Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1995

Method setServletSecurity of ServletRegistration.Dynamic does not work

    XMLWordPrintable

Details

    • Bug
    • Resolution: Cannot Reproduce
    • Major
    • None
    • None
    • Servlet
    • None
    • Hide

      1. Create a simple servlet in web application: 
      public class AdminServlet extends HttpServlet {
          private static final long serialVersionUID = 1L;

          @Override
          protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException

      {         resp.getWriter().append("Admin resource");     }

      }
      2. Create a web listener:
      @WebListener
      public class ContextListener implements ServletContextListener {
      @Override
      public void contextInitialized(ServletContextEvent sce)

      { ServletContext ctx = sce.getServletContext(); ctx.declareRoles("admin"); ServletRegistration.Dynamic admin = ctx.addServlet("admin", AdminServlet.class); admin.addMapping("/admin"); admin.setLoadOnStartup(1); admin.setServletSecurity(new ServletSecurityElement(new HttpConstraintElement(NONE, "admin"))); }

      }
      3. Run application and call GET /admin resource

      Show
      1. Create a simple servlet in web application:  public class AdminServlet extends HttpServlet {     private static final long serialVersionUID = 1L;     @Override     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {         resp.getWriter().append("Admin resource");     } } 2. Create a web listener: @WebListener public class ContextListener implements ServletContextListener { @Override public void contextInitialized(ServletContextEvent sce) { ServletContext ctx = sce.getServletContext(); ctx.declareRoles("admin"); ServletRegistration.Dynamic admin = ctx.addServlet("admin", AdminServlet.class); admin.addMapping("/admin"); admin.setLoadOnStartup(1); admin.setServletSecurity(new ServletSecurityElement(new HttpConstraintElement(NONE, "admin"))); } } 3. Run application and call GET /admin resource

    Description

      setServletSecurity must enable servlet security as it is done by @ServletSecurity annotation

      Attachments

        Activity

          People

            rhn-cservice-bbaranow Bartosz Baranowski
            gr@mmer Alexander Rotnoff (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: