Search in sources :

Example 86 with MockMvc

use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.

the class H2ConsoleAutoConfigurationIntegrationTests method noPrincipal.

@Test
public void noPrincipal() throws Exception {
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
    mockMvc.perform(get("/h2-console/")).andExpect(status().isUnauthorized());
}
Also used : MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Example 87 with MockMvc

use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.

the class H2ConsoleAutoConfigurationIntegrationTests method someOtherPrincipal.

@Test
public void someOtherPrincipal() throws Exception {
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
    mockMvc.perform(get("/h2-console/").with(user("test").roles("FOO"))).andExpect(status().isForbidden());
}
Also used : MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Example 88 with MockMvc

use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.

the class H2ConsoleAutoConfigurationIntegrationTests method userPrincipal.

@Test
public void userPrincipal() throws Exception {
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
    mockMvc.perform(get("/h2-console/").with(user("test").roles("USER"))).andExpect(status().isOk()).andExpect(header().string("X-Frame-Options", "SAMEORIGIN"));
}
Also used : MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Example 89 with MockMvc

use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.

the class SpringBootWebSecurityConfigurationTests method contentSecurityPolicyConfiguration.

@Test
public void contentSecurityPolicyConfiguration() throws Exception {
    this.context = SpringApplication.run(VanillaWebConfiguration.class, "--security.headers.content-security-policy=default-src 'self';", "--server.port=0");
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup((WebApplicationContext) this.context).addFilters((FilterChainProxy) this.context.getBean("springSecurityFilterChain", Filter.class)).build();
    mockMvc.perform(MockMvcRequestBuilders.get("/")).andExpect(MockMvcResultMatchers.header().string("Content-Security-Policy", is("default-src 'self';"))).andExpect(MockMvcResultMatchers.header().doesNotExist("Content-Security-Policy-Report-Only"));
}
Also used : FilterChainProxy(org.springframework.security.web.FilterChainProxy) Filter(javax.servlet.Filter) MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Example 90 with MockMvc

use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.

the class SpringBootWebSecurityConfigurationTests method testWebConfigurationFilterChainUnauthenticatedWithAuthorizeModeAuthenticated.

@Test
public void testWebConfigurationFilterChainUnauthenticatedWithAuthorizeModeAuthenticated() throws Exception {
    this.context = SpringApplication.run(VanillaWebConfiguration.class, "--server.port=0", "--security.basic.authorize-mode=authenticated");
    MockMvc mockMvc = MockMvcBuilders.webAppContextSetup((WebApplicationContext) this.context).addFilters(this.context.getBean("springSecurityFilterChain", Filter.class)).build();
    mockMvc.perform(MockMvcRequestBuilders.get("/")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(MockMvcResultMatchers.header().string("www-authenticate", Matchers.containsString("realm=\"Spring\"")));
}
Also used : MockMvc(org.springframework.test.web.servlet.MockMvc) Test(org.junit.Test)

Aggregations

MockMvc (org.springframework.test.web.servlet.MockMvc)97 Test (org.junit.Test)91 AnnotationConfigWebApplicationContext (org.springframework.web.context.support.AnnotationConfigWebApplicationContext)25 Todo (org.springframework.sync.Todo)16 List (java.util.List)15 TodoRepository (org.springframework.sync.TodoRepository)15 Filter (javax.servlet.Filter)13 MockServletContext (org.springframework.mock.web.MockServletContext)13 AnnotationConfigApplicationContext (org.springframework.context.annotation.AnnotationConfigApplicationContext)12 OncePerRequestFilter (org.springframework.web.filter.OncePerRequestFilter)9 MvcResult (org.springframework.test.web.servlet.MvcResult)6 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)5 Ignore (org.junit.Ignore)3 FilterChainProxy (org.springframework.security.web.FilterChainProxy)3 WebConnection (com.gargoylesoftware.htmlunit.WebConnection)2 CountDownLatch (java.util.concurrent.CountDownLatch)2 HttpSession (javax.servlet.http.HttpSession)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2 DirectFieldAccessor (org.springframework.beans.DirectFieldAccessor)2