Squashed commit of the following:

commit dfe4640d8de7bf815f06ab56eea0c40a1ae34fbb Merge: dfe0f76e5f fac047905a Author: Jan Bartel <janb@webtide.com> Date: Fri Aug 12 08:36:00 2022 +1000 Merge remote-tracking branch 'origin/jetty-12.0.x' into jetty-12.0.x-8430-implement-declareroles commit dfe0f76e5f9dfaf62a7e3a31eeba3a9ef8b9e5c2 Merge: 0e099459ac 21944ab95c Author: Jan Bartel <janb@webtide.com> Date: Wed Aug 10 16:48:13 2022 +1000 Merge remote-tracking branch 'origin/jetty-12.0.x' into jetty-12.0.x-8430-implement-declareroles commit 0e099459acbf97e00b85a4d36a390f2c459f24d3 Author: Jan Bartel <janb@webtide.com> Date: Tue Aug 9 13:38:43 2022 +1000 Issue #8430 implement declareRoles for ee10
2022-08-12 08:38:02 +10:00 · 2022-08-12 08:38:02 +10:00 · 8c4474d614
parent fac047905a
commit 8c4474d614
2 changed files with 43 additions and 3 deletions
--- a/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextHandler.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/main/java/org/eclipse/jetty/ee10/servlet/ServletContextHandler.java
@ -23,6 +23,7 @@ import java.nio.file.Path;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.EnumSet;
 import java.util.Enumeration;
@ -1733,8 +1734,6 @@ public class ServletContextHandler extends ContextHandler implements Graceful
     */
    protected void addRoles(String... roleNames)
    {
-        /*
-        TODO: implement security.
        //Get a reference to the SecurityHandler, which must be ConstraintAware
        if (_securityHandler != null && _securityHandler instanceof ConstraintAware)
        {
@ -1745,7 +1744,6 @@ public class ServletContextHandler extends ContextHandler implements Graceful
            union.addAll(Arrays.asList(roleNames));
            ((ConstraintSecurityHandler)_securityHandler).setRoles(union);
        }
-         */
    }

    /**
--- a/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/ServletContextHandlerTest.java
+++ b/jetty-ee10/jetty-ee10-servlet/src/test/java/org/eclipse/jetty/ee10/servlet/ServletContextHandlerTest.java
@ -89,6 +89,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.notNullValue;
@ -293,6 +294,18 @@ public class ServletContextHandlerTest
            assertNull(sce.getServletContext().getAttribute("MyContextListener.contextInitialized"));
            sce.getServletContext().setAttribute("MyContextListener.contextInitialized", Boolean.TRUE);
            
+            assertNull(sce.getServletContext().getAttribute("MyContextListener.declareRoles"));
+            try
+            {
+                sce.getServletContext().declareRoles("foo", "bar");
+                sce.getServletContext().setAttribute("MyContextListener.declareRoles", Boolean.FALSE);
+            }
+            catch (UnsupportedOperationException e)
+            {
+                //Should NOT be able to call declareRoles from programmatic SCL
+                sce.getServletContext().setAttribute("MyContextListener.declareRoles", Boolean.TRUE);
+            }
+
            assertNull(sce.getServletContext().getAttribute("MyContextListener.defaultSessionTrackingModes"));
            try
            {
@ -845,6 +858,7 @@ public class ServletContextHandlerTest
        assertTrue((Boolean)root.getServletContext().getAttribute("MySCI.effectiveSessionTrackingModes"));
        assertTrue((Boolean)root.getServletContext().getAttribute("MySCI.setSessionTrackingModes"));
        assertTrue((Boolean)root.getServletContext().getAttribute("MyContextListener.contextInitialized"));
+        assertTrue((Boolean)root.getServletContext().getAttribute("MyContextListener.declareRoles"));
        assertTrue((Boolean)root.getServletContext().getAttribute("MyContextListener.defaultSessionTrackingModes"));
        assertTrue((Boolean)root.getServletContext().getAttribute("MyContextListener.effectiveSessionTrackingModes"));
        assertTrue((Boolean)root.getServletContext().getAttribute("MyContextListener.setSessionTrackingModes"));
@ -1493,6 +1507,18 @@ public class ServletContextHandlerTest
        assertThat("Response", response, containsString("Hello World"));
    }
    
+    @Test
+    public void testDeclareRoles() throws Exception
+    {
+        ServletContextHandler context = new ServletContextHandler();
+        context.setSecurityHandler(new ConstraintSecurityHandler());
+        context.addEventListener(new RolesListener());
+        context.setContextPath("/");
+        _server.setHandler(context);
+        _server.start();
+        assertThat(((ConstraintSecurityHandler)context.getSecurityHandler()).getRoles(), containsInAnyOrder("tom", "dick", "harry"));
+    }
+
    @Test
    public void testServletRegistrationByClass() throws Exception
    {
@ -1936,6 +1962,22 @@ public class ServletContextHandlerTest
        assertThat("Specific Legacy Decorator", response, containsString(expected));
    }
    
+    public static class RolesListener implements ServletContextListener
+    {
+        @Override
+        public void contextInitialized(ServletContextEvent sce)
+        {
+            sce.getServletContext().declareRoles("tom", "dick", "harry");
+            ServletContextListener.super.contextInitialized(sce);
+        }
+
+        @Override
+        public void contextDestroyed(ServletContextEvent sce)
+        {
+            ServletContextListener.super.contextDestroyed(sce);
+        }
+    }
+
    public static class HelloServlet extends HttpServlet
    {
        private static final long serialVersionUID = 1L;