Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-936: Tests

This commit is contained in:
Luke Taylor 2008-08-16 01:58:45 +00:00
parent 8e0a6b9d1a
commit 959cdd8335
2 changed files with 78 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
sandbox/itest/context/src/test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java Normal file
View File

@ -0,0 +1,26 @@
package org.springframework.security.integration;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.concurrent.SessionRegistry;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@ContextConfiguration(locations={"/sec-936-app-context.xml"})
@RunWith(SpringJUnit4ClassRunner.class)
public class SEC936ApplicationContextTests {
@Autowired
/** SessionRegistry is used as the test service interface (nothing to do with the test) */
private SessionRegistry sessionRegistry;
@Test(expected=AccessDeniedException.class)
public void securityInterceptorHandlesCallWithNoTargetObject() {
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("bob","bobspassword"));
sessionRegistry.getAllPrincipals();
}
}

52
sandbox/itest/context/src/test/resources/sec-936-app-context.xml Executable file
View File

@ -0,0 +1,52 @@
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
<security:authentication-provider>
<security:user-service>
<security:user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B"/>
</security:user-service>
</security:authentication-provider>
<security:authentication-manager alias="authenticationManager"/>
<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<util:list>
<bean class="org.springframework.security.vote.RoleVoter" />
<bean class="org.springframework.security.vote.AuthenticatedVoter" />
</util:list>
</property>
</bean>
<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
<property name="validateConfigAttributes" value="true"/>
<property name="rejectPublicInvocations" value="true"/>
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource"><value>
org.springframework.security.concurrent.SessionRegistry.get*=ROLE_C
</value></property>
</bean>
<bean id="httpRemoteService" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces" value="org.springframework.security.concurrent.SessionRegistry"/>
<property name="interceptorNames">
<list>
<value>securityInterceptor</value>
<value>httpInvokerClientInterceptor</value>
</list>
</property>
</bean>
<bean id="httpInvokerClientInterceptor" class="org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor">
<property name="serviceUrl" value="http://somehost/someUrl"/>
</bean>
</beans>