use of jakarta.servlet.ServletContext in project spring-security by spring-projects.
the class AbstractSecurityWebApplicationInitializerTests method onStartupWhenDefaultsThenSessionTrackingModes.
@Test
public void onStartupWhenDefaultsThenSessionTrackingModes() {
ServletContext context = mock(ServletContext.class);
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
ArgumentCaptor<Set<SessionTrackingMode>> modesCaptor = ArgumentCaptor.forClass(new HashSet<SessionTrackingMode>() {
}.getClass());
willDoNothing().given(context).setSessionTrackingModes(modesCaptor.capture());
new AbstractSecurityWebApplicationInitializer() {
}.onStartup(context);
assertProxyDefaults(proxyCaptor.getValue());
Set<SessionTrackingMode> modes = modesCaptor.getValue();
assertThat(modes).hasSize(1);
assertThat(modes).containsExactly(SessionTrackingMode.COOKIE);
}
use of jakarta.servlet.ServletContext in project spring-security by spring-projects.
the class AbstractSecurityWebApplicationInitializerTests method onStartupWhenCustomSecurityDispatcherTypesThenUses.
@Test
public void onStartupWhenCustomSecurityDispatcherTypesThenUses() {
ServletContext context = mock(ServletContext.class);
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
new AbstractSecurityWebApplicationInitializer() {
@Override
protected EnumSet<DispatcherType> getSecurityDispatcherTypes() {
return EnumSet.of(DispatcherType.REQUEST, DispatcherType.ERROR, DispatcherType.FORWARD);
}
}.onStartup(context);
assertProxyDefaults(proxyCaptor.getValue());
verify(registration).addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST, DispatcherType.ERROR, DispatcherType.FORWARD), false, "/*");
verify(registration).setAsyncSupported(true);
verifyNoAddListener(context);
}
use of jakarta.servlet.ServletContext in project spring-security by spring-projects.
the class AbstractSecurityWebApplicationInitializerTests method onStartupWhenDuplicateFilterInsertedThenException.
@Test
public void onStartupWhenDuplicateFilterInsertedThenException() {
Filter filter1 = mock(Filter.class);
ServletContext context = mock(ServletContext.class);
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
assertThatIllegalStateException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
@Override
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
insertFilters(context, filter1);
}
}.onStartup(context)).withMessage("Duplicate Filter registration for 'object'. Check to ensure the Filter is only configured once.");
assertProxyDefaults(proxyCaptor.getValue());
verify(registration).addMappingForUrlPatterns(DEFAULT_DISPATCH, false, "/*");
verify(context).addFilter(anyString(), eq(filter1));
}
use of jakarta.servlet.ServletContext in project spring-security by spring-projects.
the class AbstractSecurityWebApplicationInitializerTests method onStartupWhenDuplicateFilterAppendedThenException.
@Test
public void onStartupWhenDuplicateFilterAppendedThenException() {
Filter filter1 = mock(Filter.class);
ServletContext context = mock(ServletContext.class);
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
assertThatIllegalStateException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
@Override
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
appendFilters(context, filter1);
}
}.onStartup(context)).withMessage("Duplicate Filter registration for 'object'. " + "Check to ensure the Filter is only configured once.");
assertProxyDefaults(proxyCaptor.getValue());
verify(registration).addMappingForUrlPatterns(DEFAULT_DISPATCH, false, "/*");
verify(context).addFilter(anyString(), eq(filter1));
}
use of jakarta.servlet.ServletContext in project spring-security by spring-projects.
the class AbstractSecurityWebApplicationInitializerTests method onStartupWhenNullFilterAppendedThenException.
@Test
public void onStartupWhenNullFilterAppendedThenException() {
Filter filter = mock(Filter.class);
ServletContext context = mock(ServletContext.class);
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
given(context.addFilter(anyString(), eq(filter))).willReturn(registration);
assertThatIllegalArgumentException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
@Override
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
appendFilters(context, filter, null);
}
}.onStartup(context)).withMessageContaining("filters cannot contain null values");
verify(context, times(2)).addFilter(anyString(), any(Filter.class));
}
Aggregations