Example 26 with TestingAuthenticationToken
use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.
the class HttpSecurityLogoutTests method clearAuthenticationFalse.
// SEC-2848
@Test
public void clearAuthenticationFalse() throws Exception {
loadConfig(ClearAuthenticationFalseConfig.class);
SecurityContext currentContext = SecurityContextHolder.createEmptyContext();
currentContext.setAuthentication(new TestingAuthenticationToken("user", "password", "ROLE_USER"));
request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, currentContext);
request.setMethod("POST");
request.setServletPath("/logout");
springSecurityFilterChain.doFilter(request, response, chain);
assertThat(currentContext.getAuthentication()).isNotNull();
}
Also used :
SecurityContext(org.springframework.security.core.context.SecurityContext)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 27 with TestingAuthenticationToken
use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.
the class PreAuthorizeTests method preAuthorizeAdminRoleGranted.
@Test
public void preAuthorizeAdminRoleGranted() {
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass", "ROLE_ADMIN"));
service.preAuthorizeAdminRole();
}
Also used :
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 28 with TestingAuthenticationToken
use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.
the class Sec2196Tests method genericMethodsProtected.
@Test(expected = AccessDeniedException.class)
public void genericMethodsProtected() {
loadContext("<global-method-security secured-annotations=\"enabled\" pre-post-annotations=\"enabled\"/>" + "<b:bean class='" + Service.class.getName() + "'/>");
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("test", "pass", "ROLE_USER"));
Service service = context.getBean(Service.class);
service.save(new User());
}
Also used :
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 29 with TestingAuthenticationToken
use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.
the class SecuredAnnotationDrivenBeanDefinitionParserTests method targetIsSerializableAfterUse.
@Test(expected = AccessDeniedException.class)
public void targetIsSerializableAfterUse() throws Exception {
try {
target.someAdminMethod();
} catch (AuthenticationCredentialsNotFoundException expected) {
}
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("u", "p", "ROLE_A"));
BusinessService chompedTarget = (BusinessService) serializeAndDeserialize(target);
chompedTarget.someAdminMethod();
}
Also used :
BusinessService(org.springframework.security.access.annotation.BusinessService)
AuthenticationCredentialsNotFoundException(org.springframework.security.authentication.AuthenticationCredentialsNotFoundException)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Example 30 with TestingAuthenticationToken
use of org.springframework.security.authentication.TestingAuthenticationToken in project spring-security by spring-projects.
the class SecuredTests method securedAdminRoleDenied.
@Test(expected = AccessDeniedException.class)
public void securedAdminRoleDenied() {
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass", "ROLE_USER"));
service.securedAdminRole();
}
Also used :
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Test(org.junit.Test)
Aggregations
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)183
Test (org.junit.Test)106
Authentication (org.springframework.security.core.Authentication)76
SecurityContext (org.springframework.security.core.context.SecurityContext)46
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)38
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)38
MifosUser (org.mifos.security.MifosUser)36
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)32
MifosUserBuilder (org.mifos.builders.MifosUserBuilder)28
Before (org.junit.Before)25
AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)13
HttpServletRequest (javax.servlet.http.HttpServletRequest)12
HttpServletResponse (javax.servlet.http.HttpServletResponse)10
ConfigAttribute (org.springframework.security.access.ConfigAttribute)10
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9
MockFilterChain (org.springframework.mock.web.MockFilterChain)9
GrantedAuthority (org.springframework.security.core.GrantedAuthority)9
FilterChain (javax.servlet.FilterChain)8
MutableAcl (org.springframework.security.acls.model.MutableAcl)8
PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)7
