Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added extra test to itest/context as POC of using extra interceptor with http ns.

This commit is contained in:
Luke Taylor 2010-02-11 01:48:00 +00:00
parent 23511c930f
commit 70ef0d8b3e
3 changed files with 108 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java
View File

@ -558,10 +558,12 @@ public class HttpSecurityBeanDefinitionParserTests {
// Decorated user-filters should be added to stack. The others should be ignored. // Decorated user-filters should be added to stack. The others should be ignored.
String contextHolderFilterClass = SecurityContextHolderAwareRequestFilter.class.getName(); String contextHolderFilterClass = SecurityContextHolderAwareRequestFilter.class.getName();
String contextPersistenceFilterClass = SecurityContextPersistenceFilter.class.getName(); String contextPersistenceFilterClass = SecurityContextPersistenceFilter.class.getName();
System.setProperty("customFilterRef", "userFilter1");
setContext( setContext(
"<b:bean class='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer'/>" +
"<http auto-config='true'>" + "<http auto-config='true'>" +
" <custom-filter position='FIRST' ref='userFilter1' />" + " <custom-filter position='FIRST' ref='${customFilterRef}' />" +
" <custom-filter after='LOGOUT_FILTER' ref='userFilter' />" + " <custom-filter after='LOGOUT_FILTER' ref='userFilter' />" +
" <custom-filter before='SECURITY_CONTEXT_FILTER' ref='userFilter3'/>" + " <custom-filter before='SECURITY_CONTEXT_FILTER' ref='userFilter3'/>" +
"</http>" + AUTH_PROVIDER_XML + "</http>" + AUTH_PROVIDER_XML +

57
itest/context/src/test/java/org/springframework/security/integration/HttpNamespaceWithMultipleInterceptorsTests.java Normal file
View File

@ -0,0 +1,57 @@
package org.springframework.security.integration;
import static org.junit.Assert.*;
import javax.servlet.http.HttpSession;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@ContextConfiguration(locations={"/http-extra-fsi-app-context.xml"})
@RunWith(SpringJUnit4ClassRunner.class)
public class HttpNamespaceWithMultipleInterceptorsTests {
@Autowired
private FilterChainProxy fcp;
@Test
public void requestThatIsMatchedByDefaultInterceptorIsAllowed() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/somefile.html");
request.setSession(createAuthenticatedSession("ROLE_0", "ROLE_1", "ROLE_2"));
MockHttpServletResponse response = new MockHttpServletResponse();
fcp.doFilter(request, response, new MockFilterChain());
assertEquals(200, response.getStatus());
}
@Test
public void securedUrlAccessIsRejectedWithoutRequiredRole() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/somefile.html");
request.setSession(createAuthenticatedSession("ROLE_0"));
MockHttpServletResponse response = new MockHttpServletResponse();
fcp.doFilter(request, response, new MockFilterChain());
assertEquals(403, response.getStatus());
}
public HttpSession createAuthenticatedSession(String... roles) {
MockHttpSession session = new MockHttpSession();
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("bob", "bobspassword", roles));
session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
SecurityContextHolder.clearContext();
return session;
}
}

48
itest/context/src/test/resources/http-extra-fsi-app-context.xml Normal file
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
-
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<sec:http use-expressions="true">
<sec:intercept-url pattern="/**" access="permitAll" />
<sec:form-login />
<sec:custom-filter ref="fsi" after="FILTER_SECURITY_INTERCEPTOR " />
</sec:http>
<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="securityMetadataSource">
<sec:filter-security-metadata-source>
<sec:intercept-url pattern="/secure/extreme/**" access="ROLE_2"/>
<sec:intercept-url pattern="/secure/**" access="ROLE_1"/>
</sec:filter-security-metadata-source>
</property>
<property name="observeOncePerRequest" value="false" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.RoleVoter"/>
</list>
</property>
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider>
<sec:user-service id="userService">
<sec:user name="notused" password="notused" authorities="ROLE_0,ROLE_1"/>
</sec:user-service>
</sec:authentication-provider>
</sec:authentication-manager>
</beans>