@@ -872,4 +872,71 @@ public void testUncoveredMethods() throws IOException {
872872 Assert .assertFalse (mapRealm .hasResourcePermission (
873873 request , response , constraintsPost , null ));
874874 }
875+
876+
877+ @ Test
878+ public void testDefaultServletConstraints () throws IOException {
879+ // Create a constraint that allows GET
880+ SecurityConstraint allowConstraint = new SecurityConstraint ();
881+ SecurityCollection allowCollection = new SecurityCollection ();
882+ allowCollection .addMethod (Method .GET );
883+ allowCollection .addPatternDecoded ("/" );
884+ allowConstraint .addCollection (allowCollection );
885+ // Create a constraint that disallows everything but GET
886+ SecurityConstraint blockConstraint = new SecurityConstraint ();
887+ SecurityCollection blockCollection = new SecurityCollection ();
888+ blockCollection .addOmittedMethod (Method .GET );
889+ blockCollection .addPatternDecoded ("/" );
890+ blockConstraint .addCollection (blockCollection );
891+ blockConstraint .addAuthRole (ROLE1 );
892+
893+ TesterMapRealm mapRealm = new TesterMapRealm ();
894+
895+ // Set up the mock request and response
896+ TesterRequest request = new TesterRequest ();
897+ Response response = new TesterResponse ();
898+ Context context = request .getContext ();
899+ request .getMappingData ().context = context ;
900+
901+ // Create the principals
902+ List <String > userRoles1 = new ArrayList <>();
903+ userRoles1 .add (ROLE1 );
904+ GenericPrincipal gp1 = new GenericPrincipal (USER1 , userRoles1 );
905+
906+ List <String > userRoles2 = new ArrayList <>();
907+ userRoles2 .add (ROLE2 );
908+ GenericPrincipal gp2 = new GenericPrincipal (USER2 , userRoles2 );
909+
910+ // Add the constraints to the context
911+ context .addConstraint (allowConstraint );
912+ context .addConstraint (blockConstraint );
913+
914+ // GET should be allowed
915+ request .setMethod (Method .GET );
916+ SecurityConstraint [] constraints = mapRealm .findSecurityConstraints (request , context );
917+
918+ request .setUserPrincipal (null );
919+ Assert .assertTrue (mapRealm .hasResourcePermission (
920+ request , response , constraints , null ));
921+ request .setUserPrincipal (gp1 );
922+ Assert .assertTrue (mapRealm .hasResourcePermission (
923+ request , response , constraints , null ));
924+ request .setUserPrincipal (gp2 );
925+ Assert .assertTrue (mapRealm .hasResourcePermission (
926+ request , response , constraints , null ));
927+
928+ // POST should require ROLE1 should be allowed
929+ request .setMethod (Method .POST );
930+ constraints = mapRealm .findSecurityConstraints (request , context );
931+
932+ request .setUserPrincipal (null );
933+ Assert .assertFalse (mapRealm .hasResourcePermission (
934+ request , response , constraints , null ));
935+ request .setUserPrincipal (gp1 );
936+ Assert .assertTrue (mapRealm .hasResourcePermission (
937+ request , response , constraints , null ));
938+ request .setUserPrincipal (gp2 );
939+ Assert .assertFalse (mapRealm .hasResourcePermission (
940+ request , response , constraints , null ));
941+ }
875942}
0 commit comments