Example 1 with HttpStatusServerEntryPoint
use of org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint in project spring-security by spring-projects.
the class ServerHttpSecurityTests method basicWhenXHRRequestThenUnauthorized.
@Test
public void basicWhenXHRRequestThenUnauthorized() {
ServerAuthenticationEntryPoint authenticationEntryPoint = spy(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED));
this.http.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
this.http.authorizeExchange().anyExchange().authenticated();
WebTestClient client = buildClient();
// @formatter:off
client.get().uri("/").header("X-Requested-With", "XMLHttpRequest").exchange().expectStatus().isUnauthorized().expectHeader().doesNotExist("WWW-Authenticate").expectHeader().valueMatches(HttpHeaders.CACHE_CONTROL, ".+").expectBody().isEmpty();
// @formatter:on
verify(authenticationEntryPoint).commence(any(), any());
}
Also used :
WebTestClient(org.springframework.test.web.reactive.server.WebTestClient)
HttpBasicServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)
ServerAuthenticationEntryPoint(org.springframework.security.web.server.ServerAuthenticationEntryPoint)
HttpStatusServerEntryPoint(org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)1
ServerAuthenticationEntryPoint (org.springframework.security.web.server.ServerAuthenticationEntryPoint)1
HttpBasicServerAuthenticationEntryPoint (org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint)1
HttpStatusServerEntryPoint (org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint)1
WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)1
