Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-05 10:12:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Converted to using JMock.

Browse Source
This commit is contained in:
Luke Taylor 2008-11-13 06:50:55 +00:00
parent e18971fdf0
commit 3ef34122fc
1 changed files with 62 additions and 224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

286
core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java
View File

@ -15,36 +15,27 @@
package org.springframework.security.intercept.web; package org.springframework.security.intercept.web;
import java.io.IOException;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.TestCase;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.AccessDecisionManager; import org.springframework.security.AccessDecisionManager;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.Authentication; import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.ConfigAttribute; import org.springframework.security.ConfigAttribute;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.MockAccessDecisionManager;
import org.springframework.security.MockApplicationEventPublisher; import org.springframework.security.MockApplicationEventPublisher;
import org.springframework.security.MockAuthenticationManager;
import org.springframework.security.MockRunAsManager;
import org.springframework.security.RunAsManager; import org.springframework.security.RunAsManager;
import org.springframework.security.SecurityConfig; import org.springframework.security.SecurityConfig;
import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken; import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.util.RegexUrlPathMatcher;
/** /**
@ -53,235 +44,82 @@ import org.springframework.security.util.RegexUrlPathMatcher;
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
*/ */
public class FilterSecurityInterceptorTests extends TestCase { public class FilterSecurityInterceptorTests {
//~ Constructors =================================================================================================== private Mockery jmock = new JUnit4Mockery();
private AuthenticationManager am;
private AccessDecisionManager adm;
private FilterInvocationDefinitionSource ods;
private RunAsManager ram;
private FilterSecurityInterceptor interceptor;
public FilterSecurityInterceptorTests() {
}
public FilterSecurityInterceptorTests(String arg0) {
super(arg0);
}
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
@Before
public final void setUp() throws Exception { public final void setUp() throws Exception {
super.setUp(); interceptor = new FilterSecurityInterceptor();
SecurityContextHolder.clearContext(); am = jmock.mock(AuthenticationManager.class);
} ods = jmock.mock(FilterInvocationDefinitionSource.class);
adm = jmock.mock(AccessDecisionManager.class);
protected void tearDown() throws Exception { ram = jmock.mock(RunAsManager.class);
super.tearDown(); interceptor.setAuthenticationManager(am);
SecurityContextHolder.clearContext(); interceptor.setObjectDefinitionSource(ods);
} interceptor.setAccessDecisionManager(adm);
interceptor.setRunAsManager(ram);
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
interceptor.setRunAsManager(new MockRunAsManager());
interceptor.setAccessDecisionManager(new AccessDecisionManager() {
public boolean supports(Class clazz) {
return false;
}
public boolean supports(ConfigAttribute attribute) {
return true;
}
public void decide(Authentication authentication, Object object, List<ConfigAttribute> configAttributes)
throws AccessDeniedException {
throw new UnsupportedOperationException("mock method not implemented");
}
});
try {
interceptor.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("AccessDecisionManager does not support secure object class: class org.springframework.security.intercept.web.FilterInvocation",
expected.getMessage());
}
}
public void testEnsuresRunAsManagerSupportsFilterInvocationClass()
throws Exception {
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setObjectDefinitionSource(new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()));
interceptor.setRunAsManager(new RunAsManager() {
public boolean supports(Class clazz) {
return false;
}
public boolean supports(ConfigAttribute attribute) {
return true;
}
public Authentication buildRunAs(Authentication authentication, Object object,
List<ConfigAttribute> config) {
throw new UnsupportedOperationException("mock method not implemented");
}
});
try {
interceptor.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("RunAsManager does not support secure object class: class org.springframework.security.intercept.web.FilterInvocation",
expected.getMessage());
}
}
public void testHttpsInvocationReflectsPortNumber() throws Throwable {
// Setup the FilterSecurityInterceptor
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setRunAsManager(new MockRunAsManager());
interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true)); interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true));
SecurityContextHolder.clearContext();
// Setup a mock config attribute definition
MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", "MOCK_OK");
interceptor.setObjectDefinitionSource(mockSource);
// Setup our expectation that the filter chain will be invoked, as access is granted
MockFilterChain chain = new MockFilterChain(true);
// Setup our HTTPS request and response
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setScheme("https");
request.setServerPort(443);
// Setup a Context
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_OK")});
SecurityContextHolder.getContext().setAuthentication(token);
// Create and test our secure object
FilterInvocation fi = new FilterInvocation(request, response, chain);
interceptor.invoke(fi);
} }
public void testNormalStartupAndGetter() throws Exception { @After
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); public void tearDown() throws Exception {
interceptor.setAccessDecisionManager(new MockAccessDecisionManager()); SecurityContextHolder.clearContext();
interceptor.setAuthenticationManager(new MockAuthenticationManager()); }
DefaultFilterInvocationDefinitionSource fidp = @Test(expected=IllegalArgumentException.class)
new DefaultFilterInvocationDefinitionSource(new RegexUrlPathMatcher()); public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
interceptor.setObjectDefinitionSource(fidp); jmock.checking(new Expectations() {{
interceptor.setRunAsManager(new MockRunAsManager()); ignoring(ods);
allowing(adm).supports(FilterInvocation.class); will(returnValue(false));
}});
interceptor.afterPropertiesSet();
}
@Test(expected=IllegalArgumentException.class)
public void testEnsuresRunAsManagerSupportsFilterInvocationClass() throws Exception {
jmock.checking(new Expectations() {{
ignoring(ods);
allowing(ram).supports(FilterInvocation.class); will(returnValue(false));
}});
interceptor.afterPropertiesSet(); interceptor.afterPropertiesSet();
assertTrue(true);
assertEquals(fidp, interceptor.getObjectDefinitionSource());
} }
/** /**
* We just test invocation works in a success event. There is no need to test access denied events as the * We just test invocation works in a success event. There is no need to test access denied events as the
* abstract parent enforces that logic, which is extensively tested separately. * abstract parent enforces that logic, which is extensively tested separately.
*
*/ */
@Test
public void testSuccessfulInvocation() throws Throwable { public void testSuccessfulInvocation() throws Throwable {
// Setup the FilterSecurityInterceptor final MockHttpServletResponse response = new MockHttpServletResponse();
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor(); final MockHttpServletRequest request = new MockHttpServletRequest();
interceptor.setAccessDecisionManager(new MockAccessDecisionManager());
interceptor.setAuthenticationManager(new MockAuthenticationManager());
interceptor.setRunAsManager(new MockRunAsManager());
interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true));
// Setup a mock config attribute definition
MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", "MOCK_OK");
interceptor.setObjectDefinitionSource(mockSource);
// Setup our expectation that the filter chain will be invoked, as access is granted
MockFilterChain chain = new MockFilterChain(true);
// Setup our HTTP request and response
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html"); request.setServletPath("/secure/page.html");
// Setup a Context // Setup a Context
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", final Authentication token = new TestingAuthenticationToken("Test", "Password", "NOT_USED");
new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_OK")});
SecurityContextHolder.getContext().setAuthentication(token); SecurityContextHolder.getContext().setAuthentication(token);
// Create and test our secure object // Create and test our secure object
FilterInvocation fi = new FilterInvocation(request, response, chain); final FilterChain chain = jmock.mock(FilterChain.class);
final FilterInvocation fi = new FilterInvocation(request, response, chain);
final List<ConfigAttribute> attributes = SecurityConfig.createList("MOCK_OK");
jmock.checking(new Expectations() {{
ignoring(ram);
allowing(ods).getAttributes(fi); will(returnValue(attributes));
oneOf(adm).decide(token, fi, attributes);
// Setup our expectation that the filter chain will be invoked, as access is granted
oneOf(chain).doFilter(request, response);
}});
interceptor.invoke(fi); interceptor.invoke(fi);
} }
public void testNotLoadedFromApplicationContext() throws Exception {
LinkedHashMap reqMap = new LinkedHashMap();
reqMap.put(new RequestKey("/secure/**", null), SecurityConfig.createList("ROLE_USER"));
DefaultFilterInvocationDefinitionSource fids
= new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(), reqMap);
FilterSecurityInterceptor filter = new FilterSecurityInterceptor();
filter.setObjectDefinitionSource(fids);
MockFilterChain filterChain = new MockFilterChain();
filterChain.expectToProceed = true;
FilterInvocation fi = new FilterInvocation(
new MockHttpServletRequest(), new MockHttpServletResponse(), filterChain);
filter.invoke(fi);
}
//~ Inner Classes ==================================================================================================
private class MockFilterChain implements FilterChain {
private boolean expectToProceed;
public MockFilterChain(boolean expectToProceed) {
this.expectToProceed = expectToProceed;
}
private MockFilterChain() {
}
public void doFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
if (expectToProceed) {
assertTrue(true);
} else {
fail("Did not expect filter chain to proceed");
}
}
}
private class MockFilterInvocationDefinitionMap implements FilterInvocationDefinitionSource {
private List<ConfigAttribute> toReturn;
private String servletPath;
public MockFilterInvocationDefinitionMap(String servletPath, String... toReturn) {
this.servletPath = servletPath;
this.toReturn = SecurityConfig.createList(toReturn);
}
public List<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
FilterInvocation fi = (FilterInvocation) object;
if (servletPath.equals(fi.getHttpRequest().getServletPath())) {
return toReturn;
} else {
return null;
}
}
public Collection<List<? extends ConfigAttribute>> getAllConfigAttributes() {
return null;
}
public boolean supports(Class clazz) {
return true;
}
}
} }