 
 public class ServletsTest extends SeleniumTestSupport {
-       
-/**In web.xml, it reads as follows: 
+
+/**In web.xml, it reads as follows:
  *     <security-constraint>
  *        <web-resource-collection>
  *        	<web-resource-name>resource1</web-resource-name>
@@ -54,7 +48,7 @@ public class ServletsTest extends Seleni
  */
 
 	/**
-	 * Test1 
+	 * Test1
 	 * test <http-method-omission>
 	 */
    @Test
@@ -87,7 +81,7 @@ public class ServletsTest extends Seleni
     public void test_SampleServlet2_GET_RoleA_Success() throws Exception {
         Assert.assertEquals(invoke("/SampleServlet2" , "GET", "alan" , "starcraft" ) , HttpURLConnection.HTTP_OK);
     }
-    
+
     /**
 	 * Test4
 	 */
@@ -106,7 +100,7 @@ public class ServletsTest extends Seleni
     public void test_SampleServlet4_POST_RoleB_Success() throws Exception {
         Assert.assertEquals(invoke("/SampleServlet4", "POST", "george", "bone"), HttpURLConnection.HTTP_OK);
     }
-    
+
 	/**
 	 * Test6
 	 */
@@ -122,7 +116,7 @@ public class ServletsTest extends Seleni
     public void test_SampleServlet3_All_Success() throws Exception {
         Assert.assertEquals(invoke("/SampleServlet3", "POST", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
     }
-    
+
 	/**
 	 * Test8
 	 * URL "/SampleServlet3Dynamic" are set both in web.xml and ServletRegistration.Dynamic
@@ -134,7 +128,7 @@ public class ServletsTest extends Seleni
     public void test_SampleServlet3Dynamic_GET_RoleC_Fail() throws Exception {
         Assert.assertEquals(invoke("/SampleServlet3Dynamic", "GET", "gracie", "biscuit"),
HttpURLConnection.HTTP_FORBIDDEN);
     }
-   
+
 
     /**
 	 * Test9
@@ -144,7 +138,7 @@ public class ServletsTest extends Seleni
         Assert.assertEquals(invoke("/SampleServlet3Dynamic", "POST", "unknown", "unknown"),
HttpURLConnection.HTTP_OK);
     }
 
-    
+
     /**
 	 * Test10
 	 * Test @WebServlet annotation feature in Servlet 3.0
@@ -153,7 +147,7 @@ public class ServletsTest extends Seleni
     public void test_annotation_WebServlet() throws Exception{
     	Assert.assertEquals(invoke("/WebServlet1", "POST", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
     }
-    
+
     /**
 	 * Test11
 	 * Test @WebServlet annotation feature in Servlet 3.0
@@ -164,9 +158,9 @@ public class ServletsTest extends Seleni
     public void test_annotation_WebServlet2() throws Exception{
     	Assert.assertEquals(invoke("/WebServlet2", "GET", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
     }
-    
-    
-    
+
+
+
     /**
 	 * Test12
 	 * In ServletRegistration.Dynamic, GET access is allowled by RoleC
@@ -175,7 +169,7 @@ public class ServletsTest extends Seleni
     public void test_TestDynamic_GET_RoleC_Sucess() throws Exception{
     	Assert.assertEquals(invoke("/TestDynamic", "GET", "gracie", "biscuit"), HttpURLConnection.HTTP_OK);
     }
-    
+
     /**
 	 * Test13
 	 */
@@ -183,7 +177,7 @@ public class ServletsTest extends Seleni
     public void test_TestDynamic_GET_RoleB_Fail() throws Exception{
     	Assert.assertEquals(invoke("/TestDynamic", "GET", "george", "bone"), HttpURLConnection.HTTP_FORBIDDEN);
     }
-    
+
     /**
 	 * Test14 RoleA\B\C should succeed
 	 */
@@ -191,7 +185,7 @@ public class ServletsTest extends Seleni
     public void test_Authenticate_Sucess() throws Exception{
     	Assert.assertEquals(invoke("/AuthenticateServlet", "GET", "george", "bone"), HttpURLConnection.HTTP_OK);
     }
-    
+
     /**
 	 * Test15 RoleA\B\C should succeed
 	 */
@@ -212,7 +206,33 @@ public class ServletsTest extends Seleni
 		Assert.assertEquals("george", selenium.getText("//*[@id=\"ali3\"]"));
 		Assert.assertEquals("null", selenium.getText("//*[@id=\"alo3\"]"));
     }
-    
+
+    public void test_ServletSecurityAnnotation() throws Exception {
+
+        Assert.assertEquals(invoke("/SampleServlet5_1", "GET", "alan", "starcraft"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/SampleServlet5_1", "GET", "george", "bone"), HttpURLConnection.HTTP_FORBIDDEN);
+        Assert.assertEquals(invoke("/SampleServlet5_1", "POST", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
+
+        Assert.assertEquals(invoke("/SampleServlet5_2", "GET", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/SampleServlet5_2", "POST", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
+
+        Assert.assertEquals(invoke("/SampleServlet5_3", "GET", "alan", "starcraft"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/SampleServlet5_3", "GET", "george", "bone"), HttpURLConnection.HTTP_FORBIDDEN);
+        Assert.assertEquals(invoke("/SampleServlet5_3", "POST", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
+
+        Assert.assertEquals(invoke("/SampleServlet6_1", "POST", "alan", "starcraft"), HttpURLConnection.HTTP_FORBIDDEN);
+        Assert.assertEquals(invoke("/SampleServlet6_1", "POST", "george", "bone"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/SampleServlet6_1", "GET", "unknown", "unknown"), HttpURLConnection.HTTP_OK);
+
+        Assert.assertEquals(invoke("/TestDynamic", "GET", "gracie", "biscuit"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/TestDynamic", "GET", "alan", "starcraft"), HttpURLConnection.HTTP_FORBIDDEN);
+
+        Assert.assertEquals(invoke("/TestDynamicAfter", "GET", "gracie", "biscuit"), HttpURLConnection.HTTP_OK);
+        Assert.assertEquals(invoke("/TestDynamicAfter", "GET", "alan", "starcraft"), HttpURLConnection.HTTP_FORBIDDEN);
+
+        Assert.assertEquals(invoke("/SampleServlet3Dynamic", "GET", "gracie", "biscuit"),
HttpURLConnection.HTTP_FORBIDDEN);
+
+    }
 
     private int invoke(String address, String methodName, String userName, String password)
throws Exception {
         HttpClient client = new HttpClient();



Mime
View raw message