Explicitly set useSuffixPatternMatch for Tests
Spring MVC changed their default behavior in https://github.com/spring-projects/spring-framework/issues/23915 This causes failures in some of Spring Security's tests. This explicitly sets useSuffixPatternMatch=true to ensure that Spring Security still works if users have modified their defaults. Closes gh-8493
This commit is contained in:
parent
6d5d883518
commit
d91b153cad
|
@ -89,7 +89,7 @@ try {
|
||||||
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
||||||
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
||||||
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
||||||
sh "./gradlew test -PforceMavenRepositories=snapshot -PspringVersion='5.2.+' -PreactorVersion=Dysprosium-BUILD-SNAPSHOT -PspringDataVersion=Lovelace-BUILD-SNAPSHOT -PlocksDisabled --stacktrace"
|
sh "./gradlew test -PforceMavenRepositories=snapshot -PspringVersion='5.+' -PreactorVersion=Dysprosium-BUILD-SNAPSHOT -PspringDataVersion=Lovelace-BUILD-SNAPSHOT -PlocksDisabled --stacktrace"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch(Exception e) {
|
} catch(Exception e) {
|
||||||
|
|
|
@ -36,6 +36,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||||
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
|
||||||
|
@ -69,7 +71,7 @@ public class WebSecurityTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void ignoringMvcMatcher() throws Exception {
|
public void ignoringMvcMatcher() throws Exception {
|
||||||
loadConfig(MvcMatcherConfig.class);
|
loadConfig(MvcMatcherConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setRequestURI("/path");
|
this.request.setRequestURI("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -141,7 +143,7 @@ public class WebSecurityTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void ignoringMvcMatcherServletPath() throws Exception {
|
public void ignoringMvcMatcherServletPath() throws Exception {
|
||||||
loadConfig(MvcMatcherServletPathConfig.class);
|
loadConfig(MvcMatcherServletPathConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/spring");
|
this.request.setServletPath("/spring");
|
||||||
this.request.setRequestURI("/spring/path");
|
this.request.setRequestURI("/spring/path");
|
||||||
|
@ -216,6 +218,14 @@ public class WebSecurityTests {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
static class LegacyMvcMatchingConfig implements WebMvcConfigurer {
|
||||||
|
@Override
|
||||||
|
public void configurePathMatch(PathMatchConfigurer configurer) {
|
||||||
|
configurer.setUseSuffixPatternMatch(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void loadConfig(Class<?>... configs) {
|
public void loadConfig(Class<?>... configs) {
|
||||||
this.context = new AnnotationConfigWebApplicationContext();
|
this.context = new AnnotationConfigWebApplicationContext();
|
||||||
this.context.register(configs);
|
this.context.register(configs);
|
||||||
|
|
|
@ -46,6 +46,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||||
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.mockito.Mockito.spy;
|
import static org.mockito.Mockito.spy;
|
||||||
|
@ -292,7 +294,7 @@ public class AuthorizeRequestsTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void mvcMatcher() throws Exception {
|
public void mvcMatcher() throws Exception {
|
||||||
loadConfig(MvcMatcherConfig.class);
|
loadConfig(MvcMatcherConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setRequestURI("/path");
|
this.request.setRequestURI("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -350,7 +352,7 @@ public class AuthorizeRequestsTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void requestWhenMvcMatcherDenyAllThenRespondsWithUnauthorized() throws Exception {
|
public void requestWhenMvcMatcherDenyAllThenRespondsWithUnauthorized() throws Exception {
|
||||||
loadConfig(MvcMatcherInLambdaConfig.class);
|
loadConfig(MvcMatcherInLambdaConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setRequestURI("/path");
|
this.request.setRequestURI("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -410,7 +412,7 @@ public class AuthorizeRequestsTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void mvcMatcherServletPath() throws Exception {
|
public void mvcMatcherServletPath() throws Exception {
|
||||||
loadConfig(MvcMatcherServletPathConfig.class);
|
loadConfig(MvcMatcherServletPathConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/spring");
|
this.request.setServletPath("/spring");
|
||||||
this.request.setRequestURI("/spring/path");
|
this.request.setRequestURI("/spring/path");
|
||||||
|
@ -487,7 +489,7 @@ public class AuthorizeRequestsTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void requestWhenMvcMatcherServletPathDenyAllThenMatchesOnServletPath() throws Exception {
|
public void requestWhenMvcMatcherServletPathDenyAllThenMatchesOnServletPath() throws Exception {
|
||||||
loadConfig(MvcMatcherServletPathInLambdaConfig.class);
|
loadConfig(MvcMatcherServletPathInLambdaConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/spring");
|
this.request.setServletPath("/spring");
|
||||||
this.request.setRequestURI("/spring/path");
|
this.request.setRequestURI("/spring/path");
|
||||||
|
@ -697,6 +699,14 @@ public class AuthorizeRequestsTests {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
static class LegacyMvcMatchingConfig implements WebMvcConfigurer {
|
||||||
|
@Override
|
||||||
|
public void configurePathMatch(PathMatchConfigurer configurer) {
|
||||||
|
configurer.setUseSuffixPatternMatch(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void loadConfig(Class<?>... configs) {
|
public void loadConfig(Class<?>... configs) {
|
||||||
this.context = new AnnotationConfigWebApplicationContext();
|
this.context = new AnnotationConfigWebApplicationContext();
|
||||||
this.context.register(configs);
|
this.context.register(configs);
|
||||||
|
|
|
@ -36,6 +36,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||||
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.springframework.security.config.Customizer.withDefaults;
|
import static org.springframework.security.config.Customizer.withDefaults;
|
||||||
|
@ -71,7 +73,7 @@ public class HttpSecurityRequestMatchersTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void mvcMatcher() throws Exception {
|
public void mvcMatcher() throws Exception {
|
||||||
loadConfig(MvcMatcherConfig.class);
|
loadConfig(MvcMatcherConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/path");
|
this.request.setServletPath("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -137,7 +139,7 @@ public class HttpSecurityRequestMatchersTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void requestMatchersMvcMatcher() throws Exception {
|
public void requestMatchersMvcMatcher() throws Exception {
|
||||||
loadConfig(RequestMatchersMvcMatcherConfig.class);
|
loadConfig(RequestMatchersMvcMatcherConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/path");
|
this.request.setServletPath("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -198,7 +200,7 @@ public class HttpSecurityRequestMatchersTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void requestMatchersWhenMvcMatcherInLambdaThenPathIsSecured() throws Exception {
|
public void requestMatchersWhenMvcMatcherInLambdaThenPathIsSecured() throws Exception {
|
||||||
loadConfig(RequestMatchersMvcMatcherInLambdaConfig.class);
|
loadConfig(RequestMatchersMvcMatcherInLambdaConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/path");
|
this.request.setServletPath("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -377,6 +379,14 @@ public class HttpSecurityRequestMatchersTests {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
static class LegacyMvcMatchingConfig implements WebMvcConfigurer {
|
||||||
|
@Override
|
||||||
|
public void configurePathMatch(PathMatchConfigurer configurer) {
|
||||||
|
configurer.setUseSuffixPatternMatch(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void loadConfig(Class<?>... configs) {
|
public void loadConfig(Class<?>... configs) {
|
||||||
this.context = new AnnotationConfigWebApplicationContext();
|
this.context = new AnnotationConfigWebApplicationContext();
|
||||||
this.context.register(configs);
|
this.context.register(configs);
|
||||||
|
|
|
@ -36,6 +36,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||||
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
|
||||||
|
@ -71,7 +73,7 @@ public class UrlAuthorizationConfigurerTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void mvcMatcher() throws Exception {
|
public void mvcMatcher() throws Exception {
|
||||||
loadConfig(MvcMatcherConfig.class);
|
loadConfig(MvcMatcherConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setRequestURI("/path");
|
this.request.setRequestURI("/path");
|
||||||
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
|
||||||
|
@ -129,7 +131,7 @@ public class UrlAuthorizationConfigurerTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void mvcMatcherServletPath() throws Exception {
|
public void mvcMatcherServletPath() throws Exception {
|
||||||
loadConfig(MvcMatcherServletPathConfig.class);
|
loadConfig(MvcMatcherServletPathConfig.class, LegacyMvcMatchingConfig.class);
|
||||||
|
|
||||||
this.request.setServletPath("/spring");
|
this.request.setServletPath("/spring");
|
||||||
this.request.setRequestURI("/spring/path");
|
this.request.setRequestURI("/spring/path");
|
||||||
|
@ -222,6 +224,14 @@ public class UrlAuthorizationConfigurerTests {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
static class LegacyMvcMatchingConfig implements WebMvcConfigurer {
|
||||||
|
@Override
|
||||||
|
public void configurePathMatch(PathMatchConfigurer configurer) {
|
||||||
|
configurer.setUseSuffixPatternMatch(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void loadConfig(Class<?>... configs) {
|
public void loadConfig(Class<?>... configs) {
|
||||||
this.context = new AnnotationConfigWebApplicationContext();
|
this.context = new AnnotationConfigWebApplicationContext();
|
||||||
this.context.register(configs);
|
this.context.register(configs);
|
||||||
|
|
|
@ -20,6 +20,7 @@ import org.junit.Rule
|
||||||
import org.junit.Test
|
import org.junit.Test
|
||||||
import org.springframework.beans.factory.annotation.Autowired
|
import org.springframework.beans.factory.annotation.Autowired
|
||||||
import org.springframework.context.annotation.Bean
|
import org.springframework.context.annotation.Bean
|
||||||
|
import org.springframework.context.annotation.Configuration
|
||||||
import org.springframework.http.HttpMethod
|
import org.springframework.http.HttpMethod
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
||||||
|
@ -42,6 +43,8 @@ import org.springframework.web.bind.annotation.PathVariable
|
||||||
import org.springframework.web.bind.annotation.RequestMapping
|
import org.springframework.web.bind.annotation.RequestMapping
|
||||||
import org.springframework.web.bind.annotation.RestController
|
import org.springframework.web.bind.annotation.RestController
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc
|
||||||
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for [AuthorizeRequestsDsl]
|
* Tests for [AuthorizeRequestsDsl]
|
||||||
|
@ -128,7 +131,7 @@ class AuthorizeRequestsDslTests {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
fun `request when allowed by mvc then responds with OK`() {
|
fun `request when allowed by mvc then responds with OK`() {
|
||||||
this.spring.register(AuthorizeRequestsByMvcConfig::class.java).autowire()
|
this.spring.register(AuthorizeRequestsByMvcConfig::class.java, LegacyMvcMatchingConfig::class.java).autowire()
|
||||||
|
|
||||||
this.mockMvc.get("/path")
|
this.mockMvc.get("/path")
|
||||||
.andExpect {
|
.andExpect {
|
||||||
|
@ -166,6 +169,13 @@ class AuthorizeRequestsDslTests {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
open class LegacyMvcMatchingConfig : WebMvcConfigurer {
|
||||||
|
override fun configurePathMatch(configurer: PathMatchConfigurer) {
|
||||||
|
configurer.setUseSuffixPatternMatch(true)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
fun `request when secured by mvc path variables then responds based on path variable value`() {
|
fun `request when secured by mvc path variables then responds based on path variable value`() {
|
||||||
this.spring.register(MvcMatcherPathVariablesConfig::class.java).autowire()
|
this.spring.register(MvcMatcherPathVariablesConfig::class.java).autowire()
|
||||||
|
|
|
@ -32,7 +32,9 @@
|
||||||
<http-basic/>
|
<http-basic/>
|
||||||
</http>
|
</http>
|
||||||
|
|
||||||
<mvc:annotation-driven/>
|
<mvc:annotation-driven>
|
||||||
|
<mvc:path-matching suffix-pattern="true"/>
|
||||||
|
</mvc:annotation-driven>
|
||||||
|
|
||||||
<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
|
<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,9 @@
|
||||||
<http-basic/>
|
<http-basic/>
|
||||||
</http>
|
</http>
|
||||||
|
|
||||||
<mvc:annotation-driven/>
|
<mvc:annotation-driven>
|
||||||
|
<mvc:path-matching suffix-pattern="true"/>
|
||||||
|
</mvc:annotation-driven>
|
||||||
|
|
||||||
<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
|
<b:bean name="path" class="org.springframework.security.config.http.InterceptUrlConfigTests.PathController"/>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue