Details
-
Task
-
Resolution: Done
-
Major
-
None
-
None
Description
With Java Servlet 3.1 specification [1] comes possibility to use <deny-uncovered-http-methods/> tag in web.xml file. This new feature should be tested by a basic smoke test in WildFly testsuite.
Brief description of test case:
- set some of HTTP methods secured
- verify that these methods are accessible
- when anyone tries to use other than specified (i.e. secured) HTTP methods, status code 403 should be returned (according to specification)