use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.
the class H2ConsoleAutoConfigurationIntegrationTests method noPrincipal.
@Test
public void noPrincipal() throws Exception {
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
mockMvc.perform(get("/h2-console/")).andExpect(status().isUnauthorized());
}
use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.
the class H2ConsoleAutoConfigurationIntegrationTests method someOtherPrincipal.
@Test
public void someOtherPrincipal() throws Exception {
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
mockMvc.perform(get("/h2-console/").with(user("test").roles("FOO"))).andExpect(status().isForbidden());
}
use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.
the class H2ConsoleAutoConfigurationIntegrationTests method userPrincipal.
@Test
public void userPrincipal() throws Exception {
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(this.context).apply(springSecurity()).build();
mockMvc.perform(get("/h2-console/").with(user("test").roles("USER"))).andExpect(status().isOk()).andExpect(header().string("X-Frame-Options", "SAMEORIGIN"));
}
use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.
the class SpringBootWebSecurityConfigurationTests method contentSecurityPolicyConfiguration.
@Test
public void contentSecurityPolicyConfiguration() throws Exception {
this.context = SpringApplication.run(VanillaWebConfiguration.class, "--security.headers.content-security-policy=default-src 'self';", "--server.port=0");
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup((WebApplicationContext) this.context).addFilters((FilterChainProxy) this.context.getBean("springSecurityFilterChain", Filter.class)).build();
mockMvc.perform(MockMvcRequestBuilders.get("/")).andExpect(MockMvcResultMatchers.header().string("Content-Security-Policy", is("default-src 'self';"))).andExpect(MockMvcResultMatchers.header().doesNotExist("Content-Security-Policy-Report-Only"));
}
use of org.springframework.test.web.servlet.MockMvc in project spring-boot by spring-projects.
the class SpringBootWebSecurityConfigurationTests method testWebConfigurationFilterChainUnauthenticatedWithAuthorizeModeAuthenticated.
@Test
public void testWebConfigurationFilterChainUnauthenticatedWithAuthorizeModeAuthenticated() throws Exception {
this.context = SpringApplication.run(VanillaWebConfiguration.class, "--server.port=0", "--security.basic.authorize-mode=authenticated");
MockMvc mockMvc = MockMvcBuilders.webAppContextSetup((WebApplicationContext) this.context).addFilters(this.context.getBean("springSecurityFilterChain", Filter.class)).build();
mockMvc.perform(MockMvcRequestBuilders.get("/")).andExpect(MockMvcResultMatchers.status().isUnauthorized()).andExpect(MockMvcResultMatchers.header().string("www-authenticate", Matchers.containsString("realm=\"Spring\"")));
}
Aggregations