Search in sources :

Example 1 with TransientSecurityContext

use of org.springframework.security.core.context.TransientSecurityContext in project spring-security by spring-projects.

the class HttpSessionSecurityContextRepositoryTests method saveContextWhenTransientSecurityContextSubclassThenSkipped.

@Test
public void saveContextWhenTransientSecurityContextSubclassThenSkipped() {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
    SecurityContext context = repo.loadContext(holder);
    SecurityContext transientSecurityContext = new TransientSecurityContext() {
    };
    Authentication authentication = TestAuthentication.authenticatedUser();
    transientSecurityContext.setAuthentication(authentication);
    repo.saveContext(transientSecurityContext, holder.getRequest(), holder.getResponse());
    MockHttpSession session = (MockHttpSession) request.getSession(false);
    assertThat(session).isNull();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) SecurityContext(org.springframework.security.core.context.SecurityContext) MockHttpSession(org.springframework.mock.web.MockHttpSession) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 2 with TransientSecurityContext

use of org.springframework.security.core.context.TransientSecurityContext in project spring-security by spring-projects.

the class HttpSessionSecurityContextRepositoryTests method saveContextWhenTransientSecurityContextWithCustomAnnotationThenSkipped.

@Test
public void saveContextWhenTransientSecurityContextWithCustomAnnotationThenSkipped() {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
    SecurityContext context = repo.loadContext(holder);
    SecurityContext transientSecurityContext = new TransientSecurityContext();
    Authentication authentication = TestAuthentication.authenticatedUser();
    transientSecurityContext.setAuthentication(authentication);
    repo.saveContext(transientSecurityContext, holder.getRequest(), holder.getResponse());
    MockHttpSession session = (MockHttpSession) request.getSession(false);
    assertThat(session).isNull();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) SecurityContext(org.springframework.security.core.context.SecurityContext) MockHttpSession(org.springframework.mock.web.MockHttpSession) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 3 with TransientSecurityContext

use of org.springframework.security.core.context.TransientSecurityContext in project spring-security by spring-projects.

the class HttpSessionSecurityContextRepositoryTests method saveContextWhenTransientSecurityContextThenSkipped.

@Test
public void saveContextWhenTransientSecurityContextThenSkipped() {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
    SecurityContext context = repo.loadContext(holder);
    SecurityContext transientSecurityContext = new TransientSecurityContext();
    Authentication authentication = TestAuthentication.authenticatedUser();
    transientSecurityContext.setAuthentication(authentication);
    repo.saveContext(transientSecurityContext, holder.getRequest(), holder.getResponse());
    MockHttpSession session = (MockHttpSession) request.getSession(false);
    assertThat(session).isNull();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) SecurityContext(org.springframework.security.core.context.SecurityContext) MockHttpSession(org.springframework.mock.web.MockHttpSession) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 4 with TransientSecurityContext

use of org.springframework.security.core.context.TransientSecurityContext in project spring-security by spring-projects.

the class HttpSessionSecurityContextRepositoryTests method saveContextWhenTransientSecurityContextAndSessionExistsThenSkipped.

@Test
public void saveContextWhenTransientSecurityContextAndSessionExistsThenSkipped() {
    HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
    MockHttpServletRequest request = new MockHttpServletRequest();
    // ensure the session exists
    request.getSession();
    MockHttpServletResponse response = new MockHttpServletResponse();
    HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
    SecurityContext context = repo.loadContext(holder);
    SecurityContext transientSecurityContext = new TransientSecurityContext();
    Authentication authentication = TestAuthentication.authenticatedUser();
    transientSecurityContext.setAuthentication(authentication);
    repo.saveContext(transientSecurityContext, holder.getRequest(), holder.getResponse());
    MockHttpSession session = (MockHttpSession) request.getSession(false);
    assertThat(Collections.list(session.getAttributeNames())).isEmpty();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) SecurityContext(org.springframework.security.core.context.SecurityContext) MockHttpSession(org.springframework.mock.web.MockHttpSession) TransientSecurityContext(org.springframework.security.core.context.TransientSecurityContext) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Aggregations

Test (org.junit.jupiter.api.Test)4 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)4 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4 MockHttpSession (org.springframework.mock.web.MockHttpSession)4 TestAuthentication (org.springframework.security.authentication.TestAuthentication)4 Authentication (org.springframework.security.core.Authentication)4 SecurityContext (org.springframework.security.core.context.SecurityContext)4 TransientSecurityContext (org.springframework.security.core.context.TransientSecurityContext)4