Google Git
Sign in
eclipse / www.eclipse.org / webtools / 13c61b8971cb027b489d5897463f9e6941d3a0fb / . / jst / components / j2ee / scenarios / web_validation_testplan.xml
blob: 78664828356ffb327870453aef17abafb0a54a03 [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="../../../../wtp.xsl"?>
<html>
<head>
<meta
name="root"
content="../../../../.." />
<title>test plan: Web validation</title>
</head>
<body>
<h1>jst j2ee</h1>
<h2>Introduction</h2>
<p>
Validation is provided for Web Application of version 2.1, 2.2 and 2.3.
When validation runs both the web project structure, as well as the
web.xml and any web related artifacts are validated. The following test
scenario is aimed at exercising all validation checks to insure they are
working properly. In order to properly test the validation, invalid
states must be created by the user by editing the web.xml as well as the
project structure. The following scenario gives a list of states the
validator checks and instructions on how to edit your web app to achieve
these &quot;invalid&quot; states.
<br />
<br />
Import each of the following web application (one for each spec version)
which contains examples needed to run all War related validation checks.
Follow every step below for each archive web application.
<br />
For each of the following steps, open the web.xml....make the change
needed, save then run validation (by building or selecting &quot;Run
Validation&quot; after right clicking on the project) and check the
problems view (note: you may need to open the Problems view by hand
</p>
<h2>Steps</h2>
<p>
<ol>
<LI>
<B>Servlet Mapping</B>
<br />
Navigate to the
<FONT color="#0000ff">&lt;servlet-mapping&gt;</FONT>
tag
<br />
<UL>
<LI>
Change the name to &quot;HellowServlet1&quot;. Save and
run validaiton to see a warning
<br />
CHKJ3004W: The servlet mapping &quot;/HelloServlet&quot;
refers to a servlet that is not defined. web.xml
WebValidationTest23/WebContent/WEB-INF
</LI>
<LI>
Undo this change and continue
<br />
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Authorized role for a servlet mapping</B>
<br />
Add the following to the dd after the
<FONT color="#0000ff">&lt;welcome-file-list&gt;</FONT>
. Save and run validation. There should be no errors
<br />
<UL>
<LI>
<B>
&lt;security-role&gt;
<br />
&#160;&#160;&#160;&#160;&lt;description&gt;This is a
user He is cool&lt;/description&gt;
<br />
&#160;&#160;&#160;&#160;&lt;role-name&gt;user&lt;/role-name&gt;
<br />
&lt;/security-role&gt;
<br />
&lt;security-role&gt;
<br />
&#160;&#160;&#160;&#160;&lt;description&gt;This is
the boss&lt;/description&gt;
<br />
&#160;&#160;&#160;&#160;&lt;role-name&gt;manager&lt;/role-name&gt;
<br />
&lt;/security-role&gt;
</B>
<br />
<br />
and add the following to the &lt;servlet&gt; element
<br />
<br />
<B>
&lt;security-role-ref&gt;
<br />
&#160;&#160;&#160;&#160;&lt;role-name&gt;user
role&lt;/role-name&gt;
<br />
&#160;&#160;&#160;&#160;&lt;role-link&gt;user&lt;/role-link&gt;
<br />
&lt;/security-role-ref&gt;
</B>
</LI>
<br />
<br />
<LI>
Remove the role-name &quot;user role&quot; in the
security-role-ref Error Invalid Security role name
</LI>
<LI>
Remove the role-link &quot;user&quot; in the
security-role-ref Error InvalidSecurity role-link
</LI>
<LI>
Remove the role-name &quot;user&quot; on the
security-role
<br />
Error: Invalid Security role-link: user
<br />
Error: Empty entry of type security role name
</LI>
<LI>
Undo this change but leave the security roles
<br />
</LI>
</UL>
<br />
</LI>
<LI>
<B>
<I>User roles that are permitted access to security roles</I>
</B>
<BR />
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<BR />
<B>
&lt;security-constraint&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;web-resource-collection&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;web-resource-name&gt;secure
content&lt;/web-resource-name&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;description&gt;&lt;/description&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;url-pattern&gt;/secure&lt;/url-pattern&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;http-method&gt;PUT&lt;/http-method&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;http-method&gt;HEAD&lt;/http-method&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;/web-resource-collection&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;auth-constraint&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;description&gt;this
is secure&lt;/description&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;role-name&gt;user&lt;/role-name&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;/auth-constraint&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;user-data-constraint&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&lt;transport-guarantee&gt;INTEGRAL&lt;/transport-guarantee&gt;
<BR />
&#160;&#160;&#160;&#160;&lt;/user-data-constraint&gt;
<BR />
&lt;/security-constraint&gt;
<BR />
</B>
<BR />
and add the following
<BR />
<BR />
<B>&lt;web-resource-collection&gt;</B>
<BR />
<B>
&#160;&#160;&#160;&#160;&#160;&#160;&lt;web-resource-name&gt;WRC1&lt;/web-resource-name&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;description&gt;&lt;/description&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;http-method&gt;PUT&lt;/http-method&gt;
<BR />
&#160;&#160;&#160;&#160;&#160;&#160;&lt;http-method&gt;GET&lt;/http-method&gt;
<BR />
&lt;/web-resource-collection&gt;
</B>
</LI>
<LI>
change the PUT or GET to RANDOM or JUNK and save.Notice
the new error (then undo).
</LI>
<LI>
Renambe the &lt;transport-guarantee&gt; from INTEGRAL to
RANDOM and save. Notice the new error (then undo).
</LI>
<LI>
Rename
<FONT color="#0000ff">&lt;role-name&gt;</FONT>
from user to user 1 and save. Notice the new error (then
undo).
</LI>
</UL>
<br />
</LI>
<LI>
<B>
Login Authentication
<br />
</B>
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<br />
<B>
&lt;login-config&gt;
<br />
&#160;&#160;&#160;&#160;&lt;auth-method&gt;FORM&lt;/auth-method&gt;
<br />
&#160;&#160;&#160;&#160;&lt;form-login-config&gt;
<br />
&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&lt;form-login-page&gt;/index.html&lt;/form-login-page&gt;
<br />
&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&lt;form-error-page&gt;/error.html&lt;/form-error-page&gt;
<br />
&#160;&#160;&#160;&#160;&lt;/form-login-config&gt;
<br />
&lt;/login-config&gt;
</B>
</LI>
<LI>
Rename
<FONT color="#0000ff">&lt;auth-method&gt;</FONT>
FORM to BASIC and save. Notice the new validation
warning. (then undo).
</LI>
<LI>
Rename
<FONT color="#0000ff">&lt;auth-method&gt;</FONT>
FORM to RANDOM and save. Notice the new error (then
undo).
</LI>
<LI>
Delete the
<FONT color="#0000ff">&lt;url-pattern&gt;</FONT>
element in the &lt;servlet-mapping&gt;. Notice the new
error (then undo).
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Session Timeout</B>
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<br />
<B>
&lt;session-config&gt;
<br />
&#160;&#160;&#160;&#160;&lt;session-timeout&gt;30&lt;/session-timeout&gt;
<br />
&lt;/session-config&gt;
</B>
</LI>
<LI>
Change the 30 to 30.5 and save. Notice the new error
(then undo).
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Error Code</B>
<br />
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<br />
<B>
&lt;error-page&gt;
<br />
&#160;&#160;&#160;&#160;&lt;error-code&gt;404&lt;/error-code&gt;
<br />
&#160;&#160;&#160;&#160;&lt;location&gt;/error.html&lt;/location&gt;
<br />
&lt;/error-page&gt;
<br />
&lt;error-page&gt;
<br />
&#160;&#160;&#160;&#160;&lt;exception-type&gt;com.ibm.servlet.PageNotFoundException&lt;/exception-type&gt;
(Could not find class PageNotFoundException...)
<br />
&#160;&#160;&#160;&#160;&lt;location&gt;/error.html&lt;/location&gt;
<br />
&lt;/error-page&gt;
</B>
</LI>
<LI>
Verify that only error code can go into
<FONT color="#0000ff">&lt;error-code&gt;</FONT>
by changing 404 to a string and save. Notice the new
error (then undo)
</LI>
<LI>
Verify that only Java Exception Class can go into
<FONT color="#0000ff">&lt;exception-type&gt;</FONT>
by changing to RANDOM and save. Notice the new error
(then undo)
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Resource References</B>
<br />
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<B>
<br />
&lt;resource-ref id=&quot;ResourceRef_1&quot;&gt;
<br />
&#160;&#160;&#160;&#160;&lt;description&gt;&lt;/description&gt;
<br />
&#160;&#160;&#160;&#160;&lt;res-ref-name&gt;HelloWorld&lt;/res-ref-name&gt;
<br />
&#160;&#160;&#160;&#160;&lt;res-type&gt;java.lang.Object&lt;/res-type&gt;
<br />
&#160;&#160;&#160;&#160;&lt;res-auth&gt;Container&lt;/res-auth&gt;
<br />
&lt;/resource-ref&gt;
</B>
</LI>
<LI>
Verify
<FONT color="#0000ff">&lt;res-auth&gt;</FONT>
can only be &quot;Application&quot; or
&quot;Servlet&quot; by changing both to
&quot;RANDOM&quot; and saving. Notice the new error (then
undo).
<br />
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Filter</B>
<br />
<UL>
<LI>
In the web.xml navigate to the the
<FONT color="#0000ff">&lt;filter&gt;</FONT>
tag.
</LI>
<LI>
Change
<FONT color="#0000ff">&lt;filter-name&gt;</FONT>
MyFilter
<FONT color="#0000ff">&lt;/filter-name&gt;</FONT>
to RANDOM and save. Notice the new error (then undo)
</LI>
<LI>
In the
<FONT color="#0000ff">&lt;filter-mapping&gt;</FONT>
, change
<FONT color="#0000ff">&lt;filter-name&gt;</FONT>
MyFilter
<FONT color="#0000ff">&lt;/filter-name&gt;</FONT>
to RANDOM and save. Notice the new error (then undo).
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Listener</B>
<UL>
<LI>
Add the following to the web.xml after the
<FONT color="#0000ff">&lt;welcome-filelist&gt;</FONT>
tag and before the
<FONT color="#0000ff">&lt;security-role&gt;</FONT>
tags
<B>
<br />
&lt;listener&gt;
<br />
&#160;&#160;&#160;&#160;&lt;listener-class&gt;webtooling.MyListener&lt;/listener-class&gt;
<br />
&lt;/listener&gt;
</B>
</LI>
<LI>
Change
<FONT color="#0000ff">&lt;listener-class&gt;</FONT>
webtooling.MyListener
<FONT color="#0000ff">&lt;/listener-class&gt;</FONT>
to RANDOM and save. Notice the new error (then undo).
</LI>
</UL>
<BR />
</LI>
<LI>
<B>Validation Enablement</B>
<UL>
<LI>
Right click on one of your web projects and select
properties. IN the Validation submenu, select override
validation prefernces and deselect &quot;War
Validator&quot;. Now rerun one of the above steps to
insure validation does not run on a build (note: it does
by default) and that the Run Validation menu item is
disabled.
</LI>
</UL>
<br />
<UL></UL>
</LI>
</ol>
</p>
</body>
</html>