23a7c3010c
Added jwt injection for reactive test mocks
...
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.
Fixes: spring-projectsgh-6896
2019-06-15 10:01:57 -06:00
9323d8e821
Extended testing api for JWT
...
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to the MockMvc request builder.
Issue: spring-projectsgh-6896
2019-06-12 10:09:32 -06:00
d0f5b42884
Mock Jwt Test Support and Jwt.Builder Polish
...
Simplified the initial support to introduce fewer classes and only the
features described in the ticket.
Changed tests to align with existing patterns in the repository.
Added JavaDoc to remaining public methods introduced for this feature.
Issue: gh-6634
Issue: gh-6851
2019-05-22 14:23:02 -06:00
e59d8a529b
Mock Jwt Test Support and Jwt.Builder
...
Fixes: gh-6634
Fixes: gh-6851
2019-05-22 14:23:02 -06:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
1a80d4a66c
Fix Generics in ReactorContextTestExecutionListenerTests for JDK 9+
...
Issue: gh-6075
2018-11-30 12:07:58 -06:00
a28c677f88
ReactorContextTestExecutionListener should use named hooks
...
Fixes: gh-6075
2018-11-30 11:13:26 -06:00
12050404ad
Populate test security context with authentication
...
Add setAuthentication method on TestSecurityContextHolder.
2018-10-03 14:24:45 -04:00
cb0ba58b58
Fix WhitespaceAfterCheck Checkstyle check
2018-08-27 10:45:35 -05:00
18db425861
Polish Javadoc to remove warning
2018-07-18 09:24:59 -06:00
1137f3b46d
Add cross references to ReactorContextTestExecutionListener
...
Fixes: gh-5418
2018-06-11 17:13:24 -05:00
7a204a5f58
Fixes for SPR-16624
...
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
1851aaa66d
Fix ReactorContextTestExecutionListener with custom SecurityContext
...
Fixes: gh-5137
2018-03-19 09:29:27 -05:00
76e36bd06e
fix Mock Authentication resolution
2018-03-19 09:16:55 -05:00
65193963ad
Fix Imports
...
Issue: gh-4888
2018-03-09 09:15:39 -06:00
2228485a40
WithUserDetails supports ReactiveUserDetailsService
...
Fixes: gh-4888
2018-03-08 23:13:19 -06:00
abae2f3e87
Allow WithSecurityContextTestExecutionListener to execute after @Before
...
Fixes: gh-2935
2018-03-08 14:13:07 -06:00
e1a8d250de
Add authenticated().withAuthentication(Consumer<Authentication>)
...
This allows arbitrary assertions of the authenticated user
Fixes: gh-4996
2018-02-02 16:56:45 -06:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
cdcf65de1e
Polish
...
Fixes gh-4425
2017-10-29 23:43:13 -05:00
e0aca04a28
Polish AssertJ assertions
...
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
8da2c7f657
Add WebFlux CSRF Protection
...
Fixes gh-4734
2017-10-28 22:59:24 -05:00
c467dcdbe1
SecurityMockServerConfiguers fixes
...
Issue: gh-4719
2017-10-27 18:17:36 -05:00
77aedcf502
SecurityMockServerConfigurers updates
...
Issue: gh-4719
2017-10-27 18:17:33 -05:00
3bceadd369
Only populate a Context once
...
Fixes gh-4718
2017-10-27 17:35:54 -05:00
be593b95a8
Prefer existing Context in ReactorContextTestExecutionListener
...
Issue gh-4718
2017-10-27 17:35:54 -05:00
9363e2ba41
Polish ReactorContextTestExecutionListenerTests
...
Necessary for preparing for the changes that will be made. The Context
should not necessarily be empty, but it should not contain the SecurityContext
Issue gh-4718
2017-10-27 17:35:54 -05:00
3abec60188
SecurityMockServerConfigurers checkstyle
2017-10-27 17:33:08 -05:00
747473257f
Use ReactorSecurityContextHolder
...
Issue gh-4713
2017-10-26 20:11:42 -05:00
8291f20796
DaoAuthenticationProvider uses DelegatingPasswordEncoder
...
This means that passwords will be encoded with BCrypt by default
Fixes: gh-2775
2017-10-24 07:56:28 -05:00
25052214ae
Polish
2017-10-16 18:33:27 -05:00
23f56f568c
Update MockitJunitRunner import
...
Issue: gh-4608
2017-10-09 16:13:33 -05:00
445834784a
Update to Mockito 2.10.0
...
Issue: gh-4608
2017-10-09 16:13:11 -05:00
1f4082e754
Fix copyright lines
2017-09-18 11:11:25 -05:00
3ecf3ea034
Fix double * in Copyright headers
2017-09-18 10:47:26 -05:00
d9bad2bc9d
Mono.currentContext()->subscriberContext()
...
Fixing refactoring by Reactor
2017-09-01 17:20:47 -05:00
f59fc357b8
Polish ReactorContextTestExecutionListenerTests
...
Code Style fixes
2017-08-30 14:27:14 -05:00
4fd17e4c2e
Fix ReactorContext after changes to Reactor
2017-08-30 14:25:40 -05:00
7ae4506a88
Add ReactorContextTestExecutionListener
...
Fixes gh-4502
2017-08-17 16:42:01 -05:00
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
544f39f826
Add Annotated Support for WebTestClient
...
Fixes gh-4457
2017-07-15 22:05:54 -05:00
6590fc31cd
Use withMutator
...
Fixes gh-4455
2017-07-14 11:01:52 -05:00
03f2d654ad
Fix WebTestClient Support
...
Fixes gh-4419
2017-07-13 21:02:07 -05:00
915de03f42
Polish ExchangeMutatorWebFilter Support
...
Issue gh-4343
2017-05-31 13:23:55 -05:00
7bc98db23c
Add WebTestClient test support
...
SecurityExchangeMutators
Fixes gh-4343
2017-05-19 15:09:23 -05:00
e631805635
Remove RedirectMatcher
...
This is no longer necessary now that Spring 5 is the minimum version.
Fixes gh-4092
2017-05-11 14:38:18 -05:00
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
2ce174dbf0
Update poms to 5.0.0.BUILD-SNAPSHOT
2017-04-07 16:49:50 -04:00
d2524eadfc
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
081f0c4d94
Release version 4.2.2.RELEASE
2017-03-02 07:29:42 +00:00
9c03571bbb
Use message in all Assert
...
This ensures compatibility with Spring 5.
Fixes gh-4193
2017-01-30 19:58:24 -06:00
7a7ce11ebb
Release version 4.2.1.RELEASE
2016-12-21 17:23:28 +00:00
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
6a3a5f7beb
Polish Deprecations
...
Issue gh-4080
2016-10-17 17:02:59 -05:00
52c6e3cf89
Create RedirectMatcher
...
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.
Issue gh-4080
2016-10-17 17:02:58 -05:00
17cfd4707b
Fix deprecations
...
Issue gh-4080
2016-10-17 17:00:18 -05:00
8a7ac398e6
Remove TheController from Bean
...
It is already picked up with classpath scanning
Issue gh-4080
2016-10-17 17:00:17 -05:00
c1b8150439
Release version 4.2.0.M1
2016-09-23 19:39:33 +00:00
4d02a5c0a0
Update pom.xml dependencies
2016-08-30 11:27:29 -05:00
050198e51b
Fix csrf() when used then not used
...
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.
Now the TestCsrfTokenRepository is only used if explicitly enabled.
Fixes gh-4016
2016-08-09 17:09:16 -04:00
919f000c80
Release version 4.1.1.RELEASE
2016-07-07 00:57:35 +00:00
8ad91ef6a5
WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener
...
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.
Fixes gh-3962
2016-07-06 16:09:17 -05:00
bbeb7f94d7
Fix checkstyle
...
Issue gh-3920
2016-06-20 19:36:51 -05:00
a2a06d19c1
Add formLogin() Accept Test
...
Issue gh-3920
2016-06-20 16:23:29 -05:00
314828859e
Added accept method call to buildRequest in SecurityMockMvcRequestBuilders with default of MediaType.APPLICATION_FORM_URLENCODED
2016-06-20 15:46:01 -05:00
a2ead4cf7a
Polish
...
Fixes gh-3892
2016-06-20 12:35:43 -05:00
2d6051625f
Update pom.xml
2016-06-17 14:30:11 -05:00
101190ad8b
Format WithSecurityContextTestExecutionListener
2016-05-20 10:46:26 -05:00
336de35874
Polish WithSecurityContextTestExecutionListener
...
Extract method for reuse
SecurityContext createSecurityContext(AnnotatedElement annotated,
WithSecurityContext withSecurityContext,
TestContext context)
Issue gh-3888
2016-05-20 10:46:26 -05:00
a53d022312
Support WithSecurityContextFactory on superclass
...
Fixes gh-3888
2016-05-20 10:46:14 -05:00
7b61a44929
Fix test .standaloneSetup
...
Previously, Spring Security's test support did not work well with the
standalone setup. This was because the springSecurityFilterChain was not
found by the WebTestUtils.
This commit ensures that the springSecurityFilterChain is added as a
servlet attribute if it is explicitly defined. WebTestUtils can then
find the springSecurityFilterChain in the ServletContext.
Fixes gh-3881
2016-05-16 11:02:40 -04:00
602bb457b8
Formatting
...
Issue gh-3881
2016-05-16 11:02:40 -04:00
001b05569a
Release version 4.1.0.RELEASE
2016-05-05 04:25:46 +00:00
78bf6e2bd5
WithSecurityContextTestExecutionListener supports generic Annotation
...
Previously Spring Security's WithSecurityContextTestExecutionListener
allowed a WithSecurityContextFactory<Annotation> to be used. This
was broken in SEC-3074.
This commit ensures that WithSecurityContextFactory<Annotation> is
supported again.
Fixes gh-3837
2016-05-03 15:41:25 -04:00
ceef70946b
Resolve springSecurityFilterChain to Filter
...
When enabling debug for spring security, the FilterChainProxy will be wrapped by the DebugFilter.
This DebugFilter will be registered as bean springSecurityFilterChain. The WebTestUtils will now search for the bean by name instead of FilterChainProxy class.
In this case we have to cast to a Java ServletFilter to support both filter...
Fixes gh-3836
2016-04-26 15:53:38 -04:00
24d0069668
Release version 4.1.0.RC2
2016-04-21 01:47:25 +00:00
b2b53f7a81
Fix unauthenitcated() and AnonymousAuthenticationToken
...
Previously if unauthenticated() experienced an AnonymousAuthenticationToken
it would not match.
This commit ensures that if the user is anonymous (not just null)
unauthenticated() works.
Fixes gh-3409
2016-04-19 15:08:47 -05:00
8a28a27225
Formatting Polish
2016-04-19 14:24:11 -05:00
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
b90242f2fa
Updates all POM versions to 4.1.0 snapshot build.
...
Fixes gh-3804
2016-04-12 10:35:43 -04:00
a5a5d9a1a9
Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities ( #3793 )
...
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)
Fixes gh-3791
2016-04-08 08:55:53 -05:00
8abb882927
Rename poorly named withUser variable
...
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.
This commit renames the variables to withSecurityContext.
Fixes gh-3775
2016-04-01 10:27:14 -05:00
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
ec4e6c7453
Update pom.xml to 4.1.0.BUILD-SNAPSHOT
2016-03-14 00:51:35 -05:00
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
df5e3ba6ee
Polish Imports
2016-03-09 16:24:50 -06:00
835ac0a217
Add @WithUserDetails userDetailsServiceBeanName
...
Fixes gh-3346
2016-03-09 15:59:23 -06:00
618b8a2d83
Fix WebTestUtils when no matching HttpSecurity found
...
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.
This commit returns null if findFilters gets a null result.
Fixes gh-3343
2016-03-09 15:20:10 -06:00
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
dd092431a0
SEC-2941: Default RequestPostProcessor overrides
...
Previously a default RequestPostProcessor overrode additional
RequestPostProcessor instances added to the request. This was due to
SPR-12945. Now that SPR-12945 is fixed, this commit adds a test to
ensure this stays fixed.
2015-10-21 16:06:49 -05:00
29f2cc0ab1
snasphot -> snapshot
2015-09-25 15:28:39 -05:00
81e2778106
SEC-3097: Change CsrfRequestPostProcessor to use TestCsrfTokenRepository
...
This ensures that when using a wrapped HttpServletRequest (i.e. Spring
Session) that the CSRF token test support still works.
2015-09-02 00:21:40 -05:00
ea94706319
SEC-3097: Use MockMvc for SecurityMockMVcRequestPostProcessorsCsrfTests
...
This is necessary because the changes for this issue are going to make
the mocked version of the tests invalid.
2015-09-02 00:21:39 -05:00
35393098f8
SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor
2015-08-27 15:17:44 -05:00
5f328b1178
SEC-2709: Fix WithSecurityContextTestExecutionListener Order
2015-08-20 10:41:09 -05:00
327695ab0c
SEC-3084: Doc SecurityContextRequestPostProcessorSupport & SecurityContextHolder
2015-08-20 09:30:24 -05:00
567c51e109
SEC-3074: Add Test Meta Annotation Support
2015-08-19 16:05:54 -05:00
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
bc53945d89
Remove unused import in WithSecurityContextTestExecutionListenerTests
2015-07-22 12:44:34 -05:00
2d448658cd
SEC-3042: Add SecurityTestExecutionListeners
2015-07-16 13:51:37 -05:00
4cafd575c0
SEC-3041: Fix WithSecurityContextTestExecutionListener w/ no ApplicationContext
2015-07-16 13:13:46 -05:00
e4517016ca
SEC-2984: Add @WithMockUser authorities property
2015-07-16 08:41:40 -05:00
1bca645add
SEC-2935: Multiple MockMvc invocations proper SecurityContext setup
...
Previously if a MockMvc instance was setup with a user and then again with
no user, then the original user would be setup.
This commit ensures that if a user is setup and then no user is setup no
user is used.
2015-04-22 16:12:18 -05:00
d5dfeeca49
SEC-2927: Update chat-jc pom so Maven Builds
...
Previously there were some incorrect dependency versions. This commit fixes
that.
We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
db531d9100
SEC-2917: Update to Spring 4.1.6
2015-03-25 15:18:59 -05:00
ae6af5d73c
SEC-2915: Updated Java Code Formatting
2015-03-25 13:09:18 -05:00
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
2015-02-20 11:43:04 -06:00
9c5cb2f438
SEC-2593: Add additional test
2015-02-05 10:58:49 -06:00
8f0001f59a
Next Development Version
2014-12-11 20:39:26 -06:00
49b69196de
Release version 4.0.0.RC1
2014-12-11 20:36:55 -06:00
1677836d53
SEC-2790: Deprecate @EnableWebMvcConfig
2014-12-10 21:10:27 -06:00
3171cc4364
SEC-2788: Add @Configuration as meta annotation to @Enable* annotations
2014-12-10 21:10:15 -06:00
11116c2b80
SEC-2787: Update Versions
2014-12-10 16:37:19 -06:00
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
b56e5edbbd
SEC-2784: Fix build plugins
2014-12-08 14:24:34 -06:00
dfa17bdb98
SEC-2747: Remove spring-core dependency from spring-security-crypto
2014-11-20 16:16:22 -06:00
5ba8f000a7
SEC-2714: Add AuthenticationPrincipal resolver for messaging support
2014-09-23 16:28:48 -05:00
d316f661e8
SEC-2719: Fix order sensitive authenticated().withRoles(..)
2014-09-16 10:54:50 -05:00
02c3565e22
Fix compiling in Eclipse
2014-09-16 10:18:46 -05:00
533b71b9b8
SEC-2688: Remove ORDER constant
2014-08-15 21:14:12 -05:00
3187ee8bf3
SEC-2700: Register WithSecurityContextTestExecutionListener by default
2014-08-15 16:41:33 -05:00
b72c1ad314
SEC-2686: Create SecurityMockMvcConfigurer
2014-07-22 15:11:37 -05:00
9654817fd8
SEC-2601: Add DigestRequestPostProcessor
2014-07-21 22:46:18 -05:00
c8348d60e1
SEC-2602: Add test support for x509 certificate
2014-07-21 15:09:30 -05:00
906a0cb0e2
SEC-2684: Correct spelling of WithSecurityContextTestExecutionListener
2014-07-18 13:53:41 -05:00
e4fa42c399
SEC-2593: Add test for TestSecurityContext RPP in stateless mode
2014-06-13 15:28:06 -05:00
7e3e821db1
SEC-2593: Support stateless mode in Spring Security Test
2014-06-13 15:22:06 -05:00
6d45957eec
SEC-2572: Add spring-security-test method showcase
...
This will allow for using the showcase in the documentation.
2014-05-07 10:45:52 -05:00
dabe3a03e7
SEC-2586: Create DefaultSecurityTestExecutionListeners
2014-05-07 10:44:05 -05:00
00e1094178
Add springio-platform plugin
2014-04-23 14:35:22 -05:00
8baf82532c
SEC-2015: Add spring-security-test
2014-04-22 16:47:48 -05:00
b8b31d6f65
Tidy up Maven migration by eliminating unnecessary directories and having Eclipse classpath use MAVEN_REPO.
2004-12-05 07:21:30 +00:00
2426bb9e8e
Make JdbcDaoTests use in-memory database.
2004-07-29 03:32:23 +00:00
e2de3c9dbc
Enhance AuthenticationProcessingFilterEntryPoint and related classes, to support a property forcing the login page to be access via https even if the original intercepted request came in as http.
2004-04-22 21:47:05 +00:00
3ceb492cb2
move password encoder tests to proper packages.
...
rename saltSource param in PasswordEncoder interfce to salt. It was already called salt in subclasses, and is in fact supposed to be the salt, not the source for the salt, although depending on the implementation it may still be treated as the latter.
2004-04-17 02:18:46 +00:00
3d089aaa67
move and rename password encoding classes.
...
change saltSource arument to salt argument, which impl may or may not use.
2004-04-16 03:44:04 +00:00
5d9d734735
more final version of the various PasswordEncoder implementations.
...
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
2004-04-15 16:32:09 +00:00
41a837f8cd
add back HSQL db in test dir, as it turns out _it is_ supposed to be in CVS
...
modify JdbcDaoTests to test for role prefix functionality
fix glitch in JdbcDaoImpl
modify Eclipse classpath so HSQL lib is loaded, so unit tests can run in Eclipse as well.
2004-04-15 03:34:18 +00:00
547b1ff4e3
remove test data that somehow got checked into CVS
2004-04-14 03:39:30 +00:00
sandmannn
Josh Cummings
Jérôme Wacongne
Spring Operator
Rob Winch
Aanuoluwapo Otitoola
Tadaya Tsuyukubo
Vedran Pavic
mhyeon.lee
Oleh Dokuka
Johnny Lim
Antoine
Joe Grandja
Rob Winch
Spring Buildmaster
Micah Silverman
Eddú Meléndez
Jens Goldhammer
Billy Korando
zhanhb
Thomas Darimont
Ben Alex
Colin Sampaleanu