Security Tests Using CLIENT-CERT Authentication SecureServlet org.jboss.test.web.servlets.ssl.SecureServlet UnsecureServlet org.jboss.test.web.servlets.ssl.SecureServlet SecureServlet /restricted/SecureServlet UnsecureServlet /unrestricted/SecureServlet Resources requiring authenticated access over a secure transport Declarative security tests /restricted/* HEAD GET POST PUT DELETE Only authenticated users can access secure content AuthorizedUser Require a private channel CONFIDENTIAL Resources requiring access over a secure transport Declarative security tests /unrestricted/* HEAD GET POST PUT DELETE * Require a private channel CONFIDENTIAL CLIENT-CERT An AuthorizedUser is one with a valid username and password AuthorizedUser