// @HttpMethodConstraint(value = "GET", rolesAllowed = "R1"),
// @HttpMethodConstraint(value = "POST", rolesAllowed = "R1",
// transportGuarantee = TransportGuarantee.CONFIDENTIAL)
// })
hmces.clear();
hmces.add(new HttpMethodConstraintElement("GET",
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.NONE, ROLE1)));
hmces.add(new HttpMethodConstraintElement("POST",
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.CONFIDENTIAL,
ROLE1)));
element = new ServletSecurityElement(hmces);
result = SecurityConstraint.createConstraints(element, URL_PATTERN);
assertEquals(2, result.length);
for (int i = 0; i < 2; i++) {
assertTrue(result[i].getAuthConstraint());
assertEquals(1, result[i].findAuthRoles().length);
assertTrue(result[i].findAuthRole(ROLE1));
assertTrue(result[i].findCollections()[0].findPattern(URL_PATTERN));
assertEquals(1, result[i].findCollections()[0].findMethods().length);
String method = result[i].findCollections()[0].findMethods()[0];
if ("GET".equals(method)) {
assertEquals(ServletSecurity.TransportGuarantee.NONE.name(),
result[i].getUserConstraint());
} else if ("POST".equals(method)) {
assertEquals(ServletSecurity.TransportGuarantee.CONFIDENTIAL.name(),
result[i].getUserConstraint());
} else {
fail("Unexpected method :[" + method + "]");
}
}
// Example 13-6
// @ServletSecurity(value = @HttpConstraint(rolesAllowed = "R1"),
// httpMethodConstraints = @HttpMethodConstraint("GET"))
hmces.clear();
hmces.add(new HttpMethodConstraintElement("GET"));
element = new ServletSecurityElement(
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.NONE,
ROLE1),
hmces);
result = SecurityConstraint.createConstraints(element, URL_PATTERN);
assertEquals(2, result.length);
for (int i = 0; i < 2; i++) {
assertTrue(result[i].findCollections()[0].findPattern(URL_PATTERN));
if (result[i].findCollections()[0].findMethods().length == 1) {
assertEquals("GET",
result[i].findCollections()[0].findMethods()[0]);
assertFalse(result[i].getAuthConstraint());
} else if (result[i].findCollections()[0].findOmittedMethods().length == 1) {
assertEquals("GET",
result[i].findCollections()[0].findOmittedMethods()[0]);
assertTrue(result[i].getAuthConstraint());
assertEquals(1, result[i].findAuthRoles().length);
assertEquals(ROLE1, result[i].findAuthRoles()[0]);
} else {
fail("Unexpected number of methods defined");
}
assertEquals(ServletSecurity.TransportGuarantee.NONE.name(),
result[i].getUserConstraint());
}
// Example 13-7
// @ServletSecurity(value = @HttpConstraint(rolesAllowed = "R1"),
// httpMethodConstraints = @HttpMethodConstraint(value="TRACE",
// emptyRoleSemantic = EmptyRoleSemantic.DENY))
hmces.clear();
hmces.add(new HttpMethodConstraintElement("TRACE",
new HttpConstraintElement(EmptyRoleSemantic.DENY)));
element = new ServletSecurityElement(
new HttpConstraintElement(
ServletSecurity.TransportGuarantee.NONE,
ROLE1),