appserver/tests/appserv-tests/devtests/security/uncovered-http-methods/descriptor/web.xml - glassfish - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <!--

     Copyright (c) 2013, 2018 Oracle and/or its affiliates. All rights reserved.

     This program and the accompanying materials are made available under the
     terms of the Eclipse Public License v. 2.0, which is available at
     http://www.eclipse.org/legal/epl-2.0.

     This Source Code may also be made available under the following Secondary
     Licenses when the conditions for such availability set forth in the
     Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
     version 2 with the GNU Classpath Exception, which is available at
     https://www.gnu.org/software/classpath/license.html.

     SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

 -->

 <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee web-app_3_1.xsd" version="3.1">

     <!-- Also see the @ServletSecurity annotations on the servlet test classes -->

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Example1</web-resource-name>
             <url-pattern>/Example1</url-pattern>
             <http-method>GET</http-method>
             <http-method>POST</http-method>
         </web-resource-collection>
         <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
         </user-data-constraint>
     </security-constraint>

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Example2</web-resource-name>
             <url-pattern>/Example2</url-pattern>
             <http-method-omission>GET</http-method-omission>
             <http-method-omission>POST</http-method-omission>
         </web-resource-collection>
         <auth-constraint/>
     </security-constraint>

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Covered1</web-resource-name>
             <url-pattern>/Covered1</url-pattern>
         </web-resource-collection>
         <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
         </user-data-constraint>
     </security-constraint>

     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Covered2.1</web-resource-name>
             <url-pattern>/Covered2</url-pattern>
             <http-method-omission>GET</http-method-omission>
         </web-resource-collection>
         <auth-constraint/>
     </security-constraint>
     <security-constraint>
         <web-resource-collection>
             <web-resource-name>Covered2.2</web-resource-name>
             <url-pattern>/Covered2</url-pattern>
             <http-method>GET</http-method>
         </web-resource-collection>
         <user-data-constraint>
             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
         </user-data-constraint>
     </security-constraint>

 </web-app>
	<?xml version="1.0" encoding="UTF-8"?>
	<!--

	Copyright (c) 2013, 2018 Oracle and/or its affiliates. All rights reserved.

	This program and the accompanying materials are made available under the
	terms of the Eclipse Public License v. 2.0, which is available at
	http://www.eclipse.org/legal/epl-2.0.

	This Source Code may also be made available under the following Secondary
	Licenses when the conditions for such availability set forth in the
	Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	version 2 with the GNU Classpath Exception, which is available at
	https://www.gnu.org/software/classpath/license.html.

	SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

	-->

	<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee web-app_3_1.xsd" version="3.1">

	<!-- Also see the @ServletSecurity annotations on the servlet test classes -->

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>Example1</web-resource-name>
	<url-pattern>/Example1</url-pattern>
	<http-method>GET</http-method>
	<http-method>POST</http-method>
	</web-resource-collection>
	<user-data-constraint>
	<transport-guarantee>CONFIDENTIAL</transport-guarantee>
	</user-data-constraint>
	</security-constraint>

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>Example2</web-resource-name>
	<url-pattern>/Example2</url-pattern>
	<http-method-omission>GET</http-method-omission>
	<http-method-omission>POST</http-method-omission>
	</web-resource-collection>
	<auth-constraint/>
	</security-constraint>

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>Covered1</web-resource-name>
	<url-pattern>/Covered1</url-pattern>
	</web-resource-collection>
	<user-data-constraint>
	<transport-guarantee>CONFIDENTIAL</transport-guarantee>
	</user-data-constraint>
	</security-constraint>

	<security-constraint>
	<web-resource-collection>
	<web-resource-name>Covered2.1</web-resource-name>
	<url-pattern>/Covered2</url-pattern>
	<http-method-omission>GET</http-method-omission>
	</web-resource-collection>
	<auth-constraint/>
	</security-constraint>
	<security-constraint>
	<web-resource-collection>
	<web-resource-name>Covered2.2</web-resource-name>
	<url-pattern>/Covered2</url-pattern>
	<http-method>GET</http-method>
	</web-resource-collection>
	<user-data-constraint>
	<transport-guarantee>CONFIDENTIAL</transport-guarantee>
	</user-data-constraint>
	</security-constraint>

	</web-app>