From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Fri, 4 Mar 2011 11:17:06 +0000 (+0000)
Subject: Check web.xml takes precedence over @ServletSecurity
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=e3ed35c71dc349a3bda9bb96d14494efcd53ea93;p=tomcat7.0

Check web.xml takes precedence over @ServletSecurity

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1077881 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/test/org/apache/catalina/core/TestStandardWrapper.java b/test/org/apache/catalina/core/TestStandardWrapper.java
index c5efae461..e199a50f4 100644
--- a/test/org/apache/catalina/core/TestStandardWrapper.java
+++ b/test/org/apache/catalina/core/TestStandardWrapper.java
@@ -17,6 +17,7 @@
 
 package org.apache.catalina.core;
 
+import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -71,6 +72,26 @@ public class TestStandardWrapper extends TomcatBaseTest {
         doTest(RoleDenyServlet.class.getName(), false, true, false);
     }
 
+    public void testSecurityAnnotationsWebXmlPriority() throws Exception {
+
+        // Setup Tomcat instance
+        Tomcat tomcat = getTomcatInstance();
+        
+        File appDir = new File("test/webapp-3.0-fragments");
+        tomcat.addWebapp(null, "", appDir.getAbsolutePath());
+        
+        tomcat.start();
+        
+        ByteChunk bc = new ByteChunk();
+        int rc;
+        rc = getUrl("http://localhost:" + getPort() +
+                "/testStandardWrapper/securityAnnotationsWebXmlPriority",
+                bc, null, null);
+        
+        assertNull(bc.toString());
+        assertEquals(403, rc);
+    }
+
     private void doTest(String servletClassName, boolean usePost,
             boolean useRole, boolean expect200) throws Exception {
 
diff --git a/test/webapp-3.0-fragments/WEB-INF/web.xml b/test/webapp-3.0-fragments/WEB-INF/web.xml
index 024539c7b..4dca98282 100644
--- a/test/webapp-3.0-fragments/WEB-INF/web.xml
+++ b/test/webapp-3.0-fragments/WEB-INF/web.xml
@@ -27,4 +27,20 @@
      Used as part of the Tomcat unit tests when a full web application is
      required.
   </description>
+  
+  <servlet>
+    <servlet-name>AllowByAnnotation</servlet-name>
+    <servlet-class>org.apache.catalina.core.TestStandardWrapper$SubclassAllowAllServlet</servlet-class>
+  </servlet>
+  <servlet-mapping>
+    <servlet-name>AllowByAnnotation</servlet-name>
+    <url-pattern>/testStandardWrapper/securityAnnotationsWebXmlPriority</url-pattern>  
+  </servlet-mapping>
+  <security-constraint>
+    <auth-constraint/>
+    <web-resource-collection>
+    <url-pattern>/testStandardWrapper/securityAnnotationsWebXmlPriority</url-pattern>  
+    </web-resource-collection>
+  </security-constraint>
+
 </web-app>
\ No newline at end of file