| <?xml version="1.0"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <j:jelly |
| xmlns:j="jelly:core" |
| xmlns="jelly:jetty" |
| xmlns:http="jelly:http" |
| trim="false"> |
| |
| <j:set var="contextPathVar" value="/"/> |
| <j:set var="testPort" value="8100"/> |
| <j:set var="forbiddenUri" value="http://localhost:${testPort}/noaccess"/> |
| |
| <jettyHttpServer var="httpServerForbidden"> |
| <socketListener port="${testPort}"/> |
| <httpContext contextPath="${contextPathVar}" resourceBase="./docRoot"> |
| <securityHandler> |
| <constraints> |
| |
| <security-constraint> |
| <web-resource-collection> |
| <web-resource-name>Forbidden</web-resource-name> |
| <url-pattern>/*</url-pattern> |
| </web-resource-collection> |
| <auth-constraint> |
| </auth-constraint> |
| </security-constraint> |
| |
| </constraints> |
| </securityHandler> |
| |
| <resourceHandler/> |
| </httpContext> |
| </jettyHttpServer> |
| |
| <!-- get should always be forbidden --> |
| <http:get var="mtc" uri="${forbiddenUri}"/> |
| |
| <j:choose> |
| <j:when test="${mtc.statusCode == 403}"> |
| It works! |
| </j:when> |
| |
| <j:otherwise> |
| Results for mtc url are: |
| http return code = ${mtc.statusCode} |
| http status text = '${mtc.statusText}' |
| </j:otherwise> |
| </j:choose> |
| ${httpServerForbidden.stop(false)} |
| |
| </j:jelly> |