Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1937: Added test to demonstrate SEC-1937 was invalid

This commit is contained in:
Rob Winch 2013-09-11 15:10:42 -07:00
parent 3c82e63ded
commit 662bb24370
2 changed files with 56 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
View File

@ -42,6 +42,7 @@ abstract class AbstractXmlConfigTests extends Specification {
def mockBean(Class clazz, String id = clazz.simpleName) { def mockBean(Class clazz, String id = clazz.simpleName) {
xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') { xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') {
'b:constructor-arg'(value : clazz.name) 'b:constructor-arg'(value : clazz.name)
'b:constructor-arg'(value : id)
} }
} }

58
config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
View File

@ -1,7 +1,17 @@
package org.springframework.security.config.http package org.springframework.security.config.http
import static org.mockito.Mockito.*
import org.powermock.api.mockito.internal.verification.VerifyNoMoreInteractions;
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException import org.springframework.beans.factory.parsing.BeanDefinitionParsingException
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.config.BeanIds import org.springframework.security.config.BeanIds
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.FilterChainProxy import org.springframework.security.web.FilterChainProxy
import org.junit.Assert import org.junit.Assert
import org.springframework.beans.factory.BeanCreationException import org.springframework.beans.factory.BeanCreationException
@ -60,9 +70,52 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
} }
def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() {
setup:
xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') {
'form-login'('login-processing-url': '/first/login')
}
xml.http('authentication-manager-ref' : 'authManager2') {
'form-login'()
}
mockBean(UserDetailsService,'uds')
mockBean(UserDetailsService,'uds2')
createAppContext("""
<authentication-manager id="authManager">
<authentication-provider user-service-ref="uds" />
</authentication-manager>
<authentication-manager id="authManager2">
<authentication-provider user-service-ref="uds2" />
</authentication-manager>
""")
UserDetailsService uds = appContext.getBean('uds')
UserDetailsService uds2 = appContext.getBean('uds2')
when:
MockHttpServletRequest request = new MockHttpServletRequest()
MockHttpServletResponse response = new MockHttpServletResponse()
MockFilterChain chain = new MockFilterChain()
request.servletPath = "/first/login"
request.requestURI = "/first/login"
request.method = 'POST'
springSecurityFilterChain.doFilter(request,response,chain)
then:
verify(uds).loadUserByUsername(anyString()) || true
verifyZeroInteractions(uds2) || true
when:
MockHttpServletRequest request2 = new MockHttpServletRequest()
MockHttpServletResponse response2 = new MockHttpServletResponse()
MockFilterChain chain2 = new MockFilterChain()
request2.servletPath = "/j_spring_security_check"
request2.requestURI = "/j_spring_security_check"
request2.method = 'POST'
springSecurityFilterChain.doFilter(request2,response2,chain2)
then:
verify(uds2).loadUserByUsername(anyString()) || true
verifyNoMoreInteractions(uds) || true
}
def namedFilterChainIsExposedAsABean () { def multipleAuthenticationManagersWorks () {
xml.http(name: 'basic', pattern: '/basic/**', 'create-session': 'stateless') { xml.http(name: 'basic', pattern: '/basic/**', ) {
'http-basic'() 'http-basic'()
} }
xml.http(pattern: '/form/**') { xml.http(pattern: '/form/**') {
@ -75,5 +128,4 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
expect: expect:
Assert.assertSame (basicChain, appContext.getBean('basic')) Assert.assertSame (basicChain, appContext.getBean('basic'))
} }
} }