SEC-3042: Add SecurityTestExecutionListeners

2015-07-16 13:51:37 -05:00 · 2015-07-16 13:51:37 -05:00 · 2d448658cd
parent 4cafd575c0
commit 2d448658cd
3 changed files with 83 additions and 2 deletions
--- a/docs/manual/src/docs/asciidoc/_includes/test.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/test.adoc
@ -45,9 +45,10 @@ This is a basic example of how to setup Spring Security Test. The highlights are
 <1> `@RunWith` instructs the spring-test module that it should create an ApplicationContext This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#integration-testing-annotations-standard[Spring Reference]
 <2> `@ContextConfiguration` instructs the spring-test the configuration to use to create the `ApplicationContext`. Since no configuration is specified, the default configuration locations will be tried. This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#testcontext-ctx-management[Spring Reference]

-NOTE: Spring Security hooks into Spring Test support using the  `WithSecurityContextTestExcecutionListener` which will ensure our tests are ran with the correct user.
+NOTE: Spring Security hooks into Spring Test support using the  `WithSecurityContextTestExecutionListener` which will ensure our tests are ran with the correct user.
 It does this by populating the `SecurityContextHolder` prior to running our tests.
 After the test is done, it will clear out the `SecurityContextHolder`.
+If you only need Spring Security related support, you can replace `@ContextConfiguration` with `@SecurityExecutionListeners`.

 Remember we added the `@PreAuthorize` annotation to our `HelloMessageService` and so it requires an authenticated user to invoke it.
 If we ran the following test, we would expect the following test will pass:
--- a/test/src/main/java/org/springframework/security/test/context/annotation/SecurityTestExecutionListeners.java
+++ b/test/src/main/java/org/springframework/security/test/context/annotation/SecurityTestExecutionListeners.java
@ -0,0 +1,45 @@
+/*
+ * Copyright 2002-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.test.context.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener;
+import org.springframework.test.context.TestExecutionListeners;
+
+/**
+ * There are many times a user may want to use Spring Security's test support
+ * (i.e. WithMockUser) but have no need for any other
+ * {@link TestExecutionListeners} (i.e. no need to setup an
+ * {@link ApplicationContext}). This annotation is a meta annotation that only
+ * enables Spring Security's {@link TestExecutionListeners}.
+ *
+ * @author Rob Winch
+ * @since 4.0.2
+ */
+@Documented
+@Inherited
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.TYPE)
+@TestExecutionListeners(inheritListeners = false, listeners = WithSecurityContextTestExecutionListener.class)
+public @interface SecurityTestExecutionListeners {
+}
--- a/test/src/test/java/org/springframework/security/test/context/annotation/SecurityTestExecutionListenerTests.java
+++ b/test/src/test/java/org/springframework/security/test/context/annotation/SecurityTestExecutionListenerTests.java
@ -0,0 +1,35 @@
+/*
+ * Copyright 2002-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.test.context.annotation;
+
+import static org.fest.assertions.Assertions.assertThat;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@SecurityTestExecutionListeners
+public class SecurityTestExecutionListenerTests {
+
+	@WithMockUser
+	@Test
+	public void registered() {
+		assertThat(SecurityContextHolder.getContext().getAuthentication().getName()).isEqualTo("user");
+	}
+}