SEC-3042: Add SecurityTestExecutionListeners
This commit is contained in:
parent
4cafd575c0
commit
2d448658cd
|
@ -45,9 +45,10 @@ This is a basic example of how to setup Spring Security Test. The highlights are
|
|||
<1> `@RunWith` instructs the spring-test module that it should create an ApplicationContext This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#integration-testing-annotations-standard[Spring Reference]
|
||||
<2> `@ContextConfiguration` instructs the spring-test the configuration to use to create the `ApplicationContext`. Since no configuration is specified, the default configuration locations will be tried. This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#testcontext-ctx-management[Spring Reference]
|
||||
|
||||
NOTE: Spring Security hooks into Spring Test support using the `WithSecurityContextTestExcecutionListener` which will ensure our tests are ran with the correct user.
|
||||
NOTE: Spring Security hooks into Spring Test support using the `WithSecurityContextTestExecutionListener` which will ensure our tests are ran with the correct user.
|
||||
It does this by populating the `SecurityContextHolder` prior to running our tests.
|
||||
After the test is done, it will clear out the `SecurityContextHolder`.
|
||||
If you only need Spring Security related support, you can replace `@ContextConfiguration` with `@SecurityExecutionListeners`.
|
||||
|
||||
Remember we added the `@PreAuthorize` annotation to our `HelloMessageService` and so it requires an authenticated user to invoke it.
|
||||
If we ran the following test, we would expect the following test will pass:
|
||||
|
@ -204,7 +205,7 @@ You can find our `WithMockCustomUserSecurityContextFactory` implementation below
|
|||
[source,java]
|
||||
----
|
||||
public class WithMockCustomUserSecurityContextFactory
|
||||
implements WithSecurityContextFactory<WithMockCustomUser> {
|
||||
implements WithSecurityContextFactory<WithMockCustomUser> {
|
||||
@Override
|
||||
public SecurityContext createSecurityContext(WithMockCustomUser customUser) {
|
||||
SecurityContext context = SecurityContextHolder.createEmptyContext();
|
||||
|
|
|
@ -0,0 +1,45 @@
|
|||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.test.context.annotation;
|
||||
|
||||
import java.lang.annotation.Documented;
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.security.test.context.support.WithSecurityContextTestExecutionListener;
|
||||
import org.springframework.test.context.TestExecutionListeners;
|
||||
|
||||
/**
|
||||
* There are many times a user may want to use Spring Security's test support
|
||||
* (i.e. WithMockUser) but have no need for any other
|
||||
* {@link TestExecutionListeners} (i.e. no need to setup an
|
||||
* {@link ApplicationContext}). This annotation is a meta annotation that only
|
||||
* enables Spring Security's {@link TestExecutionListeners}.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 4.0.2
|
||||
*/
|
||||
@Documented
|
||||
@Inherited
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target(ElementType.TYPE)
|
||||
@TestExecutionListeners(inheritListeners = false, listeners = WithSecurityContextTestExecutionListener.class)
|
||||
public @interface SecurityTestExecutionListeners {
|
||||
}
|
|
@ -0,0 +1,35 @@
|
|||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.test.context.annotation;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@SecurityTestExecutionListeners
|
||||
public class SecurityTestExecutionListenerTests {
|
||||
|
||||
@WithMockUser
|
||||
@Test
|
||||
public void registered() {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication().getName()).isEqualTo("user");
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue