From e4737e68f295a265baa67a892fa3201f43fb6a7c Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Tue, 15 Oct 2019 20:03:36 +0200
Subject: [PATCH 01/31] Update Travis file to use OpenJDK

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 6b0499ba1..d5babc431 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,7 +1,7 @@
 sudo: false
 language: java
 jdk:
-  - oraclejdk8
+  - openjdk8
 env:
   - TESTFOLDER=batch
   - TESTFOLDER=cdi

From 2c1ccfb970dbcd59590e0866b1ae1f8d18728f0c Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Tue, 5 Nov 2019 17:08:52 +0100
Subject: [PATCH 02/31] Some cleanup of the Servlet samples

Added test for cookie sample

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 servlet/async-servlet/pom.xml                 |   7 +-
 .../javaee7/servlet/async/MyAsyncServlet.java |  38 +++---
 servlet/cookies/pom.xml                       |   2 +
 .../servlet/cookies/ClientCookieServlet.java  | 114 ++++++++++++++++++
 .../javaee7/servlet/cookies/TestServlet.java  |  42 +++----
 .../servlet/cookies/SimpleServletTest.java    |  78 ++++++++++++
 servlet/error-mapping/pom.xml                 |   2 +
 servlet/event-listeners/pom.xml               |   2 +
 servlet/file-upload/pom.xml                   |   2 +
 servlet/metadata-complete/pom.xml             |   2 +
 servlet/nonblocking/pom.xml                   |   2 +
 servlet/pom.xml                               |  19 +--
 servlet/programmatic-registration/pom.xml     |   2 +
 servlet/protocol-handler/pom.xml              |   2 +
 servlet/resource-packaging/pom.xml            |   2 +
 servlet/security-annotated/pom.xml            |  21 ++--
 servlet/security-basicauth-omission/pom.xml   |  19 +--
 servlet/security-basicauth/pom.xml            |  19 +--
 servlet/security-clientcert-jce/pom.xml       |   4 +-
 servlet/security-clientcert/pom.xml           |   4 +-
 servlet/security-deny-uncovered/pom.xml       |  19 ++-
 servlet/security-digest/pom.xml               |  35 +++---
 servlet/security-form-based/pom.xml           |  18 +--
 servlet/security-programmatic/pom.xml         |   5 +-
 servlet/servlet-filters/pom.xml               |   2 +
 .../javaee7/servlet/filters/FooBarFilter.java |  46 ++++---
 .../javaee7/servlet/filters/TestServlet.java  |  10 +-
 .../servlet/filters/FilterServletTest.java    |  54 +++++----
 servlet/simple-servlet/pom.xml                |   7 +-
 .../javaee7/servlet/simple/SimpleServlet.java |  10 +-
 .../metadata/complete/SimpleServletTest.java  |  16 +--
 servlet/web-fragment/pom.xml                  |   2 +
 32 files changed, 413 insertions(+), 194 deletions(-)
 create mode 100644 servlet/cookies/src/main/java/org/javaee7/servlet/cookies/ClientCookieServlet.java
 create mode 100644 servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java

diff --git a/servlet/async-servlet/pom.xml b/servlet/async-servlet/pom.xml
index e940bdd18..64f60a48e 100644
--- a/servlet/async-servlet/pom.xml
+++ b/servlet/async-servlet/pom.xml
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 
 	<parent>
@@ -8,9 +7,9 @@
 		<artifactId>servlet</artifactId>
 		<version>1.0-SNAPSHOT</version>
 	</parent>
-	
+
 	<artifactId>servlet-async-servlet</artifactId>
 	<packaging>war</packaging>
-	
+
 	<name>Java EE 7 Sample: servlet - async-servlet</name>
 </project>
diff --git a/servlet/async-servlet/src/main/java/org/javaee7/servlet/async/MyAsyncServlet.java b/servlet/async-servlet/src/main/java/org/javaee7/servlet/async/MyAsyncServlet.java
index c8db9f77c..a340f5161 100644
--- a/servlet/async-servlet/src/main/java/org/javaee7/servlet/async/MyAsyncServlet.java
+++ b/servlet/async-servlet/src/main/java/org/javaee7/servlet/async/MyAsyncServlet.java
@@ -39,6 +39,8 @@
  */
 package org.javaee7.servlet.async;
 
+import java.io.IOException;
+
 import javax.annotation.Resource;
 import javax.enterprise.concurrent.ManagedExecutorService;
 import javax.servlet.AsyncContext;
@@ -49,7 +51,6 @@
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
 
 /**
  * @author Arun Gupta
@@ -57,24 +58,23 @@
 @WebServlet(urlPatterns = "/MyAsyncServlet", asyncSupported = true)
 public class MyAsyncServlet extends HttpServlet {
 
-    //    @Resource(lookup="java:comp/DefaultManagedExecutorService")
+    private static final long serialVersionUID = 3709640331218336841L;
+    
     @Resource
     ManagedExecutorService executor;
 
     /**
-     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
-     * methods.
+     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
      *
      * @param request servlet request
      * @param response servlet response
      * @throws ServletException if a servlet-specific error occurs
      * @throws IOException if an I/O error occurs
      */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        AsyncContext ac = request.startAsync();
+    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        AsyncContext asyncContext = request.startAsync();
 
-        ac.addListener(new AsyncListener() {
+        asyncContext.addListener(new AsyncListener() {
             @Override
             public void onComplete(AsyncEvent event) throws IOException {
                 event.getSuppliedResponse().getWriter().println("onComplete");
@@ -96,29 +96,29 @@ public void onStartAsync(AsyncEvent event) throws IOException {
                 event.getSuppliedResponse().getWriter().println("onStartAsync");
             }
         });
-        executor.submit(new MyAsyncService(ac));
+        
+        executor.submit(new MyAsyncService(asyncContext));
     }
 
     class MyAsyncService implements Runnable {
 
-        AsyncContext ac;
+        AsyncContext asyncContext;
 
-        public MyAsyncService(AsyncContext ac) {
-            this.ac = ac;
+        public MyAsyncService(AsyncContext asyncContext) {
+            this.asyncContext = asyncContext;
         }
 
         @Override
         public void run() {
             try {
-                ac.getResponse().getWriter().println("Running inside MyAsyncService");
+                asyncContext.getResponse().getWriter().println("Running inside MyAsyncService");
             } catch (IOException e) {
                 throw new IllegalStateException(e);
             }
-            ac.complete();
+            asyncContext.complete();
         }
     }
 
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
     /**
      * Handles the HTTP <code>GET</code> method.
      *
@@ -128,8 +128,7 @@ public void run() {
      * @throws IOException if an I/O error occurs
      */
     @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         processRequest(request, response);
     }
 
@@ -142,8 +141,7 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response)
      * @throws IOException if an I/O error occurs
      */
     @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         processRequest(request, response);
     }
 
@@ -155,5 +153,5 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
     @Override
     public String getServletInfo() {
         return "Short description";
-    }// </editor-fold>
+    }
 }
diff --git a/servlet/cookies/pom.xml b/servlet/cookies/pom.xml
index 9bd042110..f3981cade 100644
--- a/servlet/cookies/pom.xml
+++ b/servlet/cookies/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-cookies</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - cookies</name>
 </project>
diff --git a/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/ClientCookieServlet.java b/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/ClientCookieServlet.java
new file mode 100644
index 000000000..9805b8459
--- /dev/null
+++ b/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/ClientCookieServlet.java
@@ -0,0 +1,114 @@
+/*
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * Copyright (c) 2013 Oracle and/or its affiliates. All rights reserved.
+ *
+ * The contents of this file are subject to the terms of either the GNU
+ * General Public License Version 2 only ("GPL") or the Common Development
+ * and Distribution License("CDDL") (collectively, the "License").  You
+ * may not use this file except in compliance with the License.  You can
+ * obtain a copy of the License at
+ * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
+ * or packager/legal/LICENSE.txt.  See the License for the specific
+ * language governing permissions and limitations under the License.
+ *
+ * When distributing the software, include this License Header Notice in each
+ * file and include the License file at packager/legal/LICENSE.txt.
+ *
+ * GPL Classpath Exception:
+ * Oracle designates this particular file as subject to the "Classpath"
+ * exception as provided by Oracle in the GPL Version 2 section of the License
+ * file that accompanied this code.
+ *
+ * Modifications:
+ * If applicable, add the following below the License Header, with the fields
+ * enclosed by brackets [] replaced by your own identifying information:
+ * "Portions Copyright [year] [name of copyright owner]"
+ *
+ * Contributor(s):
+ * If you wish your version of this file to be governed by only the CDDL or
+ * only the GPL Version 2, indicate your decision by adding "[Contributor]
+ * elects to include this software in this distribution under the [CDDL or GPL
+ * Version 2] license."  If you don't indicate a single choice of license, a
+ * recipient has the option to distribute your version of this file under
+ * either the CDDL, the GPL Version 2 or to extend the choice of license to
+ * its licensees as provided above.  However, if you add GPL Version 2 code
+ * and therefore, elected the GPL Version 2 license, then the option applies
+ * only if the new code is made subject to such option by the copyright
+ * holder.
+ */
+package org.javaee7.servlet.cookies;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arun Gupta
+ */
+@WebServlet(urlPatterns = { "/ClientCookieServlet" })
+public class ClientCookieServlet extends HttpServlet {
+
+    private static final long serialVersionUID = -1944396991856607131L;
+
+    /**
+     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
+     *
+     * @param request servlet request
+     * @param response servlet response
+     * @throws ServletException if a servlet-specific error occurs
+     * @throws IOException if an I/O error occurs
+     */
+    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
+        
+        try (PrintWriter out = response.getWriter()) {
+            out.println("<!DOCTYPE html>");
+            out.println("<html>");
+            out.println("<head>");
+            out.println("<title>Servlet ClientCookieServlet</title>");
+            out.println("</head>");
+            out.println("<body>");
+            out.println("<h1>Servlet ClientCookieServlet at " + request.getContextPath() + "</h1>");
+            
+            
+            out.println("<script type=\"text/javascript\">");
+            out.println("document.write(document.cookie);");
+            out.println("</script>");
+          
+            out.println("</body>");
+            out.println("</html>");
+        }
+    }
+
+    /**
+     * Handles the HTTP <code>GET</code> method.
+     *
+     * @param request servlet request
+     * @param response servlet response
+     * @throws ServletException if a servlet-specific error occurs
+     * @throws IOException if an I/O error occurs
+     */
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        processRequest(request, response);
+    }
+
+    /**
+     * Handles the HTTP <code>POST</code> method.
+     *
+     * @param request servlet request
+     * @param response servlet response
+     * @throws ServletException if a servlet-specific error occurs
+     * @throws IOException if an I/O error occurs
+     */
+    @Override
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        processRequest(request, response);
+    }
+}
diff --git a/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/TestServlet.java b/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/TestServlet.java
index e1beb39a5..1ad92047e 100644
--- a/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/TestServlet.java
+++ b/servlet/cookies/src/main/java/org/javaee7/servlet/cookies/TestServlet.java
@@ -41,9 +41,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+
 import javax.servlet.ServletException;
-import javax.servlet.SessionCookieConfig;
-import javax.servlet.annotation.MultipartConfig;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServlet;
@@ -54,21 +53,21 @@
  * @author Arun Gupta
  */
 @WebServlet(urlPatterns = { "/TestServlet" })
-@MultipartConfig(location = "/tmp")
 public class TestServlet extends HttpServlet {
 
+    private static final long serialVersionUID = -1944396991856607131L;
+
     /**
-     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
-     * methods.
+     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
      *
      * @param request servlet request
      * @param response servlet response
      * @throws ServletException if a servlet-specific error occurs
      * @throws IOException if an I/O error occurs
      */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         response.setContentType("text/html;charset=UTF-8");
+        
         try (PrintWriter out = response.getWriter()) {
             out.println("<!DOCTYPE html>");
             out.println("<html>");
@@ -77,33 +76,36 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
             out.println("</head>");
             out.println("<body>");
             out.println("<h1>Servlet TestServlet at " + request.getContextPath() + "</h1>");
-            SessionCookieConfig cookies = request.getServletContext().getSessionCookieConfig();
-            out.println("Found cookie: " + cookies.getName());
+            
+            if (request.getCookies() != null) {
+                for (Cookie cookie : request.getCookies()) {
+                    out.println("Found cookie: " + cookie.getName());
+                }
+            }
 
+            // General cookie
             Cookie cookie = new Cookie("myCookieKey", "myCookieValue");
             cookie.setMaxAge(60);
             response.addCookie(cookie);
+            
             out.println("<br><br>Set a new cookie");
 
+            // Http only cookie
             cookie = new Cookie("myHttpOnlyCookieKey", "myHttpOnlyCookieValue");
             cookie.setHttpOnly(true);
             cookie.setMaxAge(60);
             response.addCookie(cookie);
+            
             out.println("<br>Set a new HTTPOnly Cookie<br><br>");
             out.println("Check what cookies are visible by");
-            out.println("<a href=\"http://"
-                + request.getServerName()
-                + ":"
-                + request.getServerPort()
-                + request.getContextPath()
-                + "/index-cookies.jsp\">clicking here</a>");
+            out.println("<a href=\"http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath()
+                    + "/index-cookies.jsp\">clicking here</a>");
 
             out.println("</body>");
             out.println("</html>");
         }
     }
 
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
     /**
      * Handles the HTTP <code>GET</code> method.
      *
@@ -113,8 +115,7 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
      * @throws IOException if an I/O error occurs
      */
     @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         processRequest(request, response);
     }
 
@@ -127,8 +128,7 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response)
      * @throws IOException if an I/O error occurs
      */
     @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         processRequest(request, response);
     }
 
@@ -140,6 +140,6 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
     @Override
     public String getServletInfo() {
         return "Short description";
-    }// </editor-fold>
+    }
 
 }
diff --git a/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java b/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java
new file mode 100644
index 000000000..b9e1344cb
--- /dev/null
+++ b/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java
@@ -0,0 +1,78 @@
+package org.javaee7.servlet.cookies;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URL;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.xml.sax.SAXException;
+
+import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+
+/**
+ * @author Arjan Tijms
+ */
+@RunWith(Arquillian.class)
+public class SimpleServletTest {
+
+    @ArquillianResource
+    private URL base;
+
+    private WebClient webClient;
+
+    @Deployment(testable = false)
+    public static WebArchive createDeployment() {
+        return ShrinkWrap.create(WebArchive.class)
+                         .addClasses(TestServlet.class, ClientCookieServlet.class);
+    }
+
+    @Before
+    public void setup() {
+        webClient = new WebClient();
+    }
+
+    @Test
+    public void testCookies() throws IOException, SAXException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        assertFalse(page.asText().contains("Found cookie: myCookieKey Found cookie: myHttpOnlyCookieKey"));
+        
+        // Request page again, should now send cookies back
+        page = webClient.getPage(base + "TestServlet");
+        
+        assertTrue(page.asText().contains("Found cookie: myCookieKey Found cookie: myHttpOnlyCookieKey"));
+        
+        page = webClient.getPage(base + "ClientCookieServlet");
+        webClient.waitForBackgroundJavaScript(1000);
+        
+        System.out.println(page.asText());
+        
+    }
+    
+    @Test
+    public void testHttpOnlyCookies() throws IOException, SAXException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        assertFalse(page.asText().contains("Found cookie: myCookieKey Found cookie: myHttpOnlyCookieKey"));
+        
+        // Request page with client-side script, should now be able to read cookies client-side
+        page = webClient.getPage(base + "ClientCookieServlet");
+        webClient.waitForBackgroundJavaScript(1000);
+        
+        assertTrue(page.asText().contains("myCookieKey"));
+        assertFalse(page.asText().contains("myHttpOnlyCookieKey"));
+        
+        System.out.println(page.asText());
+    }
+   
+}
diff --git a/servlet/error-mapping/pom.xml b/servlet/error-mapping/pom.xml
index 0a10ffe60..3f8c317d1 100644
--- a/servlet/error-mapping/pom.xml
+++ b/servlet/error-mapping/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-error-mapping</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - error-mapping</name>
 </project>
diff --git a/servlet/event-listeners/pom.xml b/servlet/event-listeners/pom.xml
index 90543ed06..21b5f3b2e 100644
--- a/servlet/event-listeners/pom.xml
+++ b/servlet/event-listeners/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-event-listeners</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - event-listeners</name>
 </project>
diff --git a/servlet/file-upload/pom.xml b/servlet/file-upload/pom.xml
index 44d680ccc..138088586 100644
--- a/servlet/file-upload/pom.xml
+++ b/servlet/file-upload/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-file-upload</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - file-upload</name>
 </project>
diff --git a/servlet/metadata-complete/pom.xml b/servlet/metadata-complete/pom.xml
index cf6ab3a63..3385b53a0 100644
--- a/servlet/metadata-complete/pom.xml
+++ b/servlet/metadata-complete/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-metadata-complete</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - metadata-complete</name>
 </project>
diff --git a/servlet/nonblocking/pom.xml b/servlet/nonblocking/pom.xml
index 071e5e798..3a169d6b5 100644
--- a/servlet/nonblocking/pom.xml
+++ b/servlet/nonblocking/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-nonblocking</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - nonblocking</name>
 </project>
diff --git a/servlet/pom.xml b/servlet/pom.xml
index 802416e4f..872dd15f9 100644
--- a/servlet/pom.xml
+++ b/servlet/pom.xml
@@ -1,18 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>samples-parent</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet</artifactId>
-    <packaging>pom</packaging>
-    
-    <name>Java EE 7 Sample: servlet</name>
 
-    <modules>
+   <artifactId>servlet</artifactId>
+   <packaging>pom</packaging>
+
+   <name>Java EE 7 Sample: servlet</name>
+
+   <modules>
     	<module>simple-servlet</module>
         <module>async-servlet</module>
         <module>servlet-filters</module>
@@ -39,7 +40,7 @@
         <module>security-basicauth-omission</module>
     </modules>
 
-    <dependencies>
+   <dependencies>
         <dependency>
             <groupId>org.javaee7</groupId>
             <artifactId>test-utils</artifactId>
diff --git a/servlet/programmatic-registration/pom.xml b/servlet/programmatic-registration/pom.xml
index 6abec3004..88b8a5aad 100644
--- a/servlet/programmatic-registration/pom.xml
+++ b/servlet/programmatic-registration/pom.xml
@@ -8,8 +8,10 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-programmatic-registration</artifactId>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - programmatic-registration</name>
 </project>
diff --git a/servlet/protocol-handler/pom.xml b/servlet/protocol-handler/pom.xml
index 4cd9f2198..733bddf27 100644
--- a/servlet/protocol-handler/pom.xml
+++ b/servlet/protocol-handler/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-protocol-handler</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - protocol-handler</name>
 </project>
diff --git a/servlet/resource-packaging/pom.xml b/servlet/resource-packaging/pom.xml
index b1ddf7528..9ad606524 100644
--- a/servlet/resource-packaging/pom.xml
+++ b/servlet/resource-packaging/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-resource-packaging</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - resource-packaging</name>
 </project>
diff --git a/servlet/security-annotated/pom.xml b/servlet/security-annotated/pom.xml
index 6b4c5877e..c33b70c41 100644
--- a/servlet/security-annotated/pom.xml
+++ b/servlet/security-annotated/pom.xml
@@ -1,18 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
-    
-    <parent>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
+
+   <parent>
         <groupId>org.javaee7</groupId>
-		<artifactId>servlet</artifactId>
+        <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
 
-    <artifactId>security-annotated</artifactId>
-    <packaging>war</packaging>
-    
-    <name>Java EE 7 Sample: servlet - security-annotated</name>
-    
-    <profiles>
+   <artifactId>security-annotated</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-annotated</name>
+
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
diff --git a/servlet/security-basicauth-omission/pom.xml b/servlet/security-basicauth-omission/pom.xml
index 64d2f4e6b..660e50e17 100644
--- a/servlet/security-basicauth-omission/pom.xml
+++ b/servlet/security-basicauth-omission/pom.xml
@@ -1,17 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet-security-basicauth-omission</artifactId>
-    <packaging>war</packaging>
-    <name>Java EE 7 Sample: servlet - security-basicauth-omission</name>
-    
-    <profiles>
+
+   <artifactId>servlet-security-basicauth-omission</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-basicauth-omission</name>
+
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
@@ -34,5 +36,4 @@
             </build>
         </profile>
     </profiles>
-    
 </project>
diff --git a/servlet/security-basicauth/pom.xml b/servlet/security-basicauth/pom.xml
index de632d638..c0a327fe2 100644
--- a/servlet/security-basicauth/pom.xml
+++ b/servlet/security-basicauth/pom.xml
@@ -1,18 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet-security-basicauth</artifactId>
-    <packaging>war</packaging>
-    
-    <name>Java EE 7 Sample: servlet - security-basicauth</name>
-    
-    <profiles>
+
+   <artifactId>servlet-security-basicauth</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-basicauth</name>
+
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
diff --git a/servlet/security-clientcert-jce/pom.xml b/servlet/security-clientcert-jce/pom.xml
index 860c1ce6c..9e985b8a7 100644
--- a/servlet/security-clientcert-jce/pom.xml
+++ b/servlet/security-clientcert-jce/pom.xml
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <parent>
@@ -40,5 +39,4 @@
             </plugin>
         </plugins>
     </build>
-    
 </project>
diff --git a/servlet/security-clientcert/pom.xml b/servlet/security-clientcert/pom.xml
index cc15ea24b..ceee567c8 100644
--- a/servlet/security-clientcert/pom.xml
+++ b/servlet/security-clientcert/pom.xml
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <parent>
@@ -40,5 +39,4 @@
             </plugin>
         </plugins>
     </build>
-    
 </project>
diff --git a/servlet/security-deny-uncovered/pom.xml b/servlet/security-deny-uncovered/pom.xml
index d3dd691a0..16a0dd1df 100644
--- a/servlet/security-deny-uncovered/pom.xml
+++ b/servlet/security-deny-uncovered/pom.xml
@@ -1,18 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet-security-deny-uncovered</artifactId>
-    <packaging>war</packaging>
-    
-    <name>Java EE 7 Sample: servlet - security-deny-uncovered</name>
 
-    <profiles>
+   <artifactId>servlet-security-deny-uncovered</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-deny-uncovered</name>
+
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
@@ -35,6 +36,4 @@
             </build>
         </profile>
     </profiles>
-
-    
 </project>
diff --git a/servlet/security-digest/pom.xml b/servlet/security-digest/pom.xml
index bd3e6878b..1347f78eb 100644
--- a/servlet/security-digest/pom.xml
+++ b/servlet/security-digest/pom.xml
@@ -1,18 +1,27 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet-security-digest</artifactId>
-    <packaging>war</packaging>
-    
-    <name>Java EE 7 Sample: servlet - security-digest</name>
 
-    <build>
+   <artifactId>servlet-security-digest</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-digest</name>
+
+   <dependencies>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.11</version>
+        </dependency>
+    </dependencies>
+
+   <build>
         <plugins>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
@@ -30,15 +39,7 @@
         </plugins>
     </build>
 
-    <dependencies>
-        <dependency>
-            <groupId>commons-codec</groupId>
-            <artifactId>commons-codec</artifactId>
-            <version>1.11</version>
-        </dependency>
-    </dependencies>
-    
-    <profiles>
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
diff --git a/servlet/security-form-based/pom.xml b/servlet/security-form-based/pom.xml
index d0e4dabe8..e4126eb3c 100644
--- a/servlet/security-form-based/pom.xml
+++ b/servlet/security-form-based/pom.xml
@@ -1,17 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
 
-    <parent>
+   <parent>
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
-    <artifactId>servlet-security-form-based</artifactId>
-    <packaging>war</packaging>
-    <name>Java EE 7 Sample: servlet - security-form-based</name>
-    
-    <profiles>
+
+   <artifactId>servlet-security-form-based</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-form-based</name>
+
+   <profiles>
         <profile>
             <id>payara-micro-managed</id>
             <build>
diff --git a/servlet/security-programmatic/pom.xml b/servlet/security-programmatic/pom.xml
index 87df3cf45..5548cbd47 100644
--- a/servlet/security-programmatic/pom.xml
+++ b/servlet/security-programmatic/pom.xml
@@ -7,10 +7,10 @@
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
     </parent>
-    
+
     <artifactId>servlet-security-programmatic</artifactId>
     <packaging>war</packaging>
-    
+
     <name>Java EE 7 Sample: servlet - security-programmatic</name>
 
     <profiles>
@@ -36,5 +36,4 @@
             </build>
         </profile>
     </profiles>
-    
 </project>
diff --git a/servlet/servlet-filters/pom.xml b/servlet/servlet-filters/pom.xml
index aaa5cf172..bb21b456a 100644
--- a/servlet/servlet-filters/pom.xml
+++ b/servlet/servlet-filters/pom.xml
@@ -8,7 +8,9 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <artifactId>servlet-servlet-filters</artifactId>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - servlet-filters</name>
 </project>
diff --git a/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/FooBarFilter.java b/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/FooBarFilter.java
index 34359ce7b..0f6b525c9 100644
--- a/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/FooBarFilter.java
+++ b/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/FooBarFilter.java
@@ -39,6 +39,9 @@
  */
 package org.javaee7.servlet.filters;
 
+import java.io.IOException;
+import java.io.PrintWriter;
+
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -47,8 +50,6 @@
 import javax.servlet.ServletResponse;
 import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
 
 /**
  * @author Arun Gupta
@@ -57,30 +58,16 @@
 public class FooBarFilter implements Filter {
 
     private FilterConfig filterConfig;
-
-    private void doBeforeProcessing(ServletRequest request, ServletResponse response)
-        throws IOException, ServletException {
-        try (PrintWriter out = response.getWriter()) {
-            out.print("foo--");
-            out.flush();
-        }
-    }
-
-    private void doAfterProcessing(ServletRequest request, ServletResponse response)
-        throws IOException, ServletException {
-        try (PrintWriter out = response.getWriter()) {
-            out.print("--bar");
-            out.flush();
-        }
+    
+    @Override
+    public void init(FilterConfig filterConfig) {
+        this.filterConfig = filterConfig;
     }
 
     @Override
-    public void doFilter(ServletRequest request, ServletResponse response,
-        FilterChain chain)
-        throws IOException, ServletException {
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
         PrintWriter out = response.getWriter();
-        CharResponseWrapper wrappedResponse = new CharResponseWrapper(
-            (HttpServletResponse) response);
+        CharResponseWrapper wrappedResponse = new CharResponseWrapper((HttpServletResponse) response);
 
         doBeforeProcessing(request, wrappedResponse);
         chain.doFilter(request, wrappedResponse);
@@ -92,10 +79,19 @@ public void doFilter(ServletRequest request, ServletResponse response,
     @Override
     public void destroy() {
     }
+    
+    private void doBeforeProcessing(ServletRequest request, ServletResponse response) throws IOException, ServletException {
+        try (PrintWriter out = response.getWriter()) {
+            out.print("foo--");
+            out.flush();
+        }
+    }
 
-    @Override
-    public void init(FilterConfig filterConfig) {
-        this.filterConfig = filterConfig;
+    private void doAfterProcessing(ServletRequest request, ServletResponse response) throws IOException, ServletException {
+        try (PrintWriter out = response.getWriter()) {
+            out.print("--bar");
+            out.flush();
+        }
     }
 
 }
diff --git a/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/TestServlet.java b/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/TestServlet.java
index 7101b9ec6..a4e9bf3aa 100644
--- a/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/TestServlet.java
+++ b/servlet/servlet-filters/src/main/java/org/javaee7/servlet/filters/TestServlet.java
@@ -39,13 +39,14 @@
  */
 package org.javaee7.servlet.filters;
 
+import java.io.IOException;
+import java.io.PrintWriter;
+
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
 
 /**
  * @author Kuba Marchwicki
@@ -53,9 +54,10 @@
 @WebServlet(urlPatterns = { "/TestServlet", "/filtered/TestServlet" })
 public class TestServlet extends HttpServlet {
 
+    private static final long serialVersionUID = -1521781346816042757L;
+
     @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         response.setContentType("text/html;charset=UTF-8");
         try (PrintWriter out = response.getWriter()) {
             out.print("bar");
diff --git a/servlet/servlet-filters/src/test/java/org/javaee7/servlet/filters/FilterServletTest.java b/servlet/servlet-filters/src/test/java/org/javaee7/servlet/filters/FilterServletTest.java
index 6da88151e..721f6612c 100644
--- a/servlet/servlet-filters/src/test/java/org/javaee7/servlet/filters/FilterServletTest.java
+++ b/servlet/servlet-filters/src/test/java/org/javaee7/servlet/filters/FilterServletTest.java
@@ -1,33 +1,35 @@
 package org.javaee7.servlet.filters;
 
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertThat;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+
+import javax.ws.rs.client.ClientBuilder;
+import javax.ws.rs.core.Response;
+
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.container.test.api.RunAsClient;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.ShrinkWrap;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
-import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.WebTarget;
-import javax.ws.rs.core.Response;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URL;
-
-import static org.hamcrest.CoreMatchers.*;
-
 @RunWith(Arquillian.class)
 public class FilterServletTest {
 
-    @Deployment
+    @Deployment(testable = false)
     public static WebArchive createDeployment() {
         return ShrinkWrap.create(WebArchive.class)
-            .addClass(CharResponseWrapper.class)
-            .addClasses(TestServlet.class, FooBarFilter.class);
+            .addClasses(
+                CharResponseWrapper.class, 
+                TestServlet.class, 
+                FooBarFilter.class);
     }
 
     @ArquillianResource
@@ -36,20 +38,24 @@ public static WebArchive createDeployment() {
     @Test
     @RunAsClient
     public void filtered_servlet_should_return_enhanced_foobar_text() throws MalformedURLException {
-        Client client = ClientBuilder.newClient();
-        WebTarget target = client.target(URI.create(new URL(base, "filtered/TestServlet").toExternalForm()));
-
-        Response response = target.request().get();
-        Assert.assertThat(response.readEntity(String.class), is(equalTo("foo--bar--bar")));
+        Response response = 
+            ClientBuilder.newClient()
+                         .target(URI.create(new URL(base, "filtered/TestServlet").toExternalForm()))
+                         .request()
+                         .get();
+        
+        assertThat(response.readEntity(String.class), is(equalTo("foo--bar--bar")));
     }
 
     @Test
     @RunAsClient
     public void standard_servlet_should_return_simple_text() throws MalformedURLException {
-        Client client = ClientBuilder.newClient();
-        WebTarget target = client.target(URI.create(new URL(base, "TestServlet").toExternalForm()));
-
-        Response response = target.request().get();
-        Assert.assertThat(response.readEntity(String.class), is(equalTo("bar")));
+        Response response = 
+            ClientBuilder.newClient()
+                         .target(URI.create(new URL(base, "TestServlet").toExternalForm()))
+                         .request()
+                         .get();
+        
+        assertThat(response.readEntity(String.class), is(equalTo("bar")));
     }
 }
diff --git a/servlet/simple-servlet/pom.xml b/servlet/simple-servlet/pom.xml
index 5a2d35483..1a54652f1 100644
--- a/servlet/simple-servlet/pom.xml
+++ b/servlet/simple-servlet/pom.xml
@@ -6,11 +6,10 @@
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-  </parent>
-    <groupId>org.javaee7</groupId>
+    </parent>
+
     <artifactId>servlet-simple-servlet</artifactId>
-    <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - simple-servlet</name>
 </project>
diff --git a/servlet/simple-servlet/src/main/java/org/javaee7/servlet/simple/SimpleServlet.java b/servlet/simple-servlet/src/main/java/org/javaee7/servlet/simple/SimpleServlet.java
index 6f929c4ce..79687c40b 100644
--- a/servlet/simple-servlet/src/main/java/org/javaee7/servlet/simple/SimpleServlet.java
+++ b/servlet/simple-servlet/src/main/java/org/javaee7/servlet/simple/SimpleServlet.java
@@ -1,6 +1,7 @@
 package org.javaee7.servlet.simple;
 
 import java.io.IOException;
+
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
@@ -12,15 +13,16 @@
  */
 @WebServlet("/SimpleServlet")
 public class SimpleServlet extends HttpServlet {
+
+    private static final long serialVersionUID = -8359235999619949424L;
+
     @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         response.getWriter().print("my GET");
     }
 
     @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         response.getWriter().print("my POST");
     }
 }
diff --git a/servlet/simple-servlet/src/test/java/org/javaee7/servlet/metadata/complete/SimpleServletTest.java b/servlet/simple-servlet/src/test/java/org/javaee7/servlet/metadata/complete/SimpleServletTest.java
index 76829dd03..0e7e1eac7 100644
--- a/servlet/simple-servlet/src/test/java/org/javaee7/servlet/metadata/complete/SimpleServletTest.java
+++ b/servlet/simple-servlet/src/test/java/org/javaee7/servlet/metadata/complete/SimpleServletTest.java
@@ -1,24 +1,26 @@
 package org.javaee7.servlet.metadata.complete;
 
-import org.javaee7.servlet.simple.SimpleServlet;
-import com.gargoylesoftware.htmlunit.HttpMethod;
-import com.gargoylesoftware.htmlunit.TextPage;
-import com.gargoylesoftware.htmlunit.WebClient;
-import com.gargoylesoftware.htmlunit.WebRequest;
-import java.io.File;
+import static org.junit.Assert.assertEquals;
+
 import java.io.IOException;
 import java.net.URL;
+
+import org.javaee7.servlet.simple.SimpleServlet;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.ShrinkWrap;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
-import static org.junit.Assert.*;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.xml.sax.SAXException;
 
+import com.gargoylesoftware.htmlunit.HttpMethod;
+import com.gargoylesoftware.htmlunit.TextPage;
+import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.WebRequest;
+
 /**
  * @author Arun Gupta
  */
diff --git a/servlet/web-fragment/pom.xml b/servlet/web-fragment/pom.xml
index 224442afe..f639b7a4c 100644
--- a/servlet/web-fragment/pom.xml
+++ b/servlet/web-fragment/pom.xml
@@ -8,9 +8,11 @@
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
   </parent>
+
     <groupId>org.javaee7</groupId>
     <artifactId>servlet-web-fragment</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
+
     <name>Java EE 7 Sample: servlet - web-fragment</name>
 </project>

From 857696766270e6dd237bf3303cbbf1cf1e135bc4 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Tue, 5 Nov 2019 21:08:23 +0100
Subject: [PATCH 03/31] Cleanup for Servlet error mapping and adding test

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../servlet/cookies/SimpleServletTest.java    |  8 +--
 servlet/error-mapping/pom.xml                 |  3 -
 .../servlet/error/mapping/ErrorServlet.java}  | 48 ++++++++-----
 .../error/mapping/NotFoundServlet.java}       | 49 +++++++++-----
 .../servlet/error/mapping/TestServlet.java    | 47 ++-----------
 .../src/main/webapp/WEB-INF/web.xml           | 16 ++---
 .../error/mapping/ErrorMappingTest.java       | 67 +++++++++++++++++++
 7 files changed, 141 insertions(+), 97 deletions(-)
 rename servlet/error-mapping/src/main/{webapp/error-404.jsp => java/org/javaee7/servlet/error/mapping/ErrorServlet.java} (67%)
 rename servlet/error-mapping/src/main/{webapp/error-exception.jsp => java/org/javaee7/servlet/error/mapping/NotFoundServlet.java} (67%)
 create mode 100644 servlet/error-mapping/src/test/java/org/javaee7/servlet/error/mapping/ErrorMappingTest.java

diff --git a/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java b/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java
index b9e1344cb..6f33dd018 100644
--- a/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java
+++ b/servlet/cookies/src/test/java/org/javaee7/servlet/cookies/SimpleServletTest.java
@@ -51,12 +51,6 @@ public void testCookies() throws IOException, SAXException {
         page = webClient.getPage(base + "TestServlet");
         
         assertTrue(page.asText().contains("Found cookie: myCookieKey Found cookie: myHttpOnlyCookieKey"));
-        
-        page = webClient.getPage(base + "ClientCookieServlet");
-        webClient.waitForBackgroundJavaScript(1000);
-        
-        System.out.println(page.asText());
-        
     }
     
     @Test
@@ -69,6 +63,8 @@ public void testHttpOnlyCookies() throws IOException, SAXException {
         page = webClient.getPage(base + "ClientCookieServlet");
         webClient.waitForBackgroundJavaScript(1000);
         
+        System.out.println(page.asText());
+        
         assertTrue(page.asText().contains("myCookieKey"));
         assertFalse(page.asText().contains("myHttpOnlyCookieKey"));
         
diff --git a/servlet/error-mapping/pom.xml b/servlet/error-mapping/pom.xml
index 3f8c317d1..c4b8230e5 100644
--- a/servlet/error-mapping/pom.xml
+++ b/servlet/error-mapping/pom.xml
@@ -6,12 +6,9 @@
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
   </parent>
 
-    <groupId>org.javaee7</groupId>
     <artifactId>servlet-error-mapping</artifactId>
-    <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
 
     <name>Java EE 7 Sample: servlet - error-mapping</name>
diff --git a/servlet/error-mapping/src/main/webapp/error-404.jsp b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/ErrorServlet.java
similarity index 67%
rename from servlet/error-mapping/src/main/webapp/error-404.jsp
rename to servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/ErrorServlet.java
index c4ce2711e..2f0d9949d 100644
--- a/servlet/error-mapping/src/main/webapp/error-404.jsp
+++ b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/ErrorServlet.java
@@ -1,4 +1,3 @@
-<!-- 
 /*
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
@@ -38,19 +37,36 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
--->
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-   "http://www.w3.org/TR/html4/loose.dtd">
+package org.javaee7.servlet.error.mapping;
 
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>Error Mapping Sample - 404 page not found</title>
-    </head>
-    <body>
-        <h1>Error Mapping Sample - 404 page not found</h1>
-        
-        Go <a href="${pageContext.request.contextPath}/index.jsp">home</a>.
-    </body>
-</html>
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms
+ */
+@WebServlet("/error")
+public class ErrorServlet extends HttpServlet {
+
+    private static final long serialVersionUID = -3681304530279446784L;
+
+    /**
+     * Handles the HTTP <code>GET</code> method.
+     *
+     * @param request servlet request
+     * @param response servlet response
+     * @throws ServletException if a servlet-specific error occurs
+     * @throws IOException if an I/O error occurs
+     */
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().write("!error!");
+    }
+
+}
diff --git a/servlet/error-mapping/src/main/webapp/error-exception.jsp b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/NotFoundServlet.java
similarity index 67%
rename from servlet/error-mapping/src/main/webapp/error-exception.jsp
rename to servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/NotFoundServlet.java
index 72e67435e..5c6af4a73 100644
--- a/servlet/error-mapping/src/main/webapp/error-exception.jsp
+++ b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/NotFoundServlet.java
@@ -1,4 +1,3 @@
-<!-- 
 /*
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
@@ -38,21 +37,35 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
--->
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-   "http://www.w3.org/TR/html4/loose.dtd">
+package org.javaee7.servlet.error.mapping;
 
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>Error Mapping Sample - Exception Mapping</title>
-    </head>
-    <body>
-        <h1>Error Mapping Sample - Exception Mapping</h1>
-        
-        This page is shown when a java.lang.RuntimeException is thrown.<br><br>
-        
-        Go <a href="${pageContext.request.contextPath}/index.jsp">home</a>.
-    </body>
-</html>
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms
+ */
+@WebServlet("/notfound")
+public class NotFoundServlet extends HttpServlet {
+
+    private static final long serialVersionUID = -3681304530279446784L;
+
+    /**
+     * Handles the HTTP <code>GET</code> method.
+     *
+     * @param request servlet request
+     * @param response servlet response
+     * @throws ServletException if a servlet-specific error occurs
+     * @throws IOException if an I/O error occurs
+     */
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().write("!not found!");
+    }
+}
diff --git a/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/TestServlet.java b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/TestServlet.java
index 45d9ee442..c1d45aa06 100644
--- a/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/TestServlet.java
+++ b/servlet/error-mapping/src/main/java/org/javaee7/servlet/error/mapping/TestServlet.java
@@ -40,7 +40,7 @@
 package org.javaee7.servlet.error.mapping;
 
 import java.io.IOException;
-import java.io.PrintWriter;
+
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
@@ -48,24 +48,12 @@
 
 /**
  * @author Arun Gupta
+ * @author Arjan Tijms
  */
 public class TestServlet extends HttpServlet {
 
-    /**
-     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
-     * methods.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        throw new RuntimeException();
-    }
+    private static final long serialVersionUID = -3681304530279446784L;
 
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
     /**
      * Handles the HTTP <code>GET</code> method.
      *
@@ -75,33 +63,8 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
      * @throws IOException if an I/O error occurs
      */
     @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
-    /**
-     * Handles the HTTP <code>POST</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        throw new RuntimeException();
     }
 
-    /**
-     * Returns a short description of the servlet.
-     *
-     * @return a String containing servlet description
-     */
-    @Override
-    public String getServletInfo() {
-        return "Short description";
-    }// </editor-fold>
-
 }
diff --git a/servlet/error-mapping/src/main/webapp/WEB-INF/web.xml b/servlet/error-mapping/src/main/webapp/WEB-INF/web.xml
index e9929cfb6..2c4396e28 100644
--- a/servlet/error-mapping/src/main/webapp/WEB-INF/web.xml
+++ b/servlet/error-mapping/src/main/webapp/WEB-INF/web.xml
@@ -40,11 +40,7 @@
  * holder.
  */
 -->
-<web-app 
-    version="3.1" 
-    xmlns="http://xmlns.jcp.org/xml/ns/javaee" 
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
-    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">   
+<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">   
     <servlet>
         <servlet-name>TestServlet</servlet-name>
         <servlet-class>org.javaee7.servlet.error.mapping.TestServlet</servlet-class>
@@ -53,17 +49,13 @@
         <servlet-name>TestServlet</servlet-name>
         <url-pattern>/TestServlet</url-pattern>
     </servlet-mapping>
-    <session-config>
-        <session-timeout>
-            30
-        </session-timeout>
-    </session-config>
+    
     <error-page> 
         <error-code>404</error-code> 
-        <location>/error-404.jsp</location>
+        <location>/notfound</location>
     </error-page>
     <error-page> 
         <exception-type>java.lang.RuntimeException</exception-type> 
-        <location>/error-exception.jsp</location>
+        <location>/error</location>
     </error-page>
 </web-app>
diff --git a/servlet/error-mapping/src/test/java/org/javaee7/servlet/error/mapping/ErrorMappingTest.java b/servlet/error-mapping/src/test/java/org/javaee7/servlet/error/mapping/ErrorMappingTest.java
new file mode 100644
index 000000000..39b1207d1
--- /dev/null
+++ b/servlet/error-mapping/src/test/java/org/javaee7/servlet/error/mapping/ErrorMappingTest.java
@@ -0,0 +1,67 @@
+package org.javaee7.servlet.error.mapping;
+
+import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URL;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.xml.sax.SAXException;
+
+import com.gargoylesoftware.htmlunit.TextPage;
+import com.gargoylesoftware.htmlunit.WebClient;
+
+/**
+ * @author Arjan Tijms
+ */
+@RunWith(Arquillian.class)
+public class ErrorMappingTest {
+    
+    private static final String WEBAPP_SRC = "src/main/webapp";
+
+    @ArquillianResource
+    private URL base;
+
+    private WebClient webClient;
+
+    @Deployment(testable = false)
+    public static WebArchive createDeployment() {
+        return ShrinkWrap.create(WebArchive.class)
+                         .addAsWebInfResource((new File(WEBAPP_SRC + "/WEB-INF", "web.xml")))
+                         .addClasses(
+                             TestServlet.class, 
+                             ErrorServlet.class,
+                             NotFoundServlet.class);
+    }
+
+    @Before
+    public void setup() {
+        webClient = new WebClient();
+        webClient.getOptions().setThrowExceptionOnFailingStatusCode(false);
+    }
+
+    @Test
+    public void testError() throws IOException, SAXException {
+        TextPage page = webClient.getPage(base + "TestServlet");
+        
+        System.out.println(page.getContent());
+        
+        assertTrue(page.getContent().contains("!error!"));
+    }
+    
+    @Test
+    public void test404() throws IOException, SAXException {
+        TextPage page = webClient.getPage(base + "does-not-exist");
+        
+        assertTrue(page.getContent().contains("!not found!"));
+    }
+   
+}

From a013bfc4118654e92adf1a320f4cb090ae0e7bc5 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 6 Nov 2019 02:34:21 +0100
Subject: [PATCH 04/31] Cleaning servlet events sample plus added test

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 servlet/event-listeners/pom.xml               |   4 +-
 .../listeners/MyContextAttributeListener.java |   6 +-
 .../event/listeners/MyContextListener.java    |   4 +-
 .../MyHttpSessionActivationListener.java      |   4 +-
 .../MyHttpSessionAttributeListener.java       |   6 +-
 .../MyHttpSessionBindingListener.java         |   4 +-
 .../MyServletRequestAttributeListener.java    |   6 +-
 .../listeners/MyServletRequestListener.java   |   4 +-
 .../event/listeners/MySessionIdListener.java  |   2 +-
 .../event/listeners/MySessionListener.java    |   4 +-
 .../servlet/event/listeners/TestServlet.java  | 109 +++++++-----------
 .../event/listeners/EventListenerTest.java    |  90 +++++++++++++++
 12 files changed, 153 insertions(+), 90 deletions(-)
 create mode 100644 servlet/event-listeners/src/test/java/org/javaee7/servlet/event/listeners/EventListenerTest.java

diff --git a/servlet/event-listeners/pom.xml b/servlet/event-listeners/pom.xml
index 21b5f3b2e..0880ecfd7 100644
--- a/servlet/event-listeners/pom.xml
+++ b/servlet/event-listeners/pom.xml
@@ -7,11 +7,9 @@
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
-  </parent>
+    </parent>
 
-    <groupId>org.javaee7</groupId>
     <artifactId>servlet-event-listeners</artifactId>
-    <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
 
     <name>Java EE 7 Sample: servlet - event-listeners</name>
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextAttributeListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextAttributeListener.java
index 2e9acbe26..94a3e1367 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextAttributeListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextAttributeListener.java
@@ -53,16 +53,16 @@ public class MyContextAttributeListener implements ServletContextAttributeListen
 
     @Override
     public void attributeAdded(ServletContextAttributeEvent event) {
-        System.out.println("MyContextAttributeListener.attributeAdded: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyContextAttributeListener.attributeAdded: " + event.getName());
     }
 
     @Override
     public void attributeRemoved(ServletContextAttributeEvent event) {
-        System.out.println("MyContextAttributeListener.attributeRemoved: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyContextAttributeListener.attributeRemoved: " + event.getName());
     }
 
     @Override
     public void attributeReplaced(ServletContextAttributeEvent event) {
-        System.out.println("MyContextAttributeListener.attributeReplaced: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyContextAttributeListener.attributeReplaced: " + event.getName());
     }
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextListener.java
index 063a9b945..4a009b298 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyContextListener.java
@@ -53,11 +53,11 @@ public class MyContextListener implements ServletContextListener {
 
     @Override
     public void contextInitialized(ServletContextEvent sce) {
-        System.out.println("MyContextListener.contextInitialized: " + sce.getServletContext().getContextPath());
+        TestServlet.eventBuffer.append("\nMyContextListener.contextInitialized: " + sce.getServletContext().getContextPath());
     }
 
     @Override
     public void contextDestroyed(ServletContextEvent sce) {
-        System.out.println("MyContextListener.contextDestroyed: " + sce.getServletContext().getContextPath());
+        TestServlet.eventBuffer.append("\nMyContextListener.contextDestroyed: " + sce.getServletContext().getContextPath());
     }
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionActivationListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionActivationListener.java
index 0d8b73fe5..9b99a249d 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionActivationListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionActivationListener.java
@@ -51,12 +51,12 @@ public class MyHttpSessionActivationListener implements HttpSessionActivationLis
 
     @Override
     public void sessionWillPassivate(HttpSessionEvent se) {
-        System.out.println("MyHttpSessionActivationListener.sessionWillPassivate: " + se.getSession().getId());
+        TestServlet.eventBuffer.append("\nMyHttpSessionActivationListener.sessionWillPassivate: " + se.getSession().getId());
     }
 
     @Override
     public void sessionDidActivate(HttpSessionEvent se) {
-        System.out.println("MyHttpSessionActivationListener.sessionDidActivate: " + se.getSession().getId());
+        TestServlet.eventBuffer.append("\nMyHttpSessionActivationListener.sessionDidActivate: " + se.getSession().getId());
     }
 
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionAttributeListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionAttributeListener.java
index 1e7cbdea6..8cab6fbb2 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionAttributeListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionAttributeListener.java
@@ -53,16 +53,16 @@ public class MyHttpSessionAttributeListener implements HttpSessionAttributeListe
 
     @Override
     public void attributeAdded(HttpSessionBindingEvent event) {
-        System.out.println("MyHttpSessionAttributeListener.attributeAdded: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyHttpSessionAttributeListener.attributeAdded: " + event.getName());
     }
 
     @Override
     public void attributeRemoved(HttpSessionBindingEvent event) {
-        System.out.println("MyHttpSessionAttributeListener.attributeRemoved: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyHttpSessionAttributeListener.attributeRemoved: " + event.getName());
     }
 
     @Override
     public void attributeReplaced(HttpSessionBindingEvent event) {
-        System.out.println("MyHttpSessionAttributeListener.attributeReplaced: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyHttpSessionAttributeListener.attributeReplaced: " + event.getName());
     }
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionBindingListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionBindingListener.java
index 5eb2daefc..fe98aa4f7 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionBindingListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyHttpSessionBindingListener.java
@@ -51,12 +51,12 @@ public class MyHttpSessionBindingListener implements HttpSessionBindingListener
 
     @Override
     public void valueBound(HttpSessionBindingEvent event) {
-        System.out.println("MyHttpSessionBindingListener.valueBound: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyHttpSessionBindingListener.valueBound: " + event.getName());
     }
 
     @Override
     public void valueUnbound(HttpSessionBindingEvent event) {
-        System.out.println("MyHttpSessionBindingListener.valueUnbound: " + event.getName());
+        TestServlet.eventBuffer.append("\nMyHttpSessionBindingListener.valueUnbound: " + event.getName());
     }
 
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestAttributeListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestAttributeListener.java
index cc0dc6f4d..5c05ea3ae 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestAttributeListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestAttributeListener.java
@@ -53,17 +53,17 @@ public class MyServletRequestAttributeListener implements ServletRequestAttribut
 
     @Override
     public void attributeAdded(ServletRequestAttributeEvent srae) {
-        System.out.println("MyServletRequestAttributeListener.attributeAdded: " + srae.getName());
+        TestServlet.eventBuffer.append("\nMyServletRequestAttributeListener.attributeAdded: " + srae.getName());
     }
 
     @Override
     public void attributeRemoved(ServletRequestAttributeEvent srae) {
-        System.out.println("MyServletRequestAttributeListener.attributeRemoved: " + srae.getName());
+        TestServlet.eventBuffer.append("\nMyServletRequestAttributeListener.attributeRemoved: " + srae.getName());
     }
 
     @Override
     public void attributeReplaced(ServletRequestAttributeEvent srae) {
-        System.out.println("MyServletRequestAttributeListener.attributeReplaced: " + srae.getName());
+        TestServlet.eventBuffer.append("\nMyServletRequestAttributeListener.attributeReplaced: " + srae.getName());
     }
 
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestListener.java
index 09b7af811..c5a73e88c 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MyServletRequestListener.java
@@ -53,11 +53,11 @@ public class MyServletRequestListener implements ServletRequestListener {
 
     @Override
     public void requestDestroyed(ServletRequestEvent sre) {
-        System.out.println("MyServletRequestListener.requestDestroyed: " + sre.getServletContext().getContextPath());
+        TestServlet.eventBuffer.append("\nMyServletRequestListener.requestDestroyed: " + sre.getServletContext().getContextPath());
     }
 
     @Override
     public void requestInitialized(ServletRequestEvent sre) {
-        System.out.println("MyServletRequestListener.requestInitialized: " + sre.getServletContext().getContextPath());
+        TestServlet.eventBuffer.append("\nMyServletRequestListener.requestInitialized: " + sre.getServletContext().getContextPath());
     }
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionIdListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionIdListener.java
index 5a9224b60..a95fea58f 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionIdListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionIdListener.java
@@ -53,7 +53,7 @@ public class MySessionIdListener implements HttpSessionIdListener {
 
     @Override
     public void sessionIdChanged(HttpSessionEvent event, String oldSessionId) {
-        System.out.println("MySessionIdListener.sessionIdChanged: new=" + event.getSession().getId() + ", old=" + oldSessionId);
+        TestServlet.eventBuffer.append("\nMySessionIdListener.sessionIdChanged: new=" + event.getSession().getId() + ", old=" + oldSessionId);
     }
 
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionListener.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionListener.java
index e72488652..f3b27d086 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionListener.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/MySessionListener.java
@@ -53,11 +53,11 @@ public class MySessionListener implements HttpSessionListener {
 
     @Override
     public void sessionCreated(HttpSessionEvent se) {
-        System.out.println("MySessionListener.sessionCreated: " + se.getSession().getId());
+        TestServlet.eventBuffer.append("\nMySessionListener.sessionCreated: " + se.getSession().getId());
     }
 
     @Override
     public void sessionDestroyed(HttpSessionEvent se) {
-        System.out.println("MySessionListener.sessionDestroyed: " + se.getSession().getId());
+        TestServlet.eventBuffer.append("\nMySessionListener.sessionDestroyed: " + se.getSession().getId());
     }
 }
diff --git a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/TestServlet.java b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/TestServlet.java
index 074137976..daa804af7 100644
--- a/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/TestServlet.java
+++ b/servlet/event-listeners/src/main/java/org/javaee7/servlet/event/listeners/TestServlet.java
@@ -53,85 +53,60 @@
 @WebServlet(urlPatterns = "/TestServlet")
 public class TestServlet extends HttpServlet {
 
+    private static final long serialVersionUID = -535776072448287787L;
+    
+    public static StringBuffer eventBuffer = new StringBuffer();
+
     /**
-     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
-     * methods.
+     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
      *
      * @param request servlet request
      * @param response servlet response
      * @throws ServletException if a servlet-specific error occurs
      * @throws IOException if an I/O error occurs
      */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        eventBuffer.setLength(0);
+        
         response.setContentType("text/html;charset=UTF-8");
         PrintWriter out = response.getWriter();
+        
         out.println("<!DOCTYPE html>");
         out.println("<html>");
-        out.println("<head>");
-        out.println("<title>Servlet Event Listeners</title>");
-        out.println("</head>");
-        out.println("<body>");
-        out.println("<h1>Servlet Event Listeners</h1>");
-        out.println("<h2>Setting, updating, and removing ServletContext Attributes</h2>");
-        request.getServletContext().setAttribute("attribute1", "attribute-value1");
-        request.getServletContext().setAttribute("attribute1", "attribute-updated-value1");
-        request.getServletContext().removeAttribute("attribute1");
-        out.println("done");
-        out.println("<h2>Setting, updating, and removing HttpSession Attributes</h2>");
-        request.getSession(true).setAttribute("attribute1", "attribute-value1");
-        request.getSession().setAttribute("attribute1", "attribute-updated-value1");
-        request.getSession().removeAttribute("attribute1");
-        out.println("done");
-        out.println("<h2>Setting, updating, and removing ServletRequest Attributes</h2>");
-        request.setAttribute("attribute1", "attribute-value1");
-        request.setAttribute("attribute1", "attribute-updated-value1");
-        request.removeAttribute("attribute1");
-        out.println("done");
-        out.println("<h2>Invalidating session</h2>");
-        request.getSession().invalidate();
-        out.println("done");
-        out.println("<br><br>Check output in server log");
-        out.println("</body>");
+            out.println("<head>");
+                out.println("<title>Servlet Event Listeners</title>");
+            out.println("</head>");
+            out.println("<body>");
+                out.println("<h1>Servlet Event Listeners</h1>");
+                
+                out.println("<h2>Setting, updating, and removing ServletContext Attributes</h2>");
+                request.getServletContext().setAttribute("attribute1", "attribute-value1");
+                request.getServletContext().setAttribute("attribute1", "attribute-updated-value1");
+                request.getServletContext().removeAttribute("attribute1");
+                out.println("done");
+        
+                out.println("<h2>Setting, updating, and removing HttpSession Attributes</h2>");
+                request.getSession(true).setAttribute("attribute1", "attribute-value1");
+                request.getSession().setAttribute("attribute1", "attribute-updated-value1");
+                request.getSession().removeAttribute("attribute1");
+                out.println("done");
+        
+                out.println("<h2>Setting, updating, and removing ServletRequest Attributes</h2>");
+                request.setAttribute("attribute1", "attribute-value1");
+                request.setAttribute("attribute1", "attribute-updated-value1");
+                request.removeAttribute("attribute1");
+                out.println("done");
+        
+                out.println("<h2>Invalidating session</h2>");
+                request.getSession().invalidate();
+                out.println("done");
+        
+                out.println("<br><br>Generated output:");
+                out.println("<pre>");
+                out.println(eventBuffer.toString());
+                out.println("</pre>");
+            out.println("</body>");
         out.println("</html>");
     }
 
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
-    /**
-     * Handles the HTTP <code>GET</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
-    /**
-     * Handles the HTTP <code>POST</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
-    /**
-     * Returns a short description of the servlet.
-     *
-     * @return a String containing servlet description
-     */
-    @Override
-    public String getServletInfo() {
-        return "Short description";
-    }// </editor-fold>
 }
diff --git a/servlet/event-listeners/src/test/java/org/javaee7/servlet/event/listeners/EventListenerTest.java b/servlet/event-listeners/src/test/java/org/javaee7/servlet/event/listeners/EventListenerTest.java
new file mode 100644
index 000000000..128a93a68
--- /dev/null
+++ b/servlet/event-listeners/src/test/java/org/javaee7/servlet/event/listeners/EventListenerTest.java
@@ -0,0 +1,90 @@
+package org.javaee7.servlet.event.listeners;
+
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URL;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+
+/**
+ * @author Arjan Tijms
+ */
+@RunWith(Arquillian.class)
+public class EventListenerTest {
+
+    @ArquillianResource
+    private URL base;
+
+    private WebClient webClient;
+
+    @Deployment(testable = false)
+    public static WebArchive createDeployment() {
+        return ShrinkWrap
+             .create(WebArchive.class)
+             .addClasses(
+                 MyServletRequestAttributeListener.class,
+                 MyHttpSessionActivationListener.class,
+                 MyHttpSessionAttributeListener.class,
+                 MyHttpSessionBindingListener.class,
+                 MyContextAttributeListener.class,
+                 MyServletRequestListener.class,
+                 MySessionIdListener.class,
+                 MyContextListener.class,
+                 MySessionListener.class,
+                 TestServlet.class);
+    }
+
+    @Before
+    public void setup() {
+        webClient = new WebClient();
+    }
+
+    @Test
+    public void testContextAttributeListener() throws IOException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        System.out.println(page.asText());
+        
+        assertTrue(page.asText().contains("MyContextAttributeListener.attributeAdded: attribute1"));
+        assertTrue(page.asText().contains("MyContextAttributeListener.attributeReplaced: attribute1"));
+        assertTrue(page.asText().contains("MyContextAttributeListener.attributeRemoved: attribute1"));
+    }
+    
+    @Test
+    public void testSessionListener() throws IOException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        assertTrue(page.asText().contains("MySessionListener.sessionCreated:"));
+        assertTrue(page.asText().contains("MySessionListener.sessionDestroyed:"));
+    }
+    
+    @Test
+    public void testSessionAttributeListener() throws IOException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        assertTrue(page.asText().contains("MyHttpSessionAttributeListener.attributeAdded: attribute1"));
+        assertTrue(page.asText().contains("MyHttpSessionAttributeListener.attributeReplaced: attribute1"));
+        assertTrue(page.asText().contains("MyHttpSessionAttributeListener.attributeRemoved: attribute1"));
+    }
+    
+    @Test
+    public void testRequestAttributeListener() throws IOException {
+        HtmlPage page = webClient.getPage(base + "TestServlet");
+        
+        assertTrue(page.asText().contains("MyServletRequestAttributeListener.attributeAdded: attribute1"));
+        assertTrue(page.asText().contains("MyServletRequestAttributeListener.attributeReplaced: attribute1"));
+        assertTrue(page.asText().contains("MyServletRequestAttributeListener.attributeRemoved: attribute1"));
+    }
+   
+}

From de82de6403daea3f9e308ab70856771ee3b3168a Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Thu, 7 Nov 2019 14:15:24 +0100
Subject: [PATCH 05/31] Cleaned up servlet protocol sample and added test

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 servlet/protocol-handler/pom.xml              |  3 -
 .../protocolhandler/MyProtocolHandler.java    | 19 ++---
 .../protocolhandler/UpgradeServlet.java       | 78 ++++---------------
 .../protocolhandler/ProtocolHandlerTest.java  | 77 ++++++++++++++++++
 4 files changed, 98 insertions(+), 79 deletions(-)
 create mode 100644 servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java

diff --git a/servlet/protocol-handler/pom.xml b/servlet/protocol-handler/pom.xml
index 733bddf27..e49c5507f 100644
--- a/servlet/protocol-handler/pom.xml
+++ b/servlet/protocol-handler/pom.xml
@@ -6,12 +6,9 @@
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
     </parent>
 
-    <groupId>org.javaee7</groupId>
     <artifactId>servlet-protocol-handler</artifactId>
-    <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
 
     <name>Java EE 7 Sample: servlet - protocol-handler</name>
diff --git a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/MyProtocolHandler.java b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/MyProtocolHandler.java
index 6cb8c1952..cc191c731 100644
--- a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/MyProtocolHandler.java
+++ b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/MyProtocolHandler.java
@@ -39,30 +39,27 @@
  */
 package org.javaee7.servlet.protocolhandler;
 
-import java.io.IOException;
-import javax.servlet.ServletInputStream;
-import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpUpgradeHandler;
 import javax.servlet.http.WebConnection;
 
 /**
  * @author Arun Gupta
+ * @author Arjan Tijms
  */
 public class MyProtocolHandler implements HttpUpgradeHandler {
 
-    //    public MyProtocolHandler(ServletInputStream in, ServletOutputStream out) {
-    //    }
-
     @Override
-    public void init(WebConnection wc) {
-        try (ServletInputStream input = wc.getInputStream();
-            ServletOutputStream output = wc.getOutputStream();) {
-        } catch (IOException ex) {
+    public void init(WebConnection webConnection) {
+        try {
+            webConnection.getOutputStream().write(("In protocol handler" + "\n").getBytes());
+            webConnection.getOutputStream().close();
+        } catch (Exception ex) {
+            ex.printStackTrace();
         }
     }
 
     @Override
     public void destroy() {
-        throw new UnsupportedOperationException("Not supported yet.");
+        // Nothing to do
     }
 }
diff --git a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
index 9ab55053e..8bca67535 100644
--- a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
+++ b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
@@ -39,8 +39,10 @@
  */
 package org.javaee7.servlet.protocolhandler;
 
+import static javax.servlet.http.HttpServletResponse.SC_SWITCHING_PROTOCOLS;
+
 import java.io.IOException;
-import java.io.PrintWriter;
+
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
@@ -50,79 +52,25 @@
 /**
  * @author Arun Gupta
  */
-@WebServlet(urlPatterns = { "/UpgradeServlet" })
+@WebServlet("/UpgradeServlet")
 public class UpgradeServlet extends HttpServlet {
 
-    /**
-     * Processes requests for both HTTP
-     * <code>GET</code> and
-     * <code>POST</code> methods.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        response.setContentType("text/html;charset=UTF-8");
-        try (PrintWriter out = response.getWriter()) {
-            out.println("<html>");
-            out.println("<head>");
-            out.println("<title>Servlet UpgradeServlet</title>");
-            out.println("</head>");
-            out.println("<body>");
-            out.println("<h1>Servlet UpgradeServlet at " + request.getContextPath() + "</h1>");
-            if (request.getHeader("Upgrade").equals("echo")) {
-                response.setStatus(HttpServletResponse.SC_SWITCHING_PROTOCOLS);
-                response.setHeader("Connection", "Upgrade");
-                response.setHeader("Upgrade", "echo");
-                request.upgrade(MyProtocolHandler.class);
-                System.out.println("Request upgraded to MyProtocolHandler");
-            }
-            out.println("</body>");
-            out.println("</html>");
-        }
-    }
+    private static final long serialVersionUID = 1L;
 
-    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
     /**
-     * Handles the HTTP
-     * <code>GET</code> method.
+     * Processes requests for HTTP <code>GET</code>
      *
      * @param request servlet request
      * @param response servlet response
      * @throws ServletException if a servlet-specific error occurs
      * @throws IOException if an I/O error occurs
      */
-    @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setStatus(SC_SWITCHING_PROTOCOLS);
+        response.setHeader("Connection", "Upgrade");
+        response.setHeader("Upgrade", "echo");
+        request.upgrade(MyProtocolHandler.class);
+        
+        System.out.println("Request upgraded to MyProtocolHandler");
     }
-
-    /**
-     * Handles the HTTP
-     * <code>POST</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response)
-        throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
-    /**
-     * Returns a short description of the servlet.
-     *
-     * @return a String containing servlet description
-     */
-    @Override
-    public String getServletInfo() {
-        return "Short description";
-    }// </editor-fold>
 }
diff --git a/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java b/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java
new file mode 100644
index 000000000..2e02c1baa
--- /dev/null
+++ b/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java
@@ -0,0 +1,77 @@
+package org.javaee7.servlet.protocolhandler;
+
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.net.URLConnection;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.RunAsClient;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+/**
+ * @author Arjan Tijms
+ */
+@RunWith(Arquillian.class)
+public class ProtocolHandlerTest {
+
+    @ArquillianResource
+    private URL base;
+
+    @Deployment(testable = false)
+    public static WebArchive createDeployment() {
+        return 
+            ShrinkWrap.create(WebArchive.class)
+                     .addClasses(
+                         UpgradeServlet.class,
+                         MyProtocolHandler.class);
+    }
+
+    @Test
+    @RunAsClient
+    public void testUpgradeProtocol() throws IOException, URISyntaxException {
+        
+        // Read more manually from the connection, as using the regular readers (JAX-RS client, HtmlUnit)
+        // typically hang when reading.
+        
+        URLConnection connection = new URL(base, "UpgradeServlet").openConnection();
+        connection.setConnectTimeout(2000);
+        connection.setReadTimeout(2000);
+        
+        StringBuilder response = new StringBuilder();
+        
+        try (InputStream in = connection.getInputStream()) {
+            InputStreamReader reader = new InputStreamReader(in);
+            
+            long startTime = System.currentTimeMillis();
+            while (System.currentTimeMillis() - startTime < 10000) {  // for at most 10 seconds   
+                try {
+                    char[] buffer = new char[1];
+                    reader.read(buffer);
+                    
+                    System.out.println("Character read = " + buffer[0]);
+                    
+                    // Use the end of line character is this sample to signal end of transmission
+                    if (buffer[0] == '\n') {
+                        break;
+                    }
+                    response.append(buffer[0]);
+                } catch(Exception e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+        
+        assertTrue("In protocol handler".equals(response.toString()));
+    }
+    
+}

From b70076f84e9ce8659a764cbdfcf9ac06da7cc8f5 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Thu, 7 Nov 2019 14:21:37 +0100
Subject: [PATCH 06/31] Small cleanup for Servlet programmatic sample

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 servlet/programmatic-registration/pom.xml     |  2 --
 .../registration/DynamicServlet.java          |  9 ++++----
 .../SimpleServletContextListener.java         | 14 ++++++------
 .../registration/DynamicServletTest.java      | 22 ++++++++++---------
 4 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/servlet/programmatic-registration/pom.xml b/servlet/programmatic-registration/pom.xml
index 88b8a5aad..35e3cdb21 100644
--- a/servlet/programmatic-registration/pom.xml
+++ b/servlet/programmatic-registration/pom.xml
@@ -6,10 +6,8 @@
         <groupId>org.javaee7</groupId>
         <artifactId>servlet</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
   </parent>
 
-    <groupId>org.javaee7</groupId>
     <artifactId>servlet-programmatic-registration</artifactId>
     <packaging>war</packaging>
 
diff --git a/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/DynamicServlet.java b/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/DynamicServlet.java
index e401b73ab..97629a1df 100644
--- a/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/DynamicServlet.java
+++ b/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/DynamicServlet.java
@@ -1,23 +1,22 @@
 package org.javaee7.servlet.programmatic.registration;
 
+import java.io.IOException;
+
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
 
 /**
  * @author OrelGenya
  */
 public class DynamicServlet extends HttpServlet {
 
+    private static final long serialVersionUID = 8310377560908221629L;
+
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         resp.getWriter().print("dynamic GET");
     }
 
-    @Override
-    public String getServletInfo() {
-        return "My dynamic awesome servlet!";
-    }
 }
\ No newline at end of file
diff --git a/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/SimpleServletContextListener.java b/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/SimpleServletContextListener.java
index d911d2d03..f5923aeb6 100644
--- a/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/SimpleServletContextListener.java
+++ b/servlet/programmatic-registration/src/main/java/org/javaee7/servlet/programmatic/registration/SimpleServletContextListener.java
@@ -2,7 +2,6 @@
 
 import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletContextListener;
-import javax.servlet.ServletRegistration;
 import javax.servlet.annotation.WebListener;
 
 /**
@@ -12,14 +11,15 @@
 public class SimpleServletContextListener implements ServletContextListener {
 
     @Override
-    public void contextInitialized(ServletContextEvent sce) {
-        System.out.println("Servlet context initialized: " + sce.getServletContext().getContextPath());
-        ServletRegistration.Dynamic registration = sce.getServletContext().addServlet("dynamic", DynamicServlet.class);
-        registration.addMapping("/dynamic");
+    public void contextInitialized(ServletContextEvent contextEvent) {
+        System.out.println("Servlet context initialized: " + contextEvent.getServletContext().getContextPath());
+        
+        contextEvent.getServletContext().addServlet("dynamic", DynamicServlet.class)
+                               .addMapping("/dynamic");
     }
 
     @Override
-    public void contextDestroyed(ServletContextEvent sce) {
-        System.out.println("Servlet context destroyed: " + sce.getServletContext().getContextPath());
+    public void contextDestroyed(ServletContextEvent contextEvent) {
+        System.out.println("Servlet context destroyed: " + contextEvent.getServletContext().getContextPath());
     }
 }
diff --git a/servlet/programmatic-registration/src/test/java/org/javaee7/servlet/programmatic/registration/DynamicServletTest.java b/servlet/programmatic-registration/src/test/java/org/javaee7/servlet/programmatic/registration/DynamicServletTest.java
index babfc69fd..726193f46 100644
--- a/servlet/programmatic-registration/src/test/java/org/javaee7/servlet/programmatic/registration/DynamicServletTest.java
+++ b/servlet/programmatic-registration/src/test/java/org/javaee7/servlet/programmatic/registration/DynamicServletTest.java
@@ -1,7 +1,10 @@
 package org.javaee7.servlet.programmatic.registration;
 
-import com.gargoylesoftware.htmlunit.TextPage;
-import com.gargoylesoftware.htmlunit.WebClient;
+import static org.junit.Assert.assertEquals;
+
+import java.io.IOException;
+import java.net.URL;
+
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
@@ -12,10 +15,8 @@
 import org.junit.runner.RunWith;
 import org.xml.sax.SAXException;
 
-import java.io.IOException;
-import java.net.URL;
-
-import static org.junit.Assert.assertEquals;
+import com.gargoylesoftware.htmlunit.TextPage;
+import com.gargoylesoftware.htmlunit.WebClient;
 
 /**
  * @author OrelGenya
@@ -30,10 +31,10 @@ public class DynamicServletTest {
 
     @Deployment(testable = false)
     public static WebArchive createDeployment() {
-        WebArchive war = ShrinkWrap.create(WebArchive.class).
-            addClass(DynamicServlet.class).
-            addClass(SimpleServletContextListener.class);
-        return war;
+        return ShrinkWrap.create(WebArchive.class).
+            addClasses(
+                DynamicServlet.class, 
+                SimpleServletContextListener.class);
     }
 
     @Before
@@ -44,6 +45,7 @@ public void setup() {
     @Test
     public void testChildServlet() throws IOException, SAXException {
         TextPage page = webClient.getPage(base + "dynamic");
+        
         assertEquals("dynamic GET", page.getContent());
     }
 }

From 8bdef708141f50dc767ec301f02a35d377b46cba Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 20 Nov 2019 00:57:22 +0100
Subject: [PATCH 07/31] FORM auth more consistent with BASIC test

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../security/form/based/ErrorServlet.java}    | 58 +++++++++++-----
 .../security/form/based/LoginServlet.java}    | 66 +++++++++++++------
 .../security/form/based/SecureServlet.java}   | 59 +++++++++++------
 .../src/main/webapp/WEB-INF/web.xml           | 13 +---
 .../servlet/security/form/based/FormTest.java | 12 ++--
 5 files changed, 136 insertions(+), 72 deletions(-)
 rename servlet/security-form-based/src/main/{webapp/index.jsp => java/org/javaee7/servlet/security/form/based/ErrorServlet.java} (57%)
 rename servlet/security-form-based/src/main/{webapp/loginform.jsp => java/org/javaee7/servlet/security/form/based/LoginServlet.java} (52%)
 rename servlet/security-form-based/src/main/{webapp/loginerror.jsp => java/org/javaee7/servlet/security/form/based/SecureServlet.java} (59%)

diff --git a/servlet/security-form-based/src/main/webapp/index.jsp b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/ErrorServlet.java
similarity index 57%
rename from servlet/security-form-based/src/main/webapp/index.jsp
rename to servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/ErrorServlet.java
index 734e4f816..6847b9036 100644
--- a/servlet/security-form-based/src/main/webapp/index.jsp
+++ b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/ErrorServlet.java
@@ -1,6 +1,5 @@
-<!-- 
 /*
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+" * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
  * Copyright (c) 2013 Oracle and/or its affiliates. All rights reserved.
  *
@@ -38,20 +37,47 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
--->
+package org.javaee7.servlet.security.form.based;
 
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-    "http://www.w3.org/TR/html4/loose.dtd">
+import java.io.IOException;
 
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>Form-based Security - Success</title>
-    </head>
-    <body>
-        <h1>Form-based Security - Success</h1>
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms
+ */
+@WebServlet("/ErrorServlet")
+public class ErrorServlet extends HttpServlet {
+
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
         
-        If you reached this page that means form-based security credentials are correctly configured.
-    </body>
-</html>
+        response.getWriter().print(
+                
+            "<html>" +
+                "<head>" +
+                    "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">" +
+                    "<title>Form-Based Login Error Page</title>" +
+                "</head>" +
+                    
+                "<body>" +
+                    "<h2>Invalid user name or password.</h2>" +
+                "</body>" +
+            "</html>" 
+            
+            );
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my POST");
+    }
+}
diff --git a/servlet/security-form-based/src/main/webapp/loginform.jsp b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/LoginServlet.java
similarity index 52%
rename from servlet/security-form-based/src/main/webapp/loginform.jsp
rename to servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/LoginServlet.java
index 054c05f16..8c6726f5f 100644
--- a/servlet/security-form-based/src/main/webapp/loginform.jsp
+++ b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/LoginServlet.java
@@ -1,6 +1,5 @@
-<!-- 
 /*
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+" * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
  * Copyright (c) 2013 Oracle and/or its affiliates. All rights reserved.
  *
@@ -38,26 +37,51 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
--->
+package org.javaee7.servlet.security.form.based;
 
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-    "http://www.w3.org/TR/html4/loose.dtd">
+import java.io.IOException;
 
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>Form-Based Login Page</title>
-    </head>
-    <body>
-        <h1>Form-Based Login Page</h1>
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
-        <form method="POST" action="j_security_check">
-            Username: <input type="text" name="j_username"> <p/>
-            Password: <input type="password" name="j_password" autocomplete="off"> <p/>
-            <input type="submit" value="Submit" name="submitButton">
-            <input type="reset" value="Reset">
-        </form>
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms
+ */
+@WebServlet("/LoginServlet")
+public class LoginServlet extends HttpServlet {
+
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
+        
+        response.getWriter().print(
+                
+            "<html>" +
+                "<head>" +
+                    "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">" +
+                    "<title>Form-Based Login Page</title>" +
+                "</head>" +
+                    
+                "<body>" +
+                    "<form method=\"POST\" action=\"j_security_check\">" +
+                        "Username: <input type=\"text\" name=\"j_username\"> <p/>" +
+                        "Password: <input type=\"password\" name=\"j_password\"> <p/>" +
+                        "<input type=\"submit\" value=\"Submit\" name=\"submitButton\">" +
+                    "</form>" +
+                "</body>" +
+            "</html>" 
+            
+            );
+    }
 
-    </body>
-</html>
+    @Override
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my POST");
+    }
+}
diff --git a/servlet/security-form-based/src/main/webapp/loginerror.jsp b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/SecureServlet.java
similarity index 59%
rename from servlet/security-form-based/src/main/webapp/loginerror.jsp
rename to servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/SecureServlet.java
index 777e5d0f8..ceeef0553 100644
--- a/servlet/security-form-based/src/main/webapp/loginerror.jsp
+++ b/servlet/security-form-based/src/main/java/org/javaee7/servlet/security/form/based/SecureServlet.java
@@ -1,4 +1,3 @@
-<!-- 
 /*
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
@@ -38,29 +37,47 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
--->
+package org.javaee7.servlet.security.form.based;
 
-<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-    "http://www.w3.org/TR/html4/loose.dtd">
+import java.io.IOException;
 
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-        <title>Form-Based Login Error Page</title>
-    </head>
-    <body>
-        <h1>Form-Based Login Error Page</h1>
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
-        <h2>Invalid user name or password.</h2>
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms
+ */
+@WebServlet("/SecureServlet")
+public class SecureServlet extends HttpServlet {
 
-        <p>Please enter a user name or password that is authorized to access this 
-            application. For this application, make sure to create a user: <p><p>
-        
-        For WildFly: Invoke "./bin/add-user.sh -a -u u1 -p p1 -g g1"<br>
-        For GlassFish: Invoke "./bin/asadmin create-file-user --groups g1 u1" and use the password "p1" when prompted.<br><br>
+    private static final long serialVersionUID = 1L;
 
-        Click here to <a href="index.jsp">Try Again</a></p>
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
+        
+        response.getWriter().print(
+                
+            "<html>" +
+                "<head>" +
+                    "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">" +
+                    "<title>Form-based Security - Success</title>" +
+                "</head>" +
+                    
+                "<body>" +
+                    "<h2>Form-based Security - Success</h2>" +
+                "</body>" +
+            "</html>" 
+            
+            );
+    }
 
-    </body>
-</html>
+    @Override
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my POST");
+    }
+}
diff --git a/servlet/security-form-based/src/main/webapp/WEB-INF/web.xml b/servlet/security-form-based/src/main/webapp/WEB-INF/web.xml
index 7bf9cb0c5..b3f1b8830 100644
--- a/servlet/security-form-based/src/main/webapp/WEB-INF/web.xml
+++ b/servlet/security-form-based/src/main/webapp/WEB-INF/web.xml
@@ -45,16 +45,10 @@
          xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
          version="3.1">
     
-    <servlet>
-        <display-name>index</display-name>
-        <servlet-name>index</servlet-name>
-        <jsp-file>/index.jsp</jsp-file>
-    </servlet>
-    
     <security-constraint>
         <web-resource-collection>
             <web-resource-name>SecurityConstraint</web-resource-name>
-            <url-pattern>/*</url-pattern>
+            <url-pattern>/SecureServlet</url-pattern>
         </web-resource-collection>
         <auth-constraint>
             <role-name>g1</role-name>
@@ -66,10 +60,9 @@
     
     <login-config>
         <auth-method>FORM</auth-method>
-        <realm-name>file</realm-name>
         <form-login-config>
-            <form-login-page>/loginform.jsp</form-login-page>
-            <form-error-page>/loginerror.jsp</form-error-page>
+            <form-login-page>/LoginServlet</form-login-page>
+            <form-error-page>/ErrorServlet</form-error-page>
         </form-login-config>
     </login-config>
     
diff --git a/servlet/security-form-based/src/test/java/org/javaee7/servlet/security/form/based/FormTest.java b/servlet/security-form-based/src/test/java/org/javaee7/servlet/security/form/based/FormTest.java
index ec0893939..bf3e331a7 100644
--- a/servlet/security-form-based/src/test/java/org/javaee7/servlet/security/form/based/FormTest.java
+++ b/servlet/security-form-based/src/test/java/org/javaee7/servlet/security/form/based/FormTest.java
@@ -41,17 +41,21 @@ public static WebArchive createDeployment() {
         addUsersToContainerIdentityStore();
         
         return create(WebArchive.class)
-            .addAsWebResource(new File(WEBAPP_SRC, "index.jsp"))
-            .addAsWebResource(new File(WEBAPP_SRC, "loginerror.jsp"))
-            .addAsWebResource(new File(WEBAPP_SRC, "loginform.jsp"))
+            .addClasses(
+                SecureServlet.class, 
+                LoginServlet.class, 
+                ErrorServlet.class)
+            
             .addAsWebInfResource(new File(WEBAPP_SRC + "/WEB-INF", "web.xml"))
             .addAsWebInfResource(new File(WEBAPP_SRC + "/WEB-INF", "glassfish-web.xml"));
     }
 
     @Before
     public void setup() throws IOException {
+        @SuppressWarnings("resource")
         WebClient webClient = new WebClient();
-        HtmlPage page = webClient.getPage(base + "/index.jsp");
+        HtmlPage page = webClient.getPage(base + "SecureServlet");
+        
         loginForm = page.getForms().get(0);
     }
     

From 207fe5b9c4db750a2bb1df1b2cc2d2810fc29916 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 20 Nov 2019 13:06:34 +0100
Subject: [PATCH 08/31] Clearer messages for when denied test fails

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../security/deny/uncovered/SecureServletTest.java     | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/servlet/security-deny-uncovered/src/test/java/org/javaee7/servlet/security/deny/uncovered/SecureServletTest.java b/servlet/security-deny-uncovered/src/test/java/org/javaee7/servlet/security/deny/uncovered/SecureServletTest.java
index 5b197cb75..67b8bf7a2 100644
--- a/servlet/security-deny-uncovered/src/test/java/org/javaee7/servlet/security/deny/uncovered/SecureServletTest.java
+++ b/servlet/security-deny-uncovered/src/test/java/org/javaee7/servlet/security/deny/uncovered/SecureServletTest.java
@@ -5,6 +5,7 @@
 import static org.javaee7.ServerOperations.addUsersToContainerIdentityStore;
 import static org.jboss.shrinkwrap.api.ShrinkWrap.create;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.fail;
 
@@ -78,16 +79,21 @@ public void testPostMethod() throws Exception {
         webClient.setCredentialsProvider(correctCreds);
         WebRequest request = new WebRequest(new URL(base + "SecureServlet"), POST);
         
+        TextPage p = null;
         try {
-            TextPage p = webClient.getPage(request);
+            p = webClient.getPage(request);
             System.out.println(p.getContent());
+            
+            assertFalse(
+                "POST method could be called even with deny-uncovered-http-methods", 
+                p.getContent().contains("my POST"));
         } catch (FailingHttpStatusCodeException e) {
             assertNotNull(e);
             assertEquals(403, e.getStatusCode());
             return;
         }
         
-        fail("POST method could be called even with deny-uncovered-http-methods");
+        fail("POST correctly not called, but wrong status code: " + (p != null ? p.getWebResponse().getStatusCode() : -1));
     }
 
     @Test

From 2073b815b224aa70e0d7cc633565f2f61bb0e189 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 20 Nov 2019 21:39:26 +0100
Subject: [PATCH 09/31] Added sample to test uncovered methods are accessible

---
 servlet/pom.xml                               |   1 +
 servlet/security-allow-uncovered/pom.xml      |  39 ++++++
 .../allow/uncovered/SecureServlet.java        |  33 ++++++
 .../src/main/webapp/WEB-INF/glassfish-web.xml |   8 ++
 .../src/main/webapp/WEB-INF/web.xml           |  32 +++++
 .../allow/uncovered/SecureServletTest.java    | 111 ++++++++++++++++++
 .../src/test/resources/addUsersPayara.txt     |   1 +
 .../src/test/resources/password.txt           |   1 +
 8 files changed, 226 insertions(+)
 create mode 100644 servlet/security-allow-uncovered/pom.xml
 create mode 100644 servlet/security-allow-uncovered/src/main/java/org/javaee7/servlet/security/allow/uncovered/SecureServlet.java
 create mode 100644 servlet/security-allow-uncovered/src/main/webapp/WEB-INF/glassfish-web.xml
 create mode 100644 servlet/security-allow-uncovered/src/main/webapp/WEB-INF/web.xml
 create mode 100644 servlet/security-allow-uncovered/src/test/java/org/javaee7/servlet/security/allow/uncovered/SecureServletTest.java
 create mode 100644 servlet/security-allow-uncovered/src/test/resources/addUsersPayara.txt
 create mode 100644 servlet/security-allow-uncovered/src/test/resources/password.txt

diff --git a/servlet/pom.xml b/servlet/pom.xml
index 872dd15f9..912a59a6e 100644
--- a/servlet/pom.xml
+++ b/servlet/pom.xml
@@ -36,6 +36,7 @@
         <module>security-clientcert-jce</module>
         <module>security-programmatic</module>
         <module>security-deny-uncovered</module>
+        <module>security-allow-uncovered</module>
 		<module>security-annotated</module>
         <module>security-basicauth-omission</module>
     </modules>
diff --git a/servlet/security-allow-uncovered/pom.xml b/servlet/security-allow-uncovered/pom.xml
new file mode 100644
index 000000000..43d9cd611
--- /dev/null
+++ b/servlet/security-allow-uncovered/pom.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
+
+   <parent>
+        <groupId>org.javaee7</groupId>
+        <artifactId>servlet</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+
+   <artifactId>servlet-security-allow-uncovered</artifactId>
+   <packaging>war</packaging>
+
+   <name>Java EE 7 Sample: servlet - security-allow-uncovered</name>
+
+   <profiles>
+        <profile>
+            <id>payara-micro-managed</id>
+            <build>
+                <testResources>
+                    <testResource>
+                        <directory>src/test/resources</directory>
+                        <filtering>true</filtering>
+                    </testResource>
+                </testResources>
+                <plugins>
+                    <plugin>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemProperties>
+                                <payara.extraMicroOptions>--postdeploycommandfile ${project.build.directory}/test-classes/addUsersPayara.txt</payara.extraMicroOptions>
+                            </systemProperties>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+</project>
diff --git a/servlet/security-allow-uncovered/src/main/java/org/javaee7/servlet/security/allow/uncovered/SecureServlet.java b/servlet/security-allow-uncovered/src/main/java/org/javaee7/servlet/security/allow/uncovered/SecureServlet.java
new file mode 100644
index 000000000..484b540cb
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/main/java/org/javaee7/servlet/security/allow/uncovered/SecureServlet.java
@@ -0,0 +1,33 @@
+package org.javaee7.servlet.security.allow.uncovered;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms 
+ */
+@WebServlet("/SecureServlet")
+public class SecureServlet extends HttpServlet {
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my GET");
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my POST");
+    }
+    
+    @Override
+    protected void doPut(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("my PUT");
+    }
+}
diff --git a/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/glassfish-web.xml b/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/glassfish-web.xml
new file mode 100644
index 000000000..54e3db333
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/glassfish-web.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
+<glassfish-web-app error-url="">
+    <security-role-mapping>
+        <role-name>g1</role-name>
+        <group-name>g1</group-name>
+    </security-role-mapping>
+</glassfish-web-app>
diff --git a/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/web.xml b/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 000000000..fddd54eaa
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+         version="3.1">
+    
+    
+    <!-- 
+        Note that deny-uncovered-http-methods is NOT specified here, so uncovered methods have
+        to be allowed.
+     -->
+    
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>SecureServlet</web-resource-name>
+            <url-pattern>/SecureServlet</url-pattern>
+            <http-method>GET</http-method>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>g1</role-name>
+        </auth-constraint>
+    </security-constraint>
+    
+    <login-config>
+        <auth-method>BASIC</auth-method>
+        <realm-name>file</realm-name>
+    </login-config>
+    
+    <security-role>
+        <role-name>g1</role-name>
+    </security-role>
+</web-app>
diff --git a/servlet/security-allow-uncovered/src/test/java/org/javaee7/servlet/security/allow/uncovered/SecureServletTest.java b/servlet/security-allow-uncovered/src/test/java/org/javaee7/servlet/security/allow/uncovered/SecureServletTest.java
new file mode 100644
index 000000000..531c0af08
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/test/java/org/javaee7/servlet/security/allow/uncovered/SecureServletTest.java
@@ -0,0 +1,111 @@
+package org.javaee7.servlet.security.allow.uncovered;
+
+import static com.gargoylesoftware.htmlunit.HttpMethod.POST;
+import static com.gargoylesoftware.htmlunit.HttpMethod.PUT;
+import static org.javaee7.ServerOperations.addUsersToContainerIdentityStore;
+import static org.jboss.shrinkwrap.api.ShrinkWrap.create;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.net.URL;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import com.gargoylesoftware.htmlunit.DefaultCredentialsProvider;
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.TextPage;
+import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.WebRequest;
+
+/**
+ * @author Arun Gupta
+ * @author Arjan Tijms 
+ */
+@RunWith(Arquillian.class)
+public class SecureServletTest {
+
+    @ArquillianResource
+    private URL base;
+
+    DefaultCredentialsProvider correctCreds = new DefaultCredentialsProvider();
+    DefaultCredentialsProvider incorrectCreds = new DefaultCredentialsProvider();
+    WebClient webClient;
+
+    @Deployment(testable = false)
+    public static WebArchive createDeployment() {
+        
+        addUsersToContainerIdentityStore();
+        
+        WebArchive war = create(WebArchive.class)
+            .addClass(SecureServlet.class)
+            .addAsWebInfResource((new File("src/main/webapp/WEB-INF/web.xml")));
+
+        System.out.println(war.toString(true));
+        
+        return war;
+    }
+
+    @Before
+    public void setup() {
+        correctCreds.addCredentials("u1", "p1");
+        incorrectCreds.addCredentials("random", "random");
+        webClient = new WebClient();
+    }
+    
+    @After
+    public void tearDown() {
+        webClient.getCookieManager().clearCookies();
+        webClient.close();
+    }
+
+    @Test
+    public void testGetMethod() throws Exception {
+        webClient.setCredentialsProvider(correctCreds);
+        TextPage page = webClient.getPage(base + "/SecureServlet");
+        assertEquals("my GET", page.getContent());
+    }
+
+    @Test
+    public void testPostMethod() throws Exception {
+        webClient.setCredentialsProvider(correctCreds);
+        WebRequest request = new WebRequest(new URL(base + "SecureServlet"), POST);
+        
+        TextPage page = null;
+        try {
+            page = webClient.getPage(request);
+            System.out.println(page.getContent());
+            
+            assertTrue(
+                "POST method could not be called even without deny-uncovered-http-methods", 
+                page.getContent().contains("my POST"));
+        } catch (FailingHttpStatusCodeException e) {
+            assertNotEquals("Post denied, but should be allowed", 403, e.getStatusCode());
+            throw e;
+        }
+    }
+
+    @Test
+    public void testPutMethod() throws Exception {
+        webClient.setCredentialsProvider(correctCreds);
+        WebRequest request = new WebRequest(new URL(base + "SecureServlet"), PUT);
+        
+        TextPage page = null;
+        try {
+            page = webClient.getPage(request);
+            System.out.println(page.getContent());
+        } catch (FailingHttpStatusCodeException e) {
+            assertNotEquals("PUT denied, but should be allowed", 403, e.getStatusCode());
+            throw e;
+        }
+        
+    }
+}
diff --git a/servlet/security-allow-uncovered/src/test/resources/addUsersPayara.txt b/servlet/security-allow-uncovered/src/test/resources/addUsersPayara.txt
new file mode 100644
index 000000000..037cdbd6f
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/test/resources/addUsersPayara.txt
@@ -0,0 +1 @@
+create-file-user --groups g1 --passwordfile ${project.build.directory}/test-classes/password.txt u1
\ No newline at end of file
diff --git a/servlet/security-allow-uncovered/src/test/resources/password.txt b/servlet/security-allow-uncovered/src/test/resources/password.txt
new file mode 100644
index 000000000..c00bb4cac
--- /dev/null
+++ b/servlet/security-allow-uncovered/src/test/resources/password.txt
@@ -0,0 +1 @@
+AS_ADMIN_USERPASSWORD=p1

From 391cc5c33c0da5b61ff0b6c36f45561eecef0e0c Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Fri, 22 Nov 2019 00:16:32 +0100
Subject: [PATCH 10/31] Cleaned up programmatic login example

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../programmatic/login/LoginServlet.java      | 35 +++----------------
 .../src/main/webapp/WEB-INF/web.xml           |  6 ----
 .../programmatic/login/LoginServletTest.java  | 20 +++++++++--
 3 files changed, 22 insertions(+), 39 deletions(-)

diff --git a/servlet/security-programmatic/src/main/java/org/javaee7/servlet/programmatic/login/LoginServlet.java b/servlet/security-programmatic/src/main/java/org/javaee7/servlet/programmatic/login/LoginServlet.java
index 8587857c0..66f015f1f 100644
--- a/servlet/security-programmatic/src/main/java/org/javaee7/servlet/programmatic/login/LoginServlet.java
+++ b/servlet/security-programmatic/src/main/java/org/javaee7/servlet/programmatic/login/LoginServlet.java
@@ -12,7 +12,7 @@
 /**
  * @author Arun Gupta
  */
-@WebServlet(urlPatterns = { "/LoginServlet" })
+@WebServlet("/LoginServlet")
 public class LoginServlet extends HttpServlet {
 
     private static final long serialVersionUID = 1L;
@@ -25,9 +25,10 @@ public class LoginServlet extends HttpServlet {
      * @throws ServletException if a servlet-specific error occurs
      * @throws IOException if an I/O error occurs
      */
-    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
         response.setContentType("text/html;charset=UTF-8");
+        
         String user = request.getParameter("user");
         String password = request.getParameter("password");
 
@@ -43,34 +44,8 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
     private void userDetails(PrintWriter out, HttpServletRequest request) {
         out.println("isUserInRole?" + request.isUserInRole("g1"));
         out.println("getRemoteUser?" + request.getRemoteUser());
-        out.println("getUserPrincipal?" + request.getUserPrincipal());
+        out.println("getUserPrincipal?" + (request.getUserPrincipal() != null? request.getUserPrincipal().getName() : null));
         out.println("getAuthType?" + request.getAuthType());
     }
 
-    /**
-     * Handles the HTTP <code>GET</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
-    /**
-     * Handles the HTTP <code>POST</code> method.
-     *
-     * @param request servlet request
-     * @param response servlet response
-     * @throws ServletException if a servlet-specific error occurs
-     * @throws IOException if an I/O error occurs
-     */
-    @Override
-    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        processRequest(request, response);
-    }
-
 }
diff --git a/servlet/security-programmatic/src/main/webapp/WEB-INF/web.xml b/servlet/security-programmatic/src/main/webapp/WEB-INF/web.xml
index b5f400875..4b6003dca 100644
--- a/servlet/security-programmatic/src/main/webapp/WEB-INF/web.xml
+++ b/servlet/security-programmatic/src/main/webapp/WEB-INF/web.xml
@@ -3,12 +3,6 @@
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
          version="3.1">
-    <servlet>
-        <display-name>index</display-name>
-        <servlet-name>index</servlet-name>
-        <jsp-file>/index.jsp</jsp-file>
-    </servlet>
-    
     <security-role>
         <role-name>g1</role-name>
     </security-role>
diff --git a/servlet/security-programmatic/src/test/java/org/javaee7/servlet/programmatic/login/LoginServletTest.java b/servlet/security-programmatic/src/test/java/org/javaee7/servlet/programmatic/login/LoginServletTest.java
index 19e4449d0..f263dd091 100644
--- a/servlet/security-programmatic/src/test/java/org/javaee7/servlet/programmatic/login/LoginServletTest.java
+++ b/servlet/security-programmatic/src/test/java/org/javaee7/servlet/programmatic/login/LoginServletTest.java
@@ -12,6 +12,8 @@
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.After;
+import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.xml.sax.SAXException;
@@ -29,6 +31,8 @@ public class LoginServletTest {
 
     @ArquillianResource
     private URL base;
+    
+    WebClient webClient;
 
     @Deployment(testable = false)
     public static WebArchive createDeployment() {
@@ -39,12 +43,23 @@ public static WebArchive createDeployment() {
             addClass(LoginServlet.class).
             addAsWebInfResource((new File(WEBAPP_SRC + "/WEB-INF", "web.xml")));
     }
+    
+    @Before
+    public void setup() {
+        webClient = new WebClient();
+    }
+    
+    @After
+    public void tearDown() {
+        webClient.getCookieManager().clearCookies();
+        webClient.close();
+    }
 
     @Test
     public void testUnauthenticatedRequest() throws IOException, SAXException {
-        WebClient webClient = new WebClient();
         HtmlPage page = webClient.getPage(base + "/LoginServlet");
         String responseText = page.asText();
+        
         System.out.println("testUnauthenticatedRequest:\n" + responseText + "\n");
 
         assertTrue(responseText.contains("isUserInRole?false"));
@@ -55,14 +70,13 @@ public void testUnauthenticatedRequest() throws IOException, SAXException {
 
     @Test
     public void testAuthenticatedRequest() throws IOException, SAXException {
-        WebClient webClient = new WebClient();
         HtmlPage page = webClient.getPage(base + "/LoginServlet?user=u1&password=p1");
         String responseText = page.asText();
+        
         System.out.println("testAuthenticatedRequest:\n" + responseText + "\n");
 
         assertTrue(responseText.contains("isUserInRole?true"));
         assertTrue(responseText.contains("getRemoteUser?u1"));
         assertTrue(responseText.contains("getUserPrincipal?u1"));
-        assertTrue(responseText.contains("getAuthType?BASIC"));
     }
 }

From ff745e515e4d956260fe7d04ac8684f49c3fd245 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Sun, 24 Nov 2019 13:35:54 +0100
Subject: [PATCH 11/31] Making implicit assumption BASIC is used explicit

---
 .../src/main/webapp/WEB-INF/web.xml                   | 11 +++++++++++
 .../servlet/security/annotated/SecureServletTest.java |  6 +++++-
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 servlet/security-annotated/src/main/webapp/WEB-INF/web.xml

diff --git a/servlet/security-annotated/src/main/webapp/WEB-INF/web.xml b/servlet/security-annotated/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 000000000..32ab0c045
--- /dev/null
+++ b/servlet/security-annotated/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+         version="3.1">
+    
+    <login-config>
+        <auth-method>BASIC</auth-method>
+        <realm-name>file</realm-name>
+    </login-config>
+    
+</web-app>
diff --git a/servlet/security-annotated/src/test/java/org/javaee7/servlet/security/annotated/SecureServletTest.java b/servlet/security-annotated/src/test/java/org/javaee7/servlet/security/annotated/SecureServletTest.java
index 79694789b..acac40efd 100644
--- a/servlet/security-annotated/src/test/java/org/javaee7/servlet/security/annotated/SecureServletTest.java
+++ b/servlet/security-annotated/src/test/java/org/javaee7/servlet/security/annotated/SecureServletTest.java
@@ -7,6 +7,7 @@
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.fail;
 
+import java.io.File;
 import java.net.URL;
 
 import org.jboss.arquillian.container.test.api.Deployment;
@@ -29,6 +30,8 @@
  */
 @RunWith(Arquillian.class)
 public class SecureServletTest {
+    
+    private static final String WEBAPP_SRC = "src/main/webapp";
 
     @ArquillianResource
     private URL base;
@@ -43,7 +46,8 @@ public static WebArchive createDeployment() {
         addUsersToContainerIdentityStore();
         
         return create(WebArchive.class)
-                .addClass(SecureServlet.class);
+                .addClass(SecureServlet.class)
+                .addAsWebInfResource((new File(WEBAPP_SRC + "/WEB-INF", "web.xml")));
     }
 
     @Before

From 0af93709d3ede6ed71823a6120ef1c7378c9343d Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Mon, 16 Dec 2019 23:00:37 +0100
Subject: [PATCH 12/31] Initial support for Piranha

Note: connector needs to be locally compiled first for now

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 pom.xml                                       | 48 +++++++++++++++++++
 .../java/org/javaee7/ServerOperations.java    |  6 ++-
 2 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 07bd0260a..80057a0da 100644
--- a/pom.xml
+++ b/pom.xml
@@ -358,6 +358,54 @@
     
 
     <profiles>
+    
+        <!-- ### PIRANHA ### -->
+    
+        <profile>
+            <id>piranha-embedded</id>
+    
+            <properties> 
+                <skipEJB>true</skipEJB>
+                <skipCDI>true</skipCDI>
+                <skipJSF>true</skipJSF>
+                <skipJACC>true</skipJACC>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+
+            <dependencies>
+                 <!-- Java EE based client dependencies to contact a server via WebSocket or REST -->
+                <dependency>
+                    <groupId>fish.payara.arquillian</groupId>
+                    <artifactId>payara-client-ee7</artifactId>
+                </dependency>
+              
+                <dependency>
+                     <groupId>cloud.piranha.arquillian</groupId>
+                     <artifactId>piranha-arquillian-server</artifactId>
+                     <version>20.1.0-SNAPSHOT</version>
+                </dependency>
+            </dependencies>
+            
+             <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemPropertyVariables>
+                                <javaEEServer>piranha-embedded</javaEEServer>
+                                <piranha.version>19.12.0</piranha.version>
+                                <piranha.repositories>https://dl.bintray.com/piranhacloud/maven</piranha.repositories>
+                            </systemPropertyVariables>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+            
+        </profile>
+    
+    
         
         <!-- ###  PAYARA  ### -->
         
diff --git a/test-utils/src/main/java/org/javaee7/ServerOperations.java b/test-utils/src/main/java/org/javaee7/ServerOperations.java
index 714d1fe19..d1ae5983d 100644
--- a/test-utils/src/main/java/org/javaee7/ServerOperations.java
+++ b/test-utils/src/main/java/org/javaee7/ServerOperations.java
@@ -56,7 +56,11 @@ public static void addUsersToContainerIdentityStore() {
             cmd.add("u1");
             
             CliCommands.payaraGlassFish(cmd);
-        } else {
+        } else if ("piranha-embedded".equals(javaEEServer)) {
+            System.out.println("Adding user for piranha-embedded");
+            System.setProperty("io.piranha.identitystore.callers", "<u><caller callername=\"u1\" password=\"p1\" groups=\"g1\"/></u>");
+        }
+        else {
             if (javaEEServer == null) {
                 System.out.println("javaEEServer not specified");
             } else {

From 13c622e7ff8287c5aa124d85e5ecbc20c9068e6c Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Thu, 2 Jan 2020 00:16:38 +0100
Subject: [PATCH 13/31] Removed parent to prevent multiple arquillian
 inclusions on CP

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 jaspic/common/pom.xml | 32 ++++++++++++++++++++++++++------
 1 file changed, 26 insertions(+), 6 deletions(-)

diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index ed3a7ca7b..82da0e698 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -5,19 +5,39 @@
         it provides a base class for unit tests  
     -->
     <modelVersion>4.0.0</modelVersion>
-
-    <parent>
-        <groupId>org.javaee7</groupId>
-        <artifactId>jaspic</artifactId>
-        <version>1.0-SNAPSHOT</version>
-    </parent>
     
+    <groupId>org.javaee7</groupId>
     <artifactId>jaspic-common</artifactId>
+    <version>1.0-SNAPSHOT</version>
     
     <packaging>jar</packaging>
     <name>Java EE 7 Sample: jaspic - common</name>
+    
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <maven.compiler.source>1.7</maven.compiler.source>
+        <maven.compiler.target>1.7</maven.compiler.target>
+    </properties>
+    
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.jboss.arquillian</groupId>
+                <artifactId>arquillian-bom</artifactId>
+                <version>1.1.14.Final</version>
+                <scope>import</scope>
+                <type>pom</type>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
 
     <dependencies>
+        <dependency>
+            <groupId>javax</groupId>
+            <artifactId>javaee-api</artifactId>
+            <version>7.0</version>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.jboss.arquillian.junit</groupId>
             <artifactId>arquillian-junit-container</artifactId>

From dc48fdd78abfcc8d98c22fa6bfd179f7d1280114 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Thu, 2 Jan 2020 00:17:45 +0100
Subject: [PATCH 14/31] Remove redundant maven info

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 jaspic/basic-authentication/pom.xml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/jaspic/basic-authentication/pom.xml b/jaspic/basic-authentication/pom.xml
index 17bb1bf47..8c520010e 100644
--- a/jaspic/basic-authentication/pom.xml
+++ b/jaspic/basic-authentication/pom.xml
@@ -6,11 +6,9 @@
         <groupId>org.javaee7</groupId>
         <artifactId>jaspic</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
     </parent>
-    <groupId>org.javaee7</groupId>
+    
     <artifactId>jaspic-basic-authentication</artifactId>
-    <version>1.0-SNAPSHOT</version>
     <packaging>war</packaging>
     <name>Java EE 7 Sample: jaspic - basic-authentication</name>
 

From 346ec06e31dbbe734f64e55f3cfa060fa4bfe743 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Thu, 2 Jan 2020 00:18:14 +0100
Subject: [PATCH 15/31] Don't deploy test classes

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../javaee7/jaspic/common/ArquillianBase.java | 28 ++++++++++++++-----
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/jaspic/common/src/main/java/org/javaee7/jaspic/common/ArquillianBase.java b/jaspic/common/src/main/java/org/javaee7/jaspic/common/ArquillianBase.java
index 2771fc4b5..b2f0e9687 100644
--- a/jaspic/common/src/main/java/org/javaee7/jaspic/common/ArquillianBase.java
+++ b/jaspic/common/src/main/java/org/javaee7/jaspic/common/ArquillianBase.java
@@ -9,10 +9,13 @@
 import java.io.File;
 import java.io.IOException;
 import java.net.URL;
+import java.util.Map;
 import java.util.logging.Logger;
 
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.Archive;
+import org.jboss.shrinkwrap.api.ArchivePath;
+import org.jboss.shrinkwrap.api.Node;
 import org.jboss.shrinkwrap.api.spec.EnterpriseArchive;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
 import org.junit.After;
@@ -69,13 +72,24 @@ public static Archive<?> defaultArchive() {
     }
     
     public static WebArchive defaultWebArchive() {
-        return 
-            create(WebArchive.class, "test.war")
-                .addPackages(true, "org.javaee7.jaspic")
-                .deleteClass(ArquillianBase.class)
-                .addAsWebInfResource(resource("web.xml"))
-                .addAsWebInfResource(resource("jboss-web.xml"))
-                .addAsWebInfResource(resource("glassfish-web.xml"));
+        return
+            removeTestClasses(
+                create(WebArchive.class, "test.war")
+                    .addPackages(true, "org.javaee7.jaspic")
+                    .addAsWebInfResource(resource("web.xml"))
+                    .addAsWebInfResource(resource("jboss-web.xml"))
+                    .addAsWebInfResource(resource("glassfish-web.xml")));
+    }
+    
+    private static WebArchive removeTestClasses(WebArchive archive) {
+        for (Map.Entry<ArchivePath, Node> content : archive.getContent().entrySet()) {
+            if (content.getKey().get().endsWith("Test.class")) {
+                archive.delete(content.getKey().get());
+            }
+        }
+        archive.deleteClass(ArquillianBase.class);
+        
+        return archive;
     }
     
     public static Archive<?> tryWrapEAR(WebArchive webArchive) {

From 9a961270dfba450db095ac545c492c63db0f64db Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 8 Jan 2020 21:43:07 +0100
Subject: [PATCH 16/31] Update Piranha profile

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 pom.xml | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 80057a0da..a6afb586c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -366,9 +366,6 @@
     
             <properties> 
                 <skipEJB>true</skipEJB>
-                <skipCDI>true</skipCDI>
-                <skipJSF>true</skipJSF>
-                <skipJACC>true</skipJACC>
                 <!-- Client-cert needs complicated cert setup, which hasn't been done -->
                 <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
@@ -395,8 +392,9 @@
                         <configuration>
                             <systemPropertyVariables>
                                 <javaEEServer>piranha-embedded</javaEEServer>
-                                <piranha.version>19.12.0</piranha.version>
-                                <piranha.repositories>https://dl.bintray.com/piranhacloud/maven</piranha.repositories>
+                                <piranha.version>20.1.0-SNAPSHOT</piranha.version>
+                                <piranha.offline>true</piranha.offline>
+                                <skipEJB>${skipEJB}</skipEJB>
                             </systemPropertyVariables>
                         </configuration>
                     </plugin>

From 092ffee9aebda8140d1b6e143e08a2a3e5d18170 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Wed, 8 Jan 2020 21:44:08 +0100
Subject: [PATCH 17/31] Add EJB switch and more explicitly define archive

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../RequestFromPolicyContextTest.java         | 48 ++++++++++++++-----
 .../SubjectFromPolicyContextTest.java         | 11 ++++-
 2 files changed, 44 insertions(+), 15 deletions(-)

diff --git a/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/RequestFromPolicyContextTest.java b/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/RequestFromPolicyContextTest.java
index 837496371..8e20af4f6 100644
--- a/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/RequestFromPolicyContextTest.java
+++ b/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/RequestFromPolicyContextTest.java
@@ -6,11 +6,18 @@
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.javaee7.jacc.contexts.bean.JaccRequestBean;
+import org.javaee7.jacc.contexts.sam.SamAutoRegistrationListener;
+import org.javaee7.jacc.contexts.sam.TestServerAuthModule;
+import org.javaee7.jacc.contexts.servlet.RequestServlet;
+import org.javaee7.jacc.contexts.servlet.RequestServletEJB;
+import org.javaee7.jacc.contexts.servlet.SubjectServlet;
 import org.javaee7.jaspic.common.ArquillianBase;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.shrinkwrap.api.Archive;
 import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Assume;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.xml.sax.SAXException;
@@ -27,8 +34,18 @@ public class RequestFromPolicyContextTest extends ArquillianBase {
 
     @Deployment(testable = false)
     public static Archive<?> createDeployment() {
-        // TODO: Fix for Liberty which requires EARs :(
-        return ((WebArchive)defaultArchive()).addPackages(true, "org.javaee7.jacc");
+        WebArchive archive = ((WebArchive) ArquillianBase.defaultArchive())
+                .addClasses(
+                    SamAutoRegistrationListener.class, TestServerAuthModule.class,
+                    RequestServlet.class, SubjectServlet.class);
+        
+        if (!Boolean.valueOf(System.getProperty("skipEJB"))) {
+            archive.addClasses(JaccRequestBean.class, RequestServletEJB.class);
+        } else {
+            System.out.println("Skipping EJB based tests");
+        }
+        
+        return archive;
     }
 
     /**
@@ -41,17 +58,7 @@ public void testCanObtainRequestInServlet() throws IOException, SAXException {
 
         assertTrue(response.contains("Obtained request from context."));
     }
-
-    /**
-     * Tests that we are able to obtain a reference to the {@link HttpServletRequest} from an EJB.
-     */
-    @Test
-    public void testCanObtainRequestInEJB() throws IOException, SAXException {
-
-        String response = getFromServerPath("requestServletEJB");
-
-        assertTrue(response.contains("Obtained request from context."));
-    }
+    
 
     /**
      * Tests that the {@link HttpServletRequest} reference that we obtained from JACC in a Servlet actually
@@ -77,6 +84,8 @@ public void testDataInServlet() throws IOException, SAXException {
      */
     @Test
     public void testDataInEJB() throws IOException, SAXException {
+        
+        Assume.assumeTrue(false);
 
         String response = getFromServerPath("requestServlet?jacc_test=true");
 
@@ -88,5 +97,18 @@ public void testDataInEJB() throws IOException, SAXException {
             "Request parameter not present in request obtained from context in EJB, but should have been",
             response.contains("Request parameter present in request from context."));
     }
+    
+    /**
+     * Tests that we are able to obtain a reference to the {@link HttpServletRequest} from an EJB.
+     */
+    @Test
+    public void testCanObtainRequestInEJB() throws IOException, SAXException {
+        
+        Assume.assumeTrue(false);
+
+        String response = getFromServerPath("requestServletEJB");
+
+        assertTrue(response.contains("Obtained request from context."));
+    }
 
 }
\ No newline at end of file
diff --git a/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/SubjectFromPolicyContextTest.java b/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/SubjectFromPolicyContextTest.java
index 539ebef5f..3e155f0f8 100644
--- a/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/SubjectFromPolicyContextTest.java
+++ b/jacc/contexts/src/test/java/org/javaee7/jacc/contexts/SubjectFromPolicyContextTest.java
@@ -7,7 +7,10 @@
 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletRequest;
 
+import org.javaee7.jacc.contexts.sam.SamAutoRegistrationListener;
 import org.javaee7.jacc.contexts.sam.TestServerAuthModule;
+import org.javaee7.jacc.contexts.servlet.RequestServlet;
+import org.javaee7.jacc.contexts.servlet.SubjectServlet;
 import org.javaee7.jaspic.common.ArquillianBase;
 import org.jboss.arquillian.container.test.api.Deployment;
 import org.jboss.arquillian.junit.Arquillian;
@@ -46,8 +49,12 @@ public class SubjectFromPolicyContextTest extends ArquillianBase {
 
     @Deployment(testable = false)
     public static Archive<?> createDeployment() {
-        // TODO: Fix for Liberty which requires EARs :(
-        return ((WebArchive)defaultArchive()).addPackages(true, "org.javaee7.jacc");
+        WebArchive archive = ((WebArchive) ArquillianBase.defaultArchive())
+                .addClasses(
+                    SamAutoRegistrationListener.class, TestServerAuthModule.class,
+                    RequestServlet.class, SubjectServlet.class);
+        
+        return archive;
     }
 
     /**

From 278bf7607c523ab229ed3f2cd55c88175e32b0ec Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Tue, 14 Jan 2020 15:41:32 +0100
Subject: [PATCH 18/31] Updated for Piranha 20.1.2

---
 pom.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pom.xml b/pom.xml
index a6afb586c..a8716f1e8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -362,7 +362,7 @@
         <!-- ### PIRANHA ### -->
     
         <profile>
-            <id>piranha-embedded</id>
+            <id>piranha-embedded-micro</id>
     
             <properties> 
                 <skipEJB>true</skipEJB>
@@ -380,7 +380,7 @@
                 <dependency>
                      <groupId>cloud.piranha.arquillian</groupId>
                      <artifactId>piranha-arquillian-server</artifactId>
-                     <version>20.1.0-SNAPSHOT</version>
+                     <version>20.1.2</version>
                 </dependency>
             </dependencies>
             
@@ -392,8 +392,8 @@
                         <configuration>
                             <systemPropertyVariables>
                                 <javaEEServer>piranha-embedded</javaEEServer>
-                                <piranha.version>20.1.0-SNAPSHOT</piranha.version>
-                                <piranha.offline>true</piranha.offline>
+                                <piranha.version>20.1.2</piranha.version>
+                                <piranha.offline>false</piranha.offline>
                                 <skipEJB>${skipEJB}</skipEJB>
                             </systemPropertyVariables>
                         </configuration>

From b0e8b576a48a2bae5e32e98c7a918867309b6869 Mon Sep 17 00:00:00 2001
From: Ladislav Thon <lthon@redhat.com>
Date: Thu, 7 May 2020 10:35:25 +0200
Subject: [PATCH 19/31] fix the test for HTTP protocol upgrade

If the HTTP client wants to request protocol upgrade, it must
send the `Upgrade` header. It should also set the `Connection`
header. This test didn't do that, so conforming implementations
could reject the `request.upgrade()` call. The fix is simple:
add the 2 headers on the client side (i.e., in the test).

To be able to set `Connection` and `Upgrade` headers on the
`java.net.HttpURLConnection`, restricted headers must be allowed
by setting a special system property.

See also https://developer.mozilla.org/en-US/docs/Web/HTTP/Protocol_upgrade_mechanism
and the Servlet specification 4.0, section 2.3.3.5.
---
 servlet/protocol-handler/pom.xml               | 15 +++++++++++++++
 .../protocolhandler/UpgradeServlet.java        | 18 ++++++++++++------
 .../protocolhandler/ProtocolHandlerTest.java   |  6 ++++--
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/servlet/protocol-handler/pom.xml b/servlet/protocol-handler/pom.xml
index e49c5507f..71b9394f4 100644
--- a/servlet/protocol-handler/pom.xml
+++ b/servlet/protocol-handler/pom.xml
@@ -12,4 +12,19 @@
     <packaging>war</packaging>
 
     <name>Java EE 7 Sample: servlet - protocol-handler</name>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <systemPropertyVariables combine.children="append">
+                        <!-- to request protocol upgrade, the client must send the Connection and Upgrade headers -->
+                        <sun.net.http.allowRestrictedHeaders>true</sun.net.http.allowRestrictedHeaders>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
 </project>
diff --git a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
index 8bca67535..862f14a79 100644
--- a/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
+++ b/servlet/protocol-handler/src/main/java/org/javaee7/servlet/protocolhandler/UpgradeServlet.java
@@ -39,6 +39,7 @@
  */
 package org.javaee7.servlet.protocolhandler;
 
+import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static javax.servlet.http.HttpServletResponse.SC_SWITCHING_PROTOCOLS;
 
 import java.io.IOException;
@@ -66,11 +67,16 @@ public class UpgradeServlet extends HttpServlet {
      * @throws IOException if an I/O error occurs
      */
     protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-        response.setStatus(SC_SWITCHING_PROTOCOLS);
-        response.setHeader("Connection", "Upgrade");
-        response.setHeader("Upgrade", "echo");
-        request.upgrade(MyProtocolHandler.class);
-        
-        System.out.println("Request upgraded to MyProtocolHandler");
+        String requestedUpgrade = request.getHeader("Upgrade");
+        if ("echo".equals(requestedUpgrade)) {
+            response.setStatus(SC_SWITCHING_PROTOCOLS);
+            response.setHeader("Connection", "Upgrade");
+            response.setHeader("Upgrade", "echo");
+            request.upgrade(MyProtocolHandler.class);
+
+            System.out.println("Request upgraded to MyProtocolHandler");
+        } else {
+            response.sendError(SC_BAD_REQUEST, "unknown upgrade " + requestedUpgrade);
+        }
     }
 }
diff --git a/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java b/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java
index 2e02c1baa..a7fe9e1bd 100644
--- a/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java
+++ b/servlet/protocol-handler/src/test/java/org/javaee7/servlet/protocolhandler/ProtocolHandlerTest.java
@@ -1,6 +1,6 @@
 package org.javaee7.servlet.protocolhandler;
 
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertEquals;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -44,6 +44,8 @@ public void testUpgradeProtocol() throws IOException, URISyntaxException {
         // typically hang when reading.
         
         URLConnection connection = new URL(base, "UpgradeServlet").openConnection();
+        connection.setRequestProperty("Connection", "Upgrade");
+        connection.setRequestProperty("Upgrade", "echo");
         connection.setConnectTimeout(2000);
         connection.setReadTimeout(2000);
         
@@ -71,7 +73,7 @@ public void testUpgradeProtocol() throws IOException, URISyntaxException {
             }
         }
         
-        assertTrue("In protocol handler".equals(response.toString()));
+        assertEquals("In protocol handler", response.toString());
     }
     
 }

From 07797bf5c66656f088facd6b1c0c619057f1716c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 May 2020 21:14:46 +0000
Subject: [PATCH 20/31] Bump htmlunit from 2.35.0 to 2.37.0

Bumps [htmlunit](https://github.com/HtmlUnit/htmlunit) from 2.35.0 to 2.37.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/2.35.0...2.37.0)

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaspic/common/pom.xml | 2 +-
 pom.xml               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index 82da0e698..07e04bb54 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -52,7 +52,7 @@
         <dependency>
             <groupId>net.sourceforge.htmlunit</groupId>
             <artifactId>htmlunit</artifactId>
-            <version>2.31</version>
+            <version>2.37.0</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
diff --git a/pom.xml b/pom.xml
index a8716f1e8..ad03f6804 100644
--- a/pom.xml
+++ b/pom.xml
@@ -228,7 +228,7 @@
         <dependency>
             <groupId>net.sourceforge.htmlunit</groupId>
             <artifactId>htmlunit</artifactId>
-            <version>2.35.0</version>
+            <version>2.37.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>

From be7d1b2065f571e85d3fe95c8acd80ddeb888205 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Fri, 5 Jun 2020 19:37:55 +0200
Subject: [PATCH 21/31] Added sample that shows a servlet present in a
 WEB-INF/lib jar.

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 servlet/pom.xml                               |  1 +
 .../empty-app-servlet-lib/pom.xml             | 23 ++++++++
 .../empty/app/EmptyAppWithLibTest.java        | 59 +++++++++++++++++++
 servlet/servlet-libs/pom.xml                  | 25 ++++++++
 servlet/servlet-libs/servlet-lib/pom.xml      | 54 +++++++++++++++++
 .../basic/servlet/BasicServlet.java           | 24 ++++++++
 6 files changed, 186 insertions(+)
 create mode 100644 servlet/servlet-libs/empty-app-servlet-lib/pom.xml
 create mode 100644 servlet/servlet-libs/empty-app-servlet-lib/src/test/java/org/javaee7/servlet/servlet_libs/empty/app/EmptyAppWithLibTest.java
 create mode 100644 servlet/servlet-libs/pom.xml
 create mode 100644 servlet/servlet-libs/servlet-lib/pom.xml
 create mode 100644 servlet/servlet-libs/servlet-lib/src/main/java/org/javaee7/servlet/servlet_libs/basic/servlet/BasicServlet.java

diff --git a/servlet/pom.xml b/servlet/pom.xml
index 912a59a6e..1bbe27055 100644
--- a/servlet/pom.xml
+++ b/servlet/pom.xml
@@ -27,6 +27,7 @@
         <module>resource-packaging</module>
         <module>file-upload</module>
         <module>programmatic-registration</module>
+        <module>servlet-libs</module>
         
         <!-- Security samples assuming the container identity store -->
         <module>security-basicauth</module>
diff --git a/servlet/servlet-libs/empty-app-servlet-lib/pom.xml b/servlet/servlet-libs/empty-app-servlet-lib/pom.xml
new file mode 100644
index 000000000..5545d4563
--- /dev/null
+++ b/servlet/servlet-libs/empty-app-servlet-lib/pom.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.javaee7</groupId>
+        <artifactId>servlet-libs</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>empty-app-servlet-lib</artifactId>
+    <packaging>war</packaging>
+
+    <name>Java EE 7 Sample: servlet - empty-app-servlet-lib</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.javaee7</groupId>
+            <artifactId>servlet-lib</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/servlet/servlet-libs/empty-app-servlet-lib/src/test/java/org/javaee7/servlet/servlet_libs/empty/app/EmptyAppWithLibTest.java b/servlet/servlet-libs/empty-app-servlet-lib/src/test/java/org/javaee7/servlet/servlet_libs/empty/app/EmptyAppWithLibTest.java
new file mode 100644
index 000000000..445d2f309
--- /dev/null
+++ b/servlet/servlet-libs/empty-app-servlet-lib/src/test/java/org/javaee7/servlet/servlet_libs/empty/app/EmptyAppWithLibTest.java
@@ -0,0 +1,59 @@
+package org.javaee7.servlet.servlet_libs.empty.app;
+
+import static org.junit.Assert.assertTrue;
+
+import java.net.MalformedURLException;
+import java.net.URISyntaxException;
+import java.net.URL;
+
+import javax.ws.rs.client.ClientBuilder;
+
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.RunAsClient;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.jboss.shrinkwrap.resolver.api.maven.Maven;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+/**
+ * 
+ * @author Arjan Tijms
+ *
+ */
+@RunWith(Arquillian.class)
+public class EmptyAppWithLibTest {
+    
+    @ArquillianResource
+    private URL base;
+
+    @Deployment(testable = false)
+    public static WebArchive deploy() throws URISyntaxException {
+        JavaArchive[] archiveWithServlet =
+            Maven.resolver()
+                 .loadPomFromFile("pom.xml")
+                 .resolve("org.javaee7:servlet-lib")
+                 .withoutTransitivity()
+                 .as(JavaArchive.class);
+        
+        return ShrinkWrap.create(WebArchive.class)
+                         .addAsLibraries(archiveWithServlet);
+    }
+
+    @Test
+    @RunAsClient
+    public void invokeBasicServlet() throws MalformedURLException, URISyntaxException {
+        String response = 
+            ClientBuilder.newClient()
+                         .target(new URL(base, "basic").toURI())
+                         .request()
+                         .get()
+                         .readEntity(String.class);
+        
+        assertTrue(response.startsWith("get request"));
+    }
+
+}
diff --git a/servlet/servlet-libs/pom.xml b/servlet/servlet-libs/pom.xml
new file mode 100644
index 000000000..ee2519d80
--- /dev/null
+++ b/servlet/servlet-libs/pom.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
+
+   <parent>
+        <groupId>org.javaee7</groupId>
+        <artifactId>servlet</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    
+    <description>
+        This module contains samples for functioning of web apps and code in libraries 
+        (jars in WEB-INF/lib).
+    </description>
+
+   <artifactId>servlet-libs</artifactId>
+   <packaging>pom</packaging>
+
+   <name>Java EE 7 Sample: Servlet - libs</name>
+
+   <modules>
+        <module>servlet-lib</module>
+        <module>empty-app-servlet-lib</module>
+    </modules>
+</project>
diff --git a/servlet/servlet-libs/servlet-lib/pom.xml b/servlet/servlet-libs/servlet-lib/pom.xml
new file mode 100644
index 000000000..ccda7987c
--- /dev/null
+++ b/servlet/servlet-libs/servlet-lib/pom.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+   <modelVersion>4.0.0</modelVersion>
+
+   <groupId>org.javaee7</groupId>
+   <artifactId>servlet-lib</artifactId>
+   <version>1.0-SNAPSHOT</version>
+
+   <name>Java EE 7 Sample: servlet - servlet-lib</name>
+   <description>
+        This module delivers a jar with a single Servlet in it. The intend is for this to be included
+        in the WEB-INF/lib folder of a war, to test that Servlets are found and correctly excecuted
+        from there. As such this module itself contains no tests.
+    </description>
+
+   <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <java.min.version>1.7</java.min.version>
+    </properties>
+
+   <dependencies>
+        <dependency>
+            <groupId>javax</groupId>
+            <artifactId>javaee-api</artifactId>
+            <version>7.0</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.13</version>
+        </dependency>
+    </dependencies>
+
+   <build>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>true</filtering>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.6.1</version>
+                <configuration>
+                    <source>${java.min.version}</source>
+                    <target>${java.min.version}</target>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/servlet/servlet-libs/servlet-lib/src/main/java/org/javaee7/servlet/servlet_libs/basic/servlet/BasicServlet.java b/servlet/servlet-libs/servlet-lib/src/main/java/org/javaee7/servlet/servlet_libs/basic/servlet/BasicServlet.java
new file mode 100644
index 000000000..183ed6669
--- /dev/null
+++ b/servlet/servlet-libs/servlet-lib/src/main/java/org/javaee7/servlet/servlet_libs/basic/servlet/BasicServlet.java
@@ -0,0 +1,24 @@
+package org.javaee7.servlet.servlet_libs.basic.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Arjan Tijms
+ */
+@WebServlet("/basic")
+public class BasicServlet extends HttpServlet {
+
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        response.getWriter().print("get request");
+    }
+    
+}

From ba04eb37d08a4a04bee39269a156b702e645fab5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 5 Jun 2020 17:38:47 +0000
Subject: [PATCH 22/31] Bump htmlunit from 2.31 to 2.37.0 in /jaspic/common

Bumps [htmlunit](https://github.com/HtmlUnit/htmlunit) from 2.31 to 2.37.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/HtmlUnit-2.31...2.37.0)

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaspic/common/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index 82da0e698..07e04bb54 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -52,7 +52,7 @@
         <dependency>
             <groupId>net.sourceforge.htmlunit</groupId>
             <artifactId>htmlunit</artifactId>
-            <version>2.31</version>
+            <version>2.37.0</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

From 5f7e6b83dd6f0af5ef480f05824471e63ed929a7 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Fri, 5 Jun 2020 19:49:06 +0200
Subject: [PATCH 23/31] Updated several dependency versions

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 pom.xml            | 36 +++++++++++++++++-------------------
 test-utils/pom.xml |  4 ++--
 2 files changed, 19 insertions(+), 21 deletions(-)

diff --git a/pom.xml b/pom.xml
index ad03f6804..0a349500e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,9 +10,9 @@
     <name>Java EE 7 Sample: javaee7-samples</name>
 
     <properties>
-        <arquillian.version>1.4.1.Final</arquillian.version>
+        <arquillian.version>1.7.0.Alpha1</arquillian.version>
         <java.min.version>1.7</java.min.version>
-        <maven.min.version>3.0.0</maven.min.version>
+        <maven.min.version>3.5.4</maven.min.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         
         <maven.test.skip>false</maven.test.skip>
@@ -129,7 +129,7 @@
             <dependency>
                 <groupId>fish.payara.arquillian</groupId>
                 <artifactId>payara-client-ee7</artifactId>
-                <version>1.0.Beta3-m1</version>
+                <version>2.2</version>
                 <scope>test</scope>
             </dependency>
             <dependency>
@@ -163,26 +163,24 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.12</version>
+            <version>4.13</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.hamcrest</groupId>
             <artifactId>hamcrest-core</artifactId>
-            <version>2.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.hamcrest</groupId>
             <artifactId>hamcrest-library</artifactId>
-            <version>2.1</version>
             <scope>test</scope>
         </dependency>
         <!-- Alternative to Hamcrest matchers. Provides fluent, type-aware API -->
         <dependency>
             <groupId>org.assertj</groupId>
             <artifactId>assertj-core</artifactId>
-            <version>1.5.0</version>
+            <version>3.16.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -228,7 +226,7 @@
         <dependency>
             <groupId>net.sourceforge.htmlunit</groupId>
             <artifactId>htmlunit</artifactId>
-            <version>2.37.0</version>
+            <version>2.40.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -282,7 +280,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.8.0</version>
+                <version>3.8.1</version>
                 <configuration>
                     <source>${java.min.version}</source>
                     <target>${java.min.version}</target>
@@ -300,7 +298,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-war-plugin</artifactId>
-                <version>3.2.2</version>
+                <version>3.2.3</version>
                 <configuration>
                     <attachClasses>true</attachClasses>
                     <failOnMissingWebXml>false</failOnMissingWebXml>
@@ -333,7 +331,7 @@
             <plugin>
                 <groupId>org.wildfly.plugins</groupId>
                 <artifactId>wildfly-maven-plugin</artifactId>
-                <version>1.0.2.Final</version>
+                <version>1.2.1.Final</version>
             </plugin>
         </plugins>
         <pluginManagement>
@@ -341,12 +339,12 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-enforcer-plugin</artifactId>
-                    <version>3.0.0-M2</version>
+                    <version>3.0.0-M3</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-surefire-plugin</artifactId>
-                    <version>3.0.0-M3</version>
+                    <version>3.0.0-M4</version>
                 </plugin>
             </plugins>
         </pluginManagement>
@@ -380,7 +378,7 @@
                 <dependency>
                      <groupId>cloud.piranha.arquillian</groupId>
                      <artifactId>piranha-arquillian-server</artifactId>
-                     <version>20.1.2</version>
+                     <version>20.6.0-SNAPSHOT</version>
                 </dependency>
             </dependencies>
             
@@ -392,8 +390,8 @@
                         <configuration>
                             <systemPropertyVariables>
                                 <javaEEServer>piranha-embedded</javaEEServer>
-                                <piranha.version>20.1.2</piranha.version>
-                                <piranha.offline>false</piranha.offline>
+                                <piranha.version>20.6.0-SNAPSHOT</piranha.version>
+                                <piranha.offline>true</piranha.offline>
                                 <skipEJB>${skipEJB}</skipEJB>
                             </systemPropertyVariables>
                         </configuration>
@@ -426,7 +424,7 @@
                 <dependency>
                     <groupId>fish.payara.arquillian</groupId>
                     <artifactId>arquillian-payara-server-4-managed</artifactId>
-                    <version>1.0.Beta3-m1</version>
+                    <version>1.1</version>
                 </dependency>
             </dependencies>
             
@@ -1445,7 +1443,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-antrun-plugin</artifactId>
-                        <version>1.1</version>
+                        <version>1.8</version>
                         <executions>
                             <execution>
                                 <phase>process-test-classes</phase>
@@ -1705,7 +1703,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-dependency-plugin</artifactId>
-                        <version>2.4</version>
+                        <version>3.1.2</version>
                         <executions>
                             <execution>
                                 <id>sources</id>
diff --git a/test-utils/pom.xml b/test-utils/pom.xml
index 1a596a1f6..90d9a57ad 100644
--- a/test-utils/pom.xml
+++ b/test-utils/pom.xml
@@ -9,7 +9,7 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <arquillian.version>1.1.14.Final</arquillian.version>
+        <arquillian.version>1.7.0.Alpha1</arquillian.version>
         <java.min.version>1.7</java.min.version>
     </properties>
 
@@ -35,7 +35,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.12</version>
+            <version>4.13</version>
         </dependency>
         <dependency>
             <groupId>org.jboss.arquillian.container</groupId>

From c980615fb4204dfe19fec6a022219b3dfd214594 Mon Sep 17 00:00:00 2001
From: arjantijms <arjan.tijms@gmail.com>
Date: Fri, 5 Jun 2020 19:49:35 +0200
Subject: [PATCH 24/31] Small cleaning and removing deprecated lines

Signed-off-by: arjantijms <arjan.tijms@gmail.com>
---
 .../packaging/ResourcePackagingTest.java      | 33 ++++++++++---------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/servlet/resource-packaging/src/test/java/org/javaee7/servlet/resource/packaging/ResourcePackagingTest.java b/servlet/resource-packaging/src/test/java/org/javaee7/servlet/resource/packaging/ResourcePackagingTest.java
index 5d179c70a..7a662a411 100644
--- a/servlet/resource-packaging/src/test/java/org/javaee7/servlet/resource/packaging/ResourcePackagingTest.java
+++ b/servlet/resource-packaging/src/test/java/org/javaee7/servlet/resource/packaging/ResourcePackagingTest.java
@@ -1,22 +1,19 @@
 package org.javaee7.servlet.resource.packaging;
 
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.startsWith;
-import static org.junit.Assert.assertThat;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 
 import java.io.File;
 import java.net.MalformedURLException;
-import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
+import java.util.logging.Logger;
 
-import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.WebTarget;
 import javax.ws.rs.core.Response;
 
 import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.container.test.api.RunAsClient;
 import org.jboss.arquillian.junit.Arquillian;
 import org.jboss.arquillian.test.api.ArquillianResource;
 import org.jboss.shrinkwrap.api.ShrinkWrap;
@@ -29,26 +26,32 @@
  */
 @RunWith(Arquillian.class)
 public class ResourcePackagingTest {
+    
+    Logger logger = Logger.getLogger(ResourcePackagingTest.class.getName());
 
     @Deployment(testable = false)
     public static WebArchive deploy() throws URISyntaxException {
         return ShrinkWrap.create(WebArchive.class)
-            .addAsLibrary(new File("src/main/webapp/WEB-INF/lib/myResources.jar"), "myResources.jar");
+                         .addAsLibrary(new File("src/main/webapp/WEB-INF/lib/myResources.jar"), "myResources.jar");
     }
 
     @ArquillianResource
     private URL base;
 
     @Test
-    public void getMyResourceJarStyles() throws MalformedURLException {
-        Client client = ClientBuilder.newClient();
-        WebTarget target = client.target(URI.create(new URL(base, "styles.css").toExternalForm()));
-        Response response = target.request().get();
-
-        assertThat(response.getStatus(), is(equalTo(200)));
+    @RunAsClient
+    public void getMyResourceJarStyles() throws MalformedURLException, URISyntaxException {
+        Response response = 
+            ClientBuilder.newClient()
+                         .target(new URL(base, "styles.css").toURI())
+                         .request()
+                         .get();
+        
+        assertEquals(200, response.getStatus());
 
         String style = response.readEntity(String.class);
-        assertThat(style, startsWith("body {"));
+        
+        assertTrue(style.startsWith("body {"));
     }
 
 }

From bf5f5df1033b6d25bf0e64857c1f2dfc0ac68912 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Sep 2020 18:29:11 +0000
Subject: [PATCH 25/31] Bump ant from 1.7.0 to 1.9.15 in
 /jaxrpc/jaxrpc-security

Bumps ant from 1.7.0 to 1.9.15.

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaxrpc/jaxrpc-security/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jaxrpc/jaxrpc-security/pom.xml b/jaxrpc/jaxrpc-security/pom.xml
index dcc9c6c31..516d5f709 100644
--- a/jaxrpc/jaxrpc-security/pom.xml
+++ b/jaxrpc/jaxrpc-security/pom.xml
@@ -32,7 +32,7 @@
         <dependency>
             <groupId>org.apache.ant</groupId>
             <artifactId>ant</artifactId>
-            <version>1.7.0</version>
+            <version>1.9.15</version>
         </dependency>
         
         <dependency>

From 29e57b1151c92ce9232fa982c142705c688be0f7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:53:43 +0000
Subject: [PATCH 26/31] Bump jsoup from 1.9.1 to 1.14.2 in /jaspic/common

Bumps [jsoup](https://github.com/jhy/jsoup) from 1.9.1 to 1.14.2.
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES)
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.9.1...jsoup-1.14.2)

---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaspic/common/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index 07e04bb54..c5e0c45fe 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -58,7 +58,7 @@
         <dependency>
             <groupId>org.jsoup</groupId>
             <artifactId>jsoup</artifactId>
-            <version>1.9.1</version>
+            <version>1.14.2</version>
         </dependency>
     </dependencies>
 </project>

From 976ab4f43c6fa883af2df89898d3d7cf6d61f7b1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:57:43 +0000
Subject: [PATCH 27/31] Bump logback-core from 1.0.13 to 1.2.0 in
 /websocket/atmosphere-chat

Bumps logback-core from 1.0.13 to 1.2.0.

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 websocket/atmosphere-chat/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/websocket/atmosphere-chat/pom.xml b/websocket/atmosphere-chat/pom.xml
index f627751e2..2f6dd9c8a 100644
--- a/websocket/atmosphere-chat/pom.xml
+++ b/websocket/atmosphere-chat/pom.xml
@@ -30,7 +30,7 @@
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-core</artifactId>
-            <version>1.0.13</version>
+            <version>1.2.0</version>
         </dependency>
         <dependency>
             <groupId>org.atmosphere</groupId>

From df675e890097904c172fdf29ce25e17bec2fbbb1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:57:46 +0000
Subject: [PATCH 28/31] Bump junit from 4.11 to 4.13.1 in /jaspic/common

Bumps [junit](https://github.com/junit-team/junit4) from 4.11 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.11.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.11...r4.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaspic/common/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index c5e0c45fe..069b74319 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -46,7 +46,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.11</version>
+            <version>4.13.1</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

From 5fdc76169fdccbd11214218e86598c5c1c5aa146 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:58:17 +0000
Subject: [PATCH 29/31] Bump junit from 4.13 to 4.13.1

Bumps [junit](https://github.com/junit-team/junit4) from 4.13 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.13...r4.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
---
 ejb/embeddable/pom.xml                   | 2 +-
 jaspic/common/pom.xml                    | 2 +-
 pom.xml                                  | 2 +-
 servlet/servlet-libs/servlet-lib/pom.xml | 2 +-
 test-utils/pom.xml                       | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ejb/embeddable/pom.xml b/ejb/embeddable/pom.xml
index 17032dd7d..cc1eacac5 100644
--- a/ejb/embeddable/pom.xml
+++ b/ejb/embeddable/pom.xml
@@ -18,7 +18,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.10</version>
+            <version>4.13.1</version>
             <scope>test</scope>
             <type>jar</type>
         </dependency>
diff --git a/jaspic/common/pom.xml b/jaspic/common/pom.xml
index c5e0c45fe..069b74319 100644
--- a/jaspic/common/pom.xml
+++ b/jaspic/common/pom.xml
@@ -46,7 +46,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.11</version>
+            <version>4.13.1</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
diff --git a/pom.xml b/pom.xml
index 0a349500e..9156a11a9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -163,7 +163,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.13</version>
+            <version>4.13.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
diff --git a/servlet/servlet-libs/servlet-lib/pom.xml b/servlet/servlet-libs/servlet-lib/pom.xml
index ccda7987c..8ad86b342 100644
--- a/servlet/servlet-libs/servlet-lib/pom.xml
+++ b/servlet/servlet-libs/servlet-lib/pom.xml
@@ -28,7 +28,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.13</version>
+            <version>4.13.1</version>
         </dependency>
     </dependencies>
 
diff --git a/test-utils/pom.xml b/test-utils/pom.xml
index 90d9a57ad..263f2eb41 100644
--- a/test-utils/pom.xml
+++ b/test-utils/pom.xml
@@ -35,7 +35,7 @@
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.13</version>
+            <version>4.13.1</version>
         </dependency>
         <dependency>
             <groupId>org.jboss.arquillian.container</groupId>

From fd93fde4a560ef5e1c008a0d708cddbf5481644e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Aug 2021 21:04:48 +0000
Subject: [PATCH 30/31] Bump ant from 1.9.15 to 1.10.11 in
 /jaxrpc/jaxrpc-security

Bumps ant from 1.9.15 to 1.10.11.

---
updated-dependencies:
- dependency-name: org.apache.ant:ant
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 jaxrpc/jaxrpc-security/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jaxrpc/jaxrpc-security/pom.xml b/jaxrpc/jaxrpc-security/pom.xml
index 516d5f709..37c76a192 100644
--- a/jaxrpc/jaxrpc-security/pom.xml
+++ b/jaxrpc/jaxrpc-security/pom.xml
@@ -32,7 +32,7 @@
         <dependency>
             <groupId>org.apache.ant</groupId>
             <artifactId>ant</artifactId>
-            <version>1.9.15</version>
+            <version>1.10.11</version>
         </dependency>
         
         <dependency>

From 160223278a869adc9a144d15e71bad61124b2ec7 Mon Sep 17 00:00:00 2001
From: Alfonso Valdez <alfonso.valdezaltamirano@gmail.com>
Date: Thu, 2 Dec 2021 22:31:32 -0600
Subject: [PATCH 31/31] updating jaxb and jaxws to execute jdk17

---
 jaxws/jaxws-client/pom.xml | 1 +
 jaxws/pom.xml              | 8 +-------
 pom.xml                    | 4 ++--
 3 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/jaxws/jaxws-client/pom.xml b/jaxws/jaxws-client/pom.xml
index 94b71f3be..cbdc0d008 100644
--- a/jaxws/jaxws-client/pom.xml
+++ b/jaxws/jaxws-client/pom.xml
@@ -18,6 +18,7 @@
                 <!-- wsimport for web service classes generation -->
                 <groupId>com.helger.maven</groupId>
                 <artifactId>jaxws-maven-plugin</artifactId>
+                <version>2.6.2</version>
                 <executions>
                     <execution>
                         <phase>generate-sources</phase>
diff --git a/jaxws/pom.xml b/jaxws/pom.xml
index 84686e4cb..81a9e49f2 100644
--- a/jaxws/pom.xml
+++ b/jaxws/pom.xml
@@ -24,16 +24,10 @@
             <version>${project.version}</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>javax.xml.ws</groupId>
-            <artifactId>jaxws-api</artifactId>
-            <version>2.3.1</version>
-            <scope>test</scope>
-        </dependency>
         <dependency>
             <groupId>com.sun.xml.ws</groupId>
             <artifactId>jaxws-rt</artifactId>
-            <version>2.3.2</version>
+            <version>2.3.5</version>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/pom.xml b/pom.xml
index 9156a11a9..732727fc8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -256,12 +256,12 @@
         <dependency>
             <groupId>jakarta.xml.bind</groupId>
             <artifactId>jakarta.xml.bind-api</artifactId>
-            <version>2.3.2</version>
+            <version>3.0.0</version>
         </dependency>
         <dependency>
             <groupId>org.glassfish.jaxb</groupId>
             <artifactId>jaxb-runtime</artifactId>
-            <version>2.3.2</version>
+            <version>3.0.0</version>
         </dependency>
     </dependencies>