IN PROGRESS - issue FWK-119: Testes da extensão Servlet

https://demoiselle.atlassian.net/browse/FWK-119

IN PROGRESS - issue FWK-119: Testes da extensão Servlet
https://demoiselle.atlassian.net/browse/FWK-119
Cleverson Sacramento
1 parent 15bf6469
Showing 10 changed files with 520 additions and 89 deletions Show diff stats
impl/extension/jpa/src/test/resources/arquillian.xml
impl/extension/servlet/pom.xml
impl/extension/servlet/src/test/java/producer/HttpServletRequestProducerTest.java
impl/extension/servlet/src/test/java/producer/HttpServletResponseProducerTest.java
impl/extension/servlet/src/test/java/security/SecurityServlet.java
impl/extension/servlet/src/test/java/security/SecurityTest.java
impl/extension/servlet/src/test/resources/arquillian.xml
impl/extension/servlet/src/test/resources/domain.xml
impl/extension/servlet/src/test/resources/keyfile
impl/extension/servlet/src/test/resources/security/web.xml
@@ -43,6 +43,12 @@
 		<property name="deploymentExportPath">target/deployments</property>
 	</engine>
  
+	<container qualifier="glassfish-embedded" default="true">
+		<configuration>
+			<property name="resourcesXml">src/test/resources/glassfish-resources.xml</property>
+		</configuration>
+	</container>
+
 	<!--
 	<container qualifier="jbossas-managed" default="true">
 		<protocol type="Servlet 3.0" />
@@ -84,12 +84,22 @@
 			<scope>test</scope>
 		</dependency>
 		-->
+
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient</artifactId>
+			<version>4.2.6</version>
+			<scope>test</scope>
+		</dependency>
+
+		<!--
 		<dependency>
 			<groupId>commons-httpclient</groupId>
 			<artifactId>commons-httpclient</artifactId>
 			<version>3.1</version>
 			<scope>test</scope>
 		</dependency>
+		-->
 	</dependencies>
  
 	<repositories>
 package producer;
  
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static junit.framework.Assert.assertEquals;
  
+import java.io.IOException;
 import java.net.URL;
  
-import javax.inject.Inject;
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpStatus;
-import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.DefaultHttpClient;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
@@ -19,7 +18,6 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
  
 import test.Tests;
-import br.gov.frameworkdemoiselle.context.RequestContext;
  
 @RunWith(Arquillian.class)
 public class HttpServletRequestProducerTest {
@@ -36,15 +34,13 @@ public class HttpServletRequestProducerTest {
 	}
  
 	@Test
-	public void createR() {
-		HttpClient client = new HttpClient();
-		GetMethod method = new GetMethod(deploymentUrl + "/requestproducer");
-		try {
-			int status = client.executeMethod(method);
-			assertEquals(HttpStatus.SC_OK, status);
-		} catch (Exception e) {
-			fail();
-		}
-	}
+	public void createR() throws ClientProtocolException, IOException {
+		DefaultHttpClient client = new DefaultHttpClient();
  
+		HttpGet get = new HttpGet(deploymentUrl + "/requestproducer");
+		HttpResponse response = client.execute(get);
+
+		int status = response.getStatusLine().getStatusCode();
+		assertEquals(HttpStatus.SC_OK, status);
+	}
 }
 package producer;
  
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static junit.framework.Assert.assertEquals;
  
+import java.io.IOException;
 import java.net.URL;
  
-import javax.inject.Inject;
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpStatus;
-import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.DefaultHttpClient;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
@@ -19,7 +18,6 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
  
 import test.Tests;
-import br.gov.frameworkdemoiselle.context.RequestContext;
  
 @RunWith(Arquillian.class)
 public class HttpServletResponseProducerTest {
@@ -36,15 +34,14 @@ public class HttpServletResponseProducerTest {
 	}
  
 	@Test
-	public void createResponse() {
-		HttpClient client = new HttpClient();
-		GetMethod method = new GetMethod(deploymentUrl + "/responseproducer");
-		try {
-			int status = client.executeMethod(method);
-			assertEquals(HttpStatus.SC_OK, status);
-		} catch (Exception e) {
-			fail();
-		}
+	public void createResponse() throws ClientProtocolException, IOException {
+		DefaultHttpClient client = new DefaultHttpClient();
+
+		HttpGet get = new HttpGet(deploymentUrl + "/responseproducer");
+		HttpResponse response = client.execute(get);
+
+		int status = response.getStatusLine().getStatusCode();
+		assertEquals(HttpStatus.SC_OK, status);
 	}
  
 }
@@ -2,7 +2,6 @@ package security;
  
 import java.io.IOException;
  
-import javax.inject.Inject;
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
@@ -13,25 +12,24 @@ import org.apache.http.HttpStatus;
  
 import br.gov.frameworkdemoiselle.security.Credentials;
 import br.gov.frameworkdemoiselle.security.SecurityContext;
+import br.gov.frameworkdemoiselle.util.Beans;
  
 @WebServlet("/login")
 public class SecurityServlet extends HttpServlet {
  
 	private static final long serialVersionUID = 1L;
  
-	@Inject
-	private SecurityContext securityContext;
-
-	@Inject
-	private Credentials credentials;
-
 	@Override
 	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		super.doGet(request, response);
-		
-		credentials.setUsername("users");
-		credentials.setPassword("users");
-		securityContext.login();
+		String result = request.getHeader("Authorization");
+		result = (result == null ? request.getHeader("authorization") : result);
+
+		Credentials credentials = Beans.getReference(Credentials.class);
+		credentials.setUsername("asdrubal");
+		credentials.setPassword("asdrubal");
+
+		Beans.getReference(SecurityContext.class).login();
+
 		response.setStatus(HttpStatus.SC_OK);
 	}
 }
 package security;
  
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
  
 import java.io.IOException;
 import java.net.URL;
  
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpException;
-import org.apache.commons.httpclient.HttpStatus;
-import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.DefaultHttpClient;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
@@ -19,6 +19,8 @@ import org.junit.runner.RunWith;
  
 import test.Tests;
  
+import com.sun.enterprise.security.auth.login.FileLoginModule;
+
 @RunWith(Arquillian.class)
 public class SecurityTest {
  
@@ -29,22 +31,17 @@ public class SecurityTest {
  
 	@Deployment(testable = false)
 	public static WebArchive createDeployment() {
-		return Tests.createDeployment().addClass(SecurityServlet.class)
+		return Tests.createDeployment().addClasses(SecurityServlet.class, FileLoginModule.class)
 				.addAsWebInfResource(Tests.createFileAsset(PATH + "/web.xml"), "web.xml");
 	}
  
 	@Test
-	public void login() {
-		HttpClient client = new HttpClient();
-		GetMethod method = new GetMethod(deploymentUrl + "/login");
-		try {
-			int status = client.executeMethod(method);
-			assertEquals(HttpStatus.SC_OK, status);
-		} catch (HttpException e) {
-			fail();
-		} catch (IOException e) {
-			e.printStackTrace();
-		}
-	}
+	public void login() throws ClientProtocolException, IOException {
+		DefaultHttpClient client = new DefaultHttpClient();
+		HttpGet get = new HttpGet(deploymentUrl + "/login");
+		HttpResponse response = client.execute(get);
  
+		int status = response.getStatusLine().getStatusCode();
+		assertEquals(HttpStatus.SC_OK, status);
+	}
 }
@@ -49,13 +49,11 @@
 	</extension>
 	-->
  
-	<!--
-	<container qualifier="glassfish" default="true">
+	<container qualifier="glassfish-embedded" default="true">
 		<configuration>
-			<property name="autoDelete">true</property>
+			<property name="configurationXml">src/test/resources/domain.xml</property>
 		</configuration>
 	</container>
-	-->
  
 	<!--
 	<container qualifier="jbossas-managed" default="true">
@@ -0,0 +1,429 @@
+<domain log-root="${com.sun.aas.instanceRoot}/logs" application-root="${com.sun.aas.instanceRoot}/applications" version="23">
+  <system-applications>
+    <application context-root="" location="${com.sun.aas.installRootURI}/lib/install/applications/__admingui" name="__admingui" directory-deployed="true" object-type="system-admin">
+      <module name="__admingui">
+        <engine sniffer="web"></engine>
+        <engine sniffer="security"></engine>
+      </module>
+    </application>
+  </system-applications>
+  <applications>
+    <application context-root="/AuthenticationPrj01" location="${com.sun.aas.instanceRootURI}/eclipseApps/AuthenticationPrj01/" name="AuthenticationPrj01" directory-deployed="true" object-type="user">
+      <property name="appLocation" value="${com.sun.aas.instanceRootURI}/eclipseApps/AuthenticationPrj01/"></property>
+      <property name="defaultAppName" value="AuthenticationPrj01"></property>
+      <module name="AuthenticationPrj01">
+        <engine sniffer="security"></engine>
+        <engine sniffer="web"></engine>
+      </module>
+    </application>
+  </applications>
+  <resources>
+    <jdbc-connection-pool datasource-classname="org.apache.derby.jdbc.ClientXADataSource" res-type="javax.sql.XADataSource" name="luciano" transaction-isolation-level="serializable">
+      <property name="User" value="APP"></property>
+      <property name="Password" value="APP"></property>
+      <property name="ServerName" value="localhost"></property>
+      <property name="PortNumber" value="1527"></property>
+      <property name="DatabaseName" value="luciano"></property>
+    </jdbc-connection-pool>
+    <jdbc-resource pool-name="luciano" jndi-name="jdbc/luciano"></jdbc-resource>
+    <jdbc-connection-pool driver-classname="" datasource-classname="org.postgresql.xa.PGXADataSource" res-type="javax.sql.XADataSource" description="" name="postgresql">
+      <property name="portNumber" value="5432"></property>
+      <property name="databaseName" value="bd1"></property>
+      <property name="serverName" value="localhost"></property>
+      <property name="user" value="postgres"></property>
+      <property name="password" value="postgres"></property>
+    </jdbc-connection-pool>
+    <jdbc-resource pool-name="postgresql" description="" jndi-name="jdbc/postgresql"></jdbc-resource>
+  </resources>
+  <servers>
+    <server name="server" config-ref="server-config">
+      <resource-ref ref="jdbc/luciano"></resource-ref>
+      <resource-ref ref="jdbc/postgresql"></resource-ref>
+      <application-ref ref="__admingui" virtual-servers="__asadmin"></application-ref>
+      <application-ref ref="AuthenticationPrj01" virtual-servers="server"></application-ref>
+    </server>
+  </servers>
+  <nodes>
+    <node node-host="localhost" name="localhost-domain1" type="CONFIG" install-dir="${com.sun.aas.productRoot}"></node>
+  </nodes>
+  <configs>
+    <config name="server-config">
+      <http-service>
+        <access-log></access-log>
+        <virtual-server id="server" network-listeners="http-listener-1,http-listener-2"></virtual-server>
+        <virtual-server id="__asadmin" network-listeners="admin-listener"></virtual-server>
+      </http-service>
+      <iiop-service>
+        <orb use-thread-pool-ids="thread-pool-1"></orb>
+        <iiop-listener port="3700" id="orb-listener-1" address="0.0.0.0" lazy-init="true"></iiop-listener>
+        <iiop-listener port="3820" id="SSL" address="0.0.0.0" security-enabled="true">
+          <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
+        </iiop-listener>
+        <iiop-listener port="3920" id="SSL_MUTUALAUTH" address="0.0.0.0" security-enabled="true">
+          <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true"></ssl>
+        </iiop-listener>
+      </iiop-service>
+      <admin-service system-jmx-connector-name="system" type="das-and-server">
+        <jmx-connector port="8686" address="0.0.0.0" security-enabled="false" auth-realm-name="admin-realm" name="system"></jmx-connector>
+        <property name="adminConsoleContextRoot" value="/admin"></property>
+        <property name="adminConsoleDownloadLocation" value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war"></property>
+        <property name="ipsRoot" value="${com.sun.aas.installRoot}/.."></property>
+        <das-config></das-config>
+      </admin-service>
+      <connector-service></connector-service>
+      <web-container>
+        <session-config>
+          <session-manager>
+            <manager-properties></manager-properties>
+            <store-properties></store-properties>
+          </session-manager>
+          <session-properties></session-properties>
+        </session-config>
+      </web-container>
+      <ejb-container session-store="${com.sun.aas.instanceRoot}/session-store">
+        <ejb-timer-service></ejb-timer-service>
+      </ejb-container>
+      <mdb-container></mdb-container>
+      <jms-service default-jms-host="default_JMS_host">
+        <jms-host host="localhost" name="default_JMS_host"></jms-host>
+      </jms-service>
+      <security-service>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
+          <property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile"></property>
+          <property name="jaas-context" value="fileRealm"></property>
+        </auth-realm>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
+          <property name="file" value="src/test/resources/keyfile"></property>
+          <property name="jaas-context" value="fileRealm"></property>
+        </auth-realm>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate"></auth-realm>
+        <jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
+          <property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy"></property>
+        </jacc-provider>
+        <jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory"></jacc-provider>
+        <audit-module classname="com.sun.enterprise.security.Audit" name="default">
+          <property name="auditOn" value="false"></property>
+        </audit-module>
+        <message-security-config auth-layer="SOAP">
+          <provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="dynamic.username.password" value="false"></property>
+            <property name="debug" value="false"></property>
+          </provider-config>
+          <provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="dynamic.username.password" value="false"></property>
+            <property name="debug" value="false"></property>
+            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
+          </provider-config>
+          <provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="debug" value="false"></property>
+          </provider-config>
+          <provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="debug" value="false"></property>
+            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
+          </provider-config>
+        </message-security-config>
+        <message-security-config auth-layer="HttpServlet">
+          <provider-config provider-type="server" provider-id="GFConsoleAuthModule" class-name="org.glassfish.admingui.common.security.AdminConsoleAuthModule">
+            <request-policy auth-source="sender"></request-policy>
+            <response-policy></response-policy>
+            <property name="restAuthURL" value="http://localhost:${ADMIN_LISTENER_PORT}/management/sessions"></property>
+            <property name="loginPage" value="/login.jsf"></property>
+            <property name="loginErrorPage" value="/loginError.jsf"></property>
+          </provider-config>
+        </message-security-config>
+        <property name="default-digest-algorithm" value="SHA-256"></property>
+      </security-service>
+      <transaction-service tx-log-dir="${com.sun.aas.instanceRoot}/logs"></transaction-service>
+      <java-config debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" system-classpath="" classpath-suffix="">
+        <jvm-options>-XX:MaxPermSize=192m</jvm-options>
+        <jvm-options>-XX:PermSize=64m</jvm-options>
+        <jvm-options>-client</jvm-options>
+        <jvm-options>-Djava.awt.headless=true</jvm-options>
+        <jvm-options>-Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder</jvm-options>
+        <jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
+        <jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
+        <jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options>
+        <jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
+        <jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options>
+        <jvm-options>-Xmx512m</jvm-options>
+        <jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options>
+        <jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
+        <jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
+        <jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options>
+        <jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
+        <jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.port=6666</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.maxconn=1</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.ip=127.0.0.1</jvm-options>
+        <jvm-options>-Dgosh.args=--nointeractive</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.poll=5000</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.log.level=2</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.bundles.new.start=true</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.bundles.startTransient=true</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.disableConfigSave=false</jvm-options>
+        <jvm-options>-XX:NewRatio=2</jvm-options>
+      </java-config>
+      <network-config>
+        <protocols>
+          <protocol name="http-listener-1">
+            <http default-virtual-server="server" max-connections="250">
+              <file-cache></file-cache>
+            </http>
+          </protocol>
+          <protocol security-enabled="true" name="http-listener-2">
+            <http default-virtual-server="server" max-connections="250">
+              <file-cache></file-cache>
+            </http>
+            <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
+          </protocol>
+          <protocol name="admin-listener">
+            <http default-virtual-server="__asadmin" max-connections="250" encoded-slash-enabled="true">
+              <file-cache></file-cache>
+            </http>
+          </protocol>
+        </protocols>
+        <network-listeners>
+          <network-listener port="8080" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool"></network-listener>
+          <network-listener port="8181" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool"></network-listener>
+          <network-listener port="4848" protocol="admin-listener" transport="tcp" name="admin-listener" thread-pool="admin-thread-pool"></network-listener>
+        </network-listeners>
+        <transports>
+          <transport name="tcp"></transport>
+        </transports>
+      </network-config>
+      <thread-pools>
+        <thread-pool name="admin-thread-pool" max-thread-pool-size="50" max-queue-size="256"></thread-pool>
+        <thread-pool name="http-thread-pool"></thread-pool>
+        <thread-pool name="thread-pool-1" max-thread-pool-size="200"></thread-pool>
+      </thread-pools>
+      <monitoring-service>
+        <module-monitoring-levels></module-monitoring-levels>
+      </monitoring-service>
+      <group-management-service>
+        <failure-detection></failure-detection>
+      </group-management-service>
+    </config>
+    <config name="default-config">
+      <http-service>
+        <access-log></access-log>
+        <virtual-server id="server" network-listeners="http-listener-1, http-listener-2">
+          <property name="default-web-xml" value="${com.sun.aas.instanceRoot}/config/default-web.xml"></property>
+        </virtual-server>
+        <virtual-server id="__asadmin" network-listeners="admin-listener"></virtual-server>
+      </http-service>
+      <iiop-service>
+        <orb use-thread-pool-ids="thread-pool-1"></orb>
+        <iiop-listener port="${IIOP_LISTENER_PORT}" id="orb-listener-1" address="0.0.0.0"></iiop-listener>
+        <iiop-listener port="${IIOP_SSL_LISTENER_PORT}" id="SSL" address="0.0.0.0" security-enabled="true">
+          <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
+        </iiop-listener>
+        <iiop-listener port="${IIOP_SSL_MUTUALAUTH_PORT}" id="SSL_MUTUALAUTH" address="0.0.0.0" security-enabled="true">
+          <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as" client-auth-enabled="true"></ssl>
+        </iiop-listener>
+      </iiop-service>
+      <admin-service system-jmx-connector-name="system">
+        <jmx-connector port="${JMX_SYSTEM_CONNECTOR_PORT}" address="0.0.0.0" security-enabled="false" auth-realm-name="admin-realm" name="system"></jmx-connector>
+        <property name="adminConsoleDownloadLocation" value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war"></property>
+        <das-config></das-config>
+      </admin-service>
+      <web-container>
+        <session-config>
+          <session-manager>
+            <manager-properties></manager-properties>
+            <store-properties></store-properties>
+          </session-manager>
+          <session-properties></session-properties>
+        </session-config>
+      </web-container>
+      <ejb-container session-store="${com.sun.aas.instanceRoot}/session-store">
+        <ejb-timer-service></ejb-timer-service>
+      </ejb-container>
+      <mdb-container></mdb-container>
+      <jms-service addresslist-behavior="priority" default-jms-host="default_JMS_host">
+        <jms-host port="${JMS_PROVIDER_PORT}" host="localhost" name="default_JMS_host"></jms-host>
+      </jms-service>
+      <log-service log-rotation-limit-in-bytes="2000000" file="${com.sun.aas.instanceRoot}/logs/server.log">
+        <module-log-levels></module-log-levels>
+      </log-service>
+      <security-service>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
+          <property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile"></property>
+          <property name="jaas-context" value="fileRealm"></property>
+        </auth-realm>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
+          <property name="file" value="src/test/resources/keyfile"></property>
+          <property name="jaas-context" value="fileRealm"></property>
+        </auth-realm>
+        <auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate"></auth-realm>
+        <jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
+          <property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy"></property>
+        </jacc-provider>
+        <jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory"></jacc-provider>
+        <audit-module classname="com.sun.enterprise.security.Audit" name="default">
+          <property name="auditOn" value="false"></property>
+        </audit-module>
+        <message-security-config auth-layer="SOAP">
+          <provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="dynamic.username.password" value="false"></property>
+            <property name="debug" value="false"></property>
+          </provider-config>
+          <provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="dynamic.username.password" value="false"></property>
+            <property name="debug" value="false"></property>
+            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
+          </provider-config>
+          <provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="debug" value="false"></property>
+          </provider-config>
+          <provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
+            <request-policy auth-source="content"></request-policy>
+            <response-policy auth-source="content"></response-policy>
+            <property name="encryption.key.alias" value="s1as"></property>
+            <property name="signature.key.alias" value="s1as"></property>
+            <property name="debug" value="false"></property>
+            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"></property>
+          </provider-config>
+        </message-security-config>
+      </security-service>
+      <transaction-service tx-log-dir="${com.sun.aas.instanceRoot}/logs" automatic-recovery="true"></transaction-service>
+      <diagnostic-service></diagnostic-service>
+      <java-config debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=${JAVA_DEBUGGER_PORT}" system-classpath="" classpath-suffix="">
+        <jvm-options>-XX:MaxPermSize=192m</jvm-options>
+        <jvm-options>-XX:PermSize=64m</jvm-options>
+        <jvm-options>-server</jvm-options>
+        <jvm-options>-Djava.awt.headless=true</jvm-options>
+        <jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options>
+        <jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options>
+        <jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options>
+        <jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options>
+        <jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options>
+        <jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options>
+        <jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options>
+        <jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options>
+        <jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options>
+        <jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options>
+        <jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options>
+        <jvm-options>-XX:NewRatio=2</jvm-options>
+        <jvm-options>-Xmx512m</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.port=${OSGI_SHELL_TELNET_PORT}</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.maxconn=1</jvm-options>
+        <jvm-options>-Dosgi.shell.telnet.ip=127.0.0.1</jvm-options>
+        <jvm-options>-Dgosh.args=--noshutdown -c noop=true</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.poll=5000</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.log.level=3</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.bundles.new.start=true</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.bundles.startTransient=true</jvm-options>
+        <jvm-options>-Dfelix.fileinstall.disableConfigSave=false</jvm-options>
+      </java-config>
+      <availability-service>
+        <web-container-availability></web-container-availability>
+        <ejb-container-availability sfsb-store-pool-name="jdbc/hastore"></ejb-container-availability>
+        <jms-availability></jms-availability>
+      </availability-service>
+      <network-config>
+        <protocols>
+          <protocol name="http-listener-1">
+            <http default-virtual-server="server">
+              <file-cache></file-cache>
+            </http>
+          </protocol>
+          <protocol security-enabled="true" name="http-listener-2">
+            <http default-virtual-server="server">
+              <file-cache></file-cache>
+            </http>
+            <ssl classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="s1as"></ssl>
+          </protocol>
+          <protocol name="admin-listener">
+            <http default-virtual-server="__asadmin" max-connections="250">
+              <file-cache></file-cache>
+            </http>
+          </protocol>
+          <protocol security-enabled="true" name="sec-admin-listener">
+            <http default-virtual-server="__asadmin" encoded-slash-enabled="true">
+              <file-cache></file-cache>
+            </http>
+            <ssl client-auth="want" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" cert-nickname="glassfish-instance"></ssl>
+          </protocol>
+          <protocol name="admin-http-redirect">
+            <http-redirect secure="true"></http-redirect>
+          </protocol>
+          <protocol name="pu-protocol">
+            <port-unification>
+              <protocol-finder protocol="sec-admin-listener" name="http-finder" classname="com.sun.grizzly.config.HttpProtocolFinder"></protocol-finder>
+              <protocol-finder protocol="admin-http-redirect" name="admin-http-redirect" classname="com.sun.grizzly.config.HttpProtocolFinder"></protocol-finder>
+            </port-unification>
+          </protocol>
+        </protocols>
+        <network-listeners>
+          <network-listener port="${HTTP_LISTENER_PORT}" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool"></network-listener>
+          <network-listener port="${HTTP_SSL_LISTENER_PORT}" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool"></network-listener>
+          <network-listener port="${ASADMIN_LISTENER_PORT}" protocol="pu-protocol" transport="tcp" name="admin-listener" thread-pool="http-thread-pool"></network-listener>
+        </network-listeners>
+        <transports>
+          <transport name="tcp"></transport>
+        </transports>
+      </network-config>
+      <thread-pools>
+        <thread-pool name="http-thread-pool"></thread-pool>
+        <thread-pool max-thread-pool-size="200" name="thread-pool-1"></thread-pool>
+        <thread-pool name="admin-thread-pool" max-thread-pool-size="50" max-queue-size="256"></thread-pool>
+      </thread-pools>
+      <group-management-service>
+        <failure-detection></failure-detection>
+      </group-management-service>
+      <management-rules></management-rules>
+      <system-property name="ASADMIN_LISTENER_PORT" value="24848"></system-property>
+      <system-property name="HTTP_LISTENER_PORT" value="28080"></system-property>
+      <system-property name="HTTP_SSL_LISTENER_PORT" value="28181"></system-property>
+      <system-property name="JMS_PROVIDER_PORT" value="27676"></system-property>
+      <system-property name="IIOP_LISTENER_PORT" value="23700"></system-property>
+      <system-property name="IIOP_SSL_LISTENER_PORT" value="23820"></system-property>
+      <system-property name="IIOP_SSL_MUTUALAUTH_PORT" value="23920"></system-property>
+      <system-property name="JMX_SYSTEM_CONNECTOR_PORT" value="28686"></system-property>
+      <system-property name="OSGI_SHELL_TELNET_PORT" value="26666"></system-property>
+      <system-property name="JAVA_DEBUGGER_PORT" value="29009"></system-property>
+      <monitoring-service>
+        <module-monitoring-levels></module-monitoring-levels>
+      </monitoring-service>
+      <connector-service></connector-service>
+    </config>
+  </configs>
+  <property name="administrative.domain.name" value="domain1"></property>
+  <secure-admin special-admin-indicator="e4a50521-0eca-4932-bca9-805fc1d8412e">
+    <secure-admin-principal dn="CN=localhost,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
+    <secure-admin-principal dn="CN=localhost-instance,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
+  </secure-admin>
+  <load-balancers></load-balancers>
+  <lb-configs></lb-configs>
+  <clusters></clusters>
+</domain>
 \ No newline at end of file
@@ -0,0 +1 @@
+asdrubal;{SSHA256}xYbabe0zKCOUrsH4SNQ+MK75W7FxJujcDcAJ9iXruHm1uT5mn+yktw==;users
@@ -50,34 +50,33 @@
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
  
+	<servlet>
+		<servlet-name>Security Class</servlet-name>
+		<servlet-class>security.SecurityServlet</servlet-class>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>Security Class</servlet-name>
+		<url-pattern>/login</url-pattern>
+	</servlet-mapping>
  
+	<!--
 	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>myapp</web-resource-name>
-			<url-pattern>/\*</url-pattern>
-			<http-method>GET</http-method>
+			<web-resource-name>Private URL</web-resource-name>
+			<url-pattern>/login</url-pattern>
 		</web-resource-collection>
 		<auth-constraint>
-			<role-name>users</role-name>
+			<role-name>*</role-name>
 		</auth-constraint>
 	</security-constraint>
+
 	<login-config>
 		<auth-method>BASIC</auth-method>
-		<realm-name>default</realm-name>
+		<realm-name>fileRealm</realm-name>
 	</login-config>
+
 	<security-role>
-		<role-name>users</role-name>
+		<role-name>*</role-name>
 	</security-role>
-
-	<servlet>
-		<servlet-name>Security Class</servlet-name>
-		<servlet-class>security.SecurityServlet</servlet-class>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>Security Class</servlet-name>
-		<url-pattern>/login</url-pattern>
-	</servlet-mapping>
-
-
+	-->
 </web-app>
 \ No newline at end of file
...	...	@@ -43,6 +43,12 @@
43	43	<property name="deploymentExportPath">target/deployments</property>
44	44	</engine>
45	45
	46	+ <container qualifier="glassfish-embedded" default="true">
	47	+ <configuration>
	48	+ <property name="resourcesXml">src/test/resources/glassfish-resources.xml</property>
	49	+ </configuration>
	50	+ </container>
	51	+
46	52	<!--
47	53	<container qualifier="jbossas-managed" default="true">
48	54	<protocol type="Servlet 3.0" />
...	...
...	...	@@ -84,12 +84,22 @@
84	84	<scope>test</scope>
85	85	</dependency>
86	86	-->
	87	+
	88	+ <dependency>
	89	+ <groupId>org.apache.httpcomponents</groupId>
	90	+ <artifactId>httpclient</artifactId>
	91	+ <version>4.2.6</version>
	92	+ <scope>test</scope>
	93	+ </dependency>
	94	+
	95	+ <!--
87	96	<dependency>
88	97	<groupId>commons-httpclient</groupId>
89	98	<artifactId>commons-httpclient</artifactId>
90	99	<version>3.1</version>
91	100	<scope>test</scope>
92	101	</dependency>
	102	+ -->
93	103	</dependencies>
94	104
95	105	<repositories>
...	...
1	1	package producer;
2	2
3		-import static org.junit.Assert.assertEquals;
4		-import static org.junit.Assert.assertTrue;
5		-import static org.junit.Assert.fail;
	3	+import static junit.framework.Assert.assertEquals;
6	4
	5	+import java.io.IOException;
7	6	import java.net.URL;
8	7
9		-import javax.inject.Inject;
10		-
11		-import org.apache.commons.httpclient.HttpClient;
12		-import org.apache.commons.httpclient.HttpStatus;
13		-import org.apache.commons.httpclient.methods.GetMethod;
	8	+import org.apache.http.HttpResponse;
	9	+import org.apache.http.HttpStatus;
	10	+import org.apache.http.client.ClientProtocolException;
	11	+import org.apache.http.client.methods.HttpGet;
	12	+import org.apache.http.impl.client.DefaultHttpClient;
14	13	import org.jboss.arquillian.container.test.api.Deployment;
15	14	import org.jboss.arquillian.junit.Arquillian;
16	15	import org.jboss.arquillian.test.api.ArquillianResource;
...	...	@@ -19,7 +18,6 @@ import org.junit.Test;
19	18	import org.junit.runner.RunWith;
20	19
21	20	import test.Tests;
22		-import br.gov.frameworkdemoiselle.context.RequestContext;
23	21
24	22	@RunWith(Arquillian.class)
25	23	public class HttpServletRequestProducerTest {
...	...	@@ -36,15 +34,13 @@ public class HttpServletRequestProducerTest {
36	34	}
37	35
38	36	@Test
39		- public void createR() {
40		- HttpClient client = new HttpClient();
41		- GetMethod method = new GetMethod(deploymentUrl + "/requestproducer");
42		- try {
43		- int status = client.executeMethod(method);
44		- assertEquals(HttpStatus.SC_OK, status);
45		- } catch (Exception e) {
46		- fail();
47		- }
48		- }
	37	+ public void createR() throws ClientProtocolException, IOException {
	38	+ DefaultHttpClient client = new DefaultHttpClient();
49	39
	40	+ HttpGet get = new HttpGet(deploymentUrl + "/requestproducer");
	41	+ HttpResponse response = client.execute(get);
	42	+
	43	+ int status = response.getStatusLine().getStatusCode();
	44	+ assertEquals(HttpStatus.SC_OK, status);
	45	+ }
50	46	}
...	...
...	...	@@ -2,7 +2,6 @@ package security;
2	2
3	3	import java.io.IOException;
4	4
5		-import javax.inject.Inject;
6	5	import javax.servlet.ServletException;
7	6	import javax.servlet.annotation.WebServlet;
8	7	import javax.servlet.http.HttpServlet;
...	...	@@ -13,25 +12,24 @@ import org.apache.http.HttpStatus;
13	12
14	13	import br.gov.frameworkdemoiselle.security.Credentials;
15	14	import br.gov.frameworkdemoiselle.security.SecurityContext;
	15	+import br.gov.frameworkdemoiselle.util.Beans;
16	16
17	17	@WebServlet("/login")
18	18	public class SecurityServlet extends HttpServlet {
19	19
20	20	private static final long serialVersionUID = 1L;
21	21
22		- @Inject
23		- private SecurityContext securityContext;
24		-
25		- @Inject
26		- private Credentials credentials;
27		-
28	22	@Override
29	23	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
30		- super.doGet(request, response);
31		-
32		- credentials.setUsername("users");
33		- credentials.setPassword("users");
34		- securityContext.login();
	24	+ String result = request.getHeader("Authorization");
	25	+ result = (result == null ? request.getHeader("authorization") : result);
	26	+
	27	+ Credentials credentials = Beans.getReference(Credentials.class);
	28	+ credentials.setUsername("asdrubal");
	29	+ credentials.setPassword("asdrubal");
	30	+
	31	+ Beans.getReference(SecurityContext.class).login();
	32	+
35	33	response.setStatus(HttpStatus.SC_OK);
36	34	}
37	35	}
...	...
1	1	package security;
2	2
3	3	import static org.junit.Assert.assertEquals;
4		-import static org.junit.Assert.fail;
5	4
6	5	import java.io.IOException;
7	6	import java.net.URL;
8	7
9		-import org.apache.commons.httpclient.HttpClient;
10		-import org.apache.commons.httpclient.HttpException;
11		-import org.apache.commons.httpclient.HttpStatus;
12		-import org.apache.commons.httpclient.methods.GetMethod;
	8	+import org.apache.http.HttpResponse;
	9	+import org.apache.http.HttpStatus;
	10	+import org.apache.http.client.ClientProtocolException;
	11	+import org.apache.http.client.methods.HttpGet;
	12	+import org.apache.http.impl.client.DefaultHttpClient;
13	13	import org.jboss.arquillian.container.test.api.Deployment;
14	14	import org.jboss.arquillian.junit.Arquillian;
15	15	import org.jboss.arquillian.test.api.ArquillianResource;
...	...	@@ -19,6 +19,8 @@ import org.junit.runner.RunWith;
19	19
20	20	import test.Tests;
21	21
	22	+import com.sun.enterprise.security.auth.login.FileLoginModule;
	23	+
22	24	@RunWith(Arquillian.class)
23	25	public class SecurityTest {
24	26
...	...	@@ -29,22 +31,17 @@ public class SecurityTest {
29	31
30	32	@Deployment(testable = false)
31	33	public static WebArchive createDeployment() {
32		- return Tests.createDeployment().addClass(SecurityServlet.class)
	34	+ return Tests.createDeployment().addClasses(SecurityServlet.class, FileLoginModule.class)
33	35	.addAsWebInfResource(Tests.createFileAsset(PATH + "/web.xml"), "web.xml");
34	36	}
35	37
36	38	@Test
37		- public void login() {
38		- HttpClient client = new HttpClient();
39		- GetMethod method = new GetMethod(deploymentUrl + "/login");
40		- try {
41		- int status = client.executeMethod(method);
42		- assertEquals(HttpStatus.SC_OK, status);
43		- } catch (HttpException e) {
44		- fail();
45		- } catch (IOException e) {
46		- e.printStackTrace();
47		- }
48		- }
	39	+ public void login() throws ClientProtocolException, IOException {
	40	+ DefaultHttpClient client = new DefaultHttpClient();
	41	+ HttpGet get = new HttpGet(deploymentUrl + "/login");
	42	+ HttpResponse response = client.execute(get);
49	43
	44	+ int status = response.getStatusLine().getStatusCode();
	45	+ assertEquals(HttpStatus.SC_OK, status);
	46	+ }
50	47	}
...	...
...	...	@@ -49,13 +49,11 @@
49	49	</extension>
50	50	-->
51	51
52		- <!--
53		- <container qualifier="glassfish" default="true">
	52	+ <container qualifier="glassfish-embedded" default="true">
54	53	<configuration>
55		- <property name="autoDelete">true</property>
	54	+ <property name="configurationXml">src/test/resources/domain.xml</property>
56	55	</configuration>
57	56	</container>
58		- -->
59	57
60	58	<!--
61	59	<container qualifier="jbossas-managed" default="true">
...	...
...	...	@@ -0,0 +1 @@
	1	+asdrubal;{SSHA256}xYbabe0zKCOUrsH4SNQ+MK75W7FxJujcDcAJ9iXruHm1uT5mn+yktw==;users
...	...
...	...	@@ -50,34 +50,33 @@
50	50	<url-pattern>/*</url-pattern>
51	51	</filter-mapping>
52	52
	53	+ <servlet>
	54	+ <servlet-name>Security Class</servlet-name>
	55	+ <servlet-class>security.SecurityServlet</servlet-class>
	56	+ </servlet>
	57	+ <servlet-mapping>
	58	+ <servlet-name>Security Class</servlet-name>
	59	+ <url-pattern>/login</url-pattern>
	60	+ </servlet-mapping>
53	61
	62	+ <!--
54	63	<security-constraint>
55	64	<web-resource-collection>
56		- <web-resource-name>myapp</web-resource-name>
57		- <url-pattern>/\*</url-pattern>
58		- <http-method>GET</http-method>
	65	+ <web-resource-name>Private URL</web-resource-name>
	66	+ <url-pattern>/login</url-pattern>
59	67	</web-resource-collection>
60	68	<auth-constraint>
61		- <role-name>users</role-name>
	69	+ <role-name>*</role-name>
62	70	</auth-constraint>
63	71	</security-constraint>
	72	+
64	73	<login-config>
65	74	<auth-method>BASIC</auth-method>
66		- <realm-name>default</realm-name>
	75	+ <realm-name>fileRealm</realm-name>
67	76	</login-config>
	77	+
68	78	<security-role>
69		- <role-name>users</role-name>
	79	+ <role-name>*</role-name>
70	80	</security-role>
71		-
72		- <servlet>
73		- <servlet-name>Security Class</servlet-name>
74		- <servlet-class>security.SecurityServlet</servlet-class>
75		- </servlet>
76		-
77		- <servlet-mapping>
78		- <servlet-name>Security Class</servlet-name>
79		- <url-pattern>/login</url-pattern>
80		- </servlet-mapping>
81		-
82		-
	81	+ -->
83	82	</web-app>
84	83	\ No newline at end of file
...	...