SEC-936: Tests
This commit is contained in:
parent
8e0a6b9d1a
commit
959cdd8335
|
@ -0,0 +1,26 @@
|
|||
package org.springframework.security.integration;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.AccessDeniedException;
|
||||
import org.springframework.security.concurrent.SessionRegistry;
|
||||
import org.springframework.security.context.SecurityContextHolder;
|
||||
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
|
||||
@ContextConfiguration(locations={"/sec-936-app-context.xml"})
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
public class SEC936ApplicationContextTests {
|
||||
@Autowired
|
||||
/** SessionRegistry is used as the test service interface (nothing to do with the test) */
|
||||
private SessionRegistry sessionRegistry;
|
||||
|
||||
@Test(expected=AccessDeniedException.class)
|
||||
public void securityInterceptorHandlesCallWithNoTargetObject() {
|
||||
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("bob","bobspassword"));
|
||||
sessionRegistry.getAllPrincipals();
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xmlns:security="http://www.springframework.org/schema/security"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
|
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.5.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
|
||||
|
||||
<security:authentication-provider>
|
||||
<security:user-service>
|
||||
<security:user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B"/>
|
||||
</security:user-service>
|
||||
</security:authentication-provider>
|
||||
|
||||
<security:authentication-manager alias="authenticationManager"/>
|
||||
|
||||
<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
|
||||
<property name="allowIfAllAbstainDecisions" value="false"/>
|
||||
<property name="decisionVoters">
|
||||
<util:list>
|
||||
<bean class="org.springframework.security.vote.RoleVoter" />
|
||||
<bean class="org.springframework.security.vote.AuthenticatedVoter" />
|
||||
</util:list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
|
||||
<property name="validateConfigAttributes" value="true"/>
|
||||
<property name="rejectPublicInvocations" value="true"/>
|
||||
<property name="authenticationManager" ref="authenticationManager"/>
|
||||
<property name="accessDecisionManager" ref="accessDecisionManager"/>
|
||||
<property name="objectDefinitionSource"><value>
|
||||
org.springframework.security.concurrent.SessionRegistry.get*=ROLE_C
|
||||
</value></property>
|
||||
</bean>
|
||||
|
||||
<bean id="httpRemoteService" class="org.springframework.aop.framework.ProxyFactoryBean">
|
||||
<property name="proxyInterfaces" value="org.springframework.security.concurrent.SessionRegistry"/>
|
||||
<property name="interceptorNames">
|
||||
<list>
|
||||
<value>securityInterceptor</value>
|
||||
<value>httpInvokerClientInterceptor</value>
|
||||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="httpInvokerClientInterceptor" class="org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor">
|
||||
<property name="serviceUrl" value="http://somehost/someUrl"/>
|
||||
</bean>
|
||||
|
||||
</beans>
|
Loading…
Reference in New Issue