use of org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter in project spring-security by spring-projects.
the class RequestAttributeAuthenticationFilterTests method rejectsMissingHeader.
@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
public void rejectsMissingHeader() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
filter.doFilter(request, response, chain);
}
use of org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter in project spring-security by spring-projects.
the class RequestAttributeAuthenticationFilterTests method credentialsAreRetrievedIfHeaderNameIsSet.
@Test
public void credentialsAreRetrievedIfHeaderNameIsSet() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
MockFilterChain chain = new MockFilterChain();
RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
filter.setAuthenticationManager(createAuthenticationManager());
filter.setCredentialsEnvironmentVariable("myCredentialsVariable");
request.setAttribute("REMOTE_USER", "cat");
request.setAttribute("myCredentialsVariable", "catspassword");
filter.doFilter(request, response, chain);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
assertThat(SecurityContextHolder.getContext().getAuthentication().getCredentials()).isEqualTo("catspassword");
}
Aggregations