You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Han Hong Fang (JIRA)" <ji...@apache.org> on 2010/09/08 08:47:32 UTC

[jira] Created: (GERONIMO-5581) Add test case for programmatic access control on servlet

Add test case for programmatic access control on servlet
--------------------------------------------------------

                 Key: GERONIMO-5581
                 URL: https://issues.apache.org/jira/browse/GERONIMO-5581
             Project: Geronimo
          Issue Type: Test
      Security Level: public (Regular issues)
          Components: testsuite
    Affects Versions: 3.0
            Reporter: Han Hong Fang
            Assignee: Han Hong Fang
            Priority: Minor


Servlet 3.0 provides annotations and apis provided to programmatically configure the security constraints enforced by the Servlet Container.  Need test case for this feature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (GERONIMO-5581) Add test case for programmatic access control on servlet

Posted by "Han Hong Fang (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/GERONIMO-5581?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Han Hong Fang updated GERONIMO-5581:
------------------------------------

    Attachment: GERONIMO-5581.patch

Patch is ready with following test cases.

1. Test @ServletSecurity when servlet is added using ServletCotext.addServet ()

   - servlet is added via servlet instance which is created using ServletContext.createServlet()
  - servlet is added via servlet instance which is NOT created using ServletContext.createServlet() [@ServletSecurity will not take effect in this case]
 - servlet is added 

2. Test setServletSecurity of ServletRegistration.Dynamic
  - set servletSecurity on URL which is already configured in web.xml  <security-constraint>
  - set servletSecurity on URL which is NOT configured in web.xml
  -  add URL mapping after servletSecurity 

Please help to review, thanks!

BTW, the test case will success only when https://issues.apache.org/jira/browse/GERONIMO-5577 is implemented.

> Add test case for programmatic access control on servlet
> --------------------------------------------------------
>
>                 Key: GERONIMO-5581
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5581
>             Project: Geronimo
>          Issue Type: Test
>      Security Level: public(Regular issues) 
>          Components: testsuite
>    Affects Versions: 3.0
>            Reporter: Han Hong Fang
>            Assignee: Han Hong Fang
>            Priority: Minor
>         Attachments: GERONIMO-5581.patch
>
>
> Servlet 3.0 provides annotations and apis provided to programmatically configure the security constraints enforced by the Servlet Container.  Need test case for this feature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Resolved: (GERONIMO-5581) Add test case for programmatic access control on servlet

Posted by "Ivan (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/GERONIMO-5581?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ivan resolved GERONIMO-5581.
----------------------------

    Fix Version/s: 3.0
       Resolution: Fixed

Commit the patch to trunk at rev.1001122, thanks, Han Hong Fang !

> Add test case for programmatic access control on servlet
> --------------------------------------------------------
>
>                 Key: GERONIMO-5581
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5581
>             Project: Geronimo
>          Issue Type: Test
>      Security Level: public(Regular issues) 
>          Components: testsuite
>    Affects Versions: 3.0
>            Reporter: Han Hong Fang
>            Assignee: Han Hong Fang
>            Priority: Minor
>             Fix For: 3.0
>
>         Attachments: GERONIMO-5581.patch
>
>
> Servlet 3.0 provides annotations and apis provided to programmatically configure the security constraints enforced by the Servlet Container.  Need test case for this feature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Issue Comment Edited: (GERONIMO-5581) Add test case for programmatic access control on servlet

Posted by "Han Hong Fang (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/GERONIMO-5581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12907115#action_12907115 ] 

Han Hong Fang edited comment on GERONIMO-5581 at 9/8/10 3:05 AM:
-----------------------------------------------------------------

Patch is ready with following test cases.

1. Test @ServletSecurity when servlet is added using ServletCotext.addServet ()

   - servlet is added via servlet instance which is created using ServletContext.createServlet()
  - servlet is added via servlet instance which is NOT created using ServletContext.createServlet() [@ServletSecurity will not take effect in this case]
 - servlet is added 

2. Test setServletSecurity of ServletRegistration.Dynamic
  - set servletSecurity on URL which is already configured in web.xml  <security-constraint>
  - set servletSecurity on URL which is NOT configured in web.xml
  -  add URL mapping after servletSecurity 

Please help to review, thanks!

BTW, the test case will succeed only when https://issues.apache.org/jira/browse/GERONIMO-5577 is implemented.

      was (Author: hanhongfang):
    Patch is ready with following test cases.

1. Test @ServletSecurity when servlet is added using ServletCotext.addServet ()

   - servlet is added via servlet instance which is created using ServletContext.createServlet()
  - servlet is added via servlet instance which is NOT created using ServletContext.createServlet() [@ServletSecurity will not take effect in this case]
 - servlet is added 

2. Test setServletSecurity of ServletRegistration.Dynamic
  - set servletSecurity on URL which is already configured in web.xml  <security-constraint>
  - set servletSecurity on URL which is NOT configured in web.xml
  -  add URL mapping after servletSecurity 

Please help to review, thanks!

BTW, the test case will success only when https://issues.apache.org/jira/browse/GERONIMO-5577 is implemented.
  
> Add test case for programmatic access control on servlet
> --------------------------------------------------------
>
>                 Key: GERONIMO-5581
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5581
>             Project: Geronimo
>          Issue Type: Test
>      Security Level: public(Regular issues) 
>          Components: testsuite
>    Affects Versions: 3.0
>            Reporter: Han Hong Fang
>            Assignee: Han Hong Fang
>            Priority: Minor
>         Attachments: GERONIMO-5581.patch
>
>
> Servlet 3.0 provides annotations and apis provided to programmatically configure the security constraints enforced by the Servlet Container.  Need test case for this feature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.