[jboss-jira] [JBoss JIRA] (AS7-3415) security-constraint/user-data-constraint/transport-guarantee in web.xml file doesn't override setting from servlet @ServletSecurity transportGuarantee parameter

Peter Skopek created AS7-3415: --------------------------------- Summary: security-constraint/user-data-constraint/transport-guarantee in web.xml file doesn't override setting from servlet @ServletSecurity transportGuarantee parameter Key: AS7-3415 URL: https://issues.jboss.org/browse/AS7-3415 Project: Application Server 7 Issue Type: Bug Components: Web Affects Versions: 7.1.0.CR1b Reporter: Peter Skopek Assignee: Remy Maucherat security-constraint/user-data-constraint/transport-guarantee in web.xml file doesn't override setting from servlet @ServletSecurity transportGuarantee parameter {noformat} My settings: @ServletSecurity(@HttpConstraint(rolesAllowed = { "gooduser" }, transportGuarantee = TransportGuarantee.CONFIDENTIAL) ) web.xml excerpt: <security-constraint> <web-resource-collection> <web-resource-name>sec</web-resource-name> <url-pattern>/tgmixed/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>gooduser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira