Examples with MockServletContext org.springframework.mock.web.MockServletContext used on opensource projects

Example 21 with MockServletContext

use of org.springframework.mock.web.MockServletContext in project spring-boot by spring-projects.

the class ManagementWebSecurityAutoConfigurationTests method testWebConfiguration.

@Test
public void testWebConfiguration() throws Exception {
    this.context = new AnnotationConfigWebApplicationContext();
    this.context.setServletContext(new MockServletContext());
    this.context.register(SecurityAutoConfiguration.class, WebMvcAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class, JacksonAutoConfiguration.class, HttpMessageConvertersAutoConfiguration.class, EndpointAutoConfiguration.class, EndpointWebMvcAutoConfiguration.class, PropertyPlaceholderAutoConfiguration.class, AuditAutoConfiguration.class);
    EnvironmentTestUtils.addEnvironment(this.context, "security.basic.enabled:false");
    this.context.refresh();
    assertThat(this.context.getBean(AuthenticationManagerBuilder.class)).isNotNull();
    FilterChainProxy filterChainProxy = this.context.getBean(FilterChainProxy.class);
    // 1 for static resources, one for management endpoints and one for the rest
    assertThat(filterChainProxy.getFilterChains()).hasSize(3);
    assertThat(filterChainProxy.getFilters("/beans")).isNotEmpty();
    assertThat(filterChainProxy.getFilters("/beans/")).isNotEmpty();
    assertThat(filterChainProxy.getFilters("/beans.foo")).isNotEmpty();
    assertThat(filterChainProxy.getFilters("/beans/foo/bar")).isNotEmpty();
}

Example 22 with MockServletContext

use of org.springframework.mock.web.MockServletContext in project spring-boot by spring-projects.

the class ManagementWebSecurityAutoConfigurationTests method testDisableBasicAuthOnApplicationPaths.

@Test
public void testDisableBasicAuthOnApplicationPaths() throws Exception {
    this.context = new AnnotationConfigWebApplicationContext();
    this.context.setServletContext(new MockServletContext());
    this.context.register(WebConfiguration.class);
    EnvironmentTestUtils.addEnvironment(this.context, "security.basic.enabled:false");
    this.context.refresh();
    // Just the management endpoints (one filter) and ignores now plus the backup
    // filter on app endpoints
    assertThat(this.context.getBean(FilterChainProxy.class).getFilterChains()).hasSize(3);
}

Example 23 with MockServletContext

use of org.springframework.mock.web.MockServletContext in project spring-boot by spring-projects.

the class ManagementWebSecurityAutoConfigurationTests method testOverrideAuthenticationManager.

@Test
public void testOverrideAuthenticationManager() throws Exception {
    this.context = new AnnotationConfigWebApplicationContext();
    this.context.setServletContext(new MockServletContext());
    this.context.register(TestConfiguration.class, SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class, EndpointAutoConfiguration.class, PropertyPlaceholderAutoConfiguration.class);
    this.context.refresh();
    assertThat(this.context.getBean(AuthenticationManager.class)).isEqualTo(this.context.getBean(TestConfiguration.class).authenticationManager);
}

Example 24 with MockServletContext

use of org.springframework.mock.web.MockServletContext in project spring-boot by spring-projects.

the class ManagementWebSecurityAutoConfigurationTests method testMarkAllEndpointsSensitive.

@Test
public void testMarkAllEndpointsSensitive() throws Exception {
    // gh-4368
    this.context = new AnnotationConfigWebApplicationContext();
    this.context.setServletContext(new MockServletContext());
    this.context.register(WebConfiguration.class);
    EnvironmentTestUtils.addEnvironment(this.context, "endpoints.sensitive:true");
    this.context.refresh();
    MockMvc mockMvc = //
    MockMvcBuilders.webAppContextSetup(this.context).apply(//
    springSecurity()).build();
    //
    mockMvc.perform(//
    get("/health")).andExpect(status().isUnauthorized());
    //
    mockMvc.perform(//
    get("/info")).andExpect(status().isUnauthorized());
}

Example 25 with MockServletContext

use of org.springframework.mock.web.MockServletContext in project spring-boot by spring-projects.

the class ManagementWebSecurityAutoConfigurationTests method realmSameForManagement.

// gh-2466
@Test
public void realmSameForManagement() throws Exception {
    this.context = new AnnotationConfigWebApplicationContext();
    this.context.setServletContext(new MockServletContext());
    this.context.register(AuthenticationConfig.class, SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class, JacksonAutoConfiguration.class, HttpMessageConvertersAutoConfiguration.class, EndpointAutoConfiguration.class, EndpointWebMvcAutoConfiguration.class, WebMvcAutoConfiguration.class, PropertyPlaceholderAutoConfiguration.class, AuditAutoConfiguration.class);
    this.context.refresh();
    Filter filter = this.context.getBean("springSecurityFilterChain", Filter.class);
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).addFilters(filter).build();
    // no user (Main)
    mockMvc.perform(MockMvcRequestBuilders.get("/home")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(springAuthenticateRealmHeader());
    // invalid user (Main)
    mockMvc.perform(MockMvcRequestBuilders.get("/home").header("authorization", "Basic xxx")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(springAuthenticateRealmHeader());
    // no user (Management)
    mockMvc.perform(MockMvcRequestBuilders.get("/beans")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(springAuthenticateRealmHeader());
    // invalid user (Management)
    mockMvc.perform(MockMvcRequestBuilders.get("/beans").header("authorization", "Basic xxx")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(springAuthenticateRealmHeader());
}