Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add EnableWebSecurity + EnableWebSocketSecurity Test 

Issue gh-16011
This commit is contained in:
Josh Cummings 2024-11-20 12:21:07 -07:00
parent 30c9860fc3
commit 91832bfc8e
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
config/src/test/java/org/springframework/security/config/annotation/web/socket/WebSocketMessageBrokerSecurityConfigurationTests.java
View File

@ -68,6 +68,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authorization.AuthorizationDecision; import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager; import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.config.annotation.SecurityContextChangedListenerConfig; import org.springframework.security.config.annotation.SecurityContextChangedListenerConfig;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry; import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry;
import org.springframework.security.config.observation.SecurityObservationSettings; import org.springframework.security.config.observation.SecurityObservationSettings;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -438,6 +439,12 @@ public class WebSocketMessageBrokerSecurityConfigurationTests {
verifyNoInteractions(observationHandler); verifyNoInteractions(observationHandler);
} }
// gh-16011
@Test
public void enableWebSocketSecurityWhenWebSocketSecurityUsedThenAutowires() {
loadConfig(WithWebSecurity.class);
}
private void assertHandshake(HttpServletRequest request) { private void assertHandshake(HttpServletRequest request) {
TestHandshakeHandler handshakeHandler = this.context.getBean(TestHandshakeHandler.class); TestHandshakeHandler handshakeHandler = this.context.getBean(TestHandshakeHandler.class);
assertThatCsrfToken(handshakeHandler.attributes.get(CsrfToken.class.getName())).isEqualTo(this.token); assertThatCsrfToken(handshakeHandler.attributes.get(CsrfToken.class.getName())).isEqualTo(this.token);
@ -489,6 +496,7 @@ public class WebSocketMessageBrokerSecurityConfigurationTests {
private void loadConfig(Class<?>... configs) { private void loadConfig(Class<?>... configs) {
this.context = new AnnotationConfigWebApplicationContext(); this.context = new AnnotationConfigWebApplicationContext();
this.context.setAllowBeanDefinitionOverriding(false);
this.context.register(configs); this.context.register(configs);
this.context.setServletConfig(new MockServletConfig()); this.context.setServletConfig(new MockServletConfig());
this.context.refresh(); this.context.refresh();
@ -939,6 +947,13 @@ public class WebSocketMessageBrokerSecurityConfigurationTests {
} }
@Configuration(proxyBeanMethods = false)
@EnableWebSecurity
@Import(WebSocketSecurityConfig.class)
static class WithWebSecurity {
}
@Configuration @Configuration
static class SyncExecutorConfig { static class SyncExecutorConfig {