函数TestRestTemplate.withBasicAuth不起作用

时间:2019-07-19 07:31:53

标签: junit spring-security java-8 resttemplate

函数TestRestTemplate.withBasicAuth不起作用。

在设置中,打开对所有端点的访问。 当我尝试找出

(SecurityContextHolder.getContext (). GetAuthentication (). GetPrincipal (). 
 GetUsername ())

谁被授权我得到anonUser。下面是代码段。

// security config
@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                .csrf().disable()
                .exceptionHandling().and()
                .anonymous().and()
                .servletApi().and()
                .authorizeRequests()
                .antMatchers(HttpMethod.GET, "/**").permitAll()
                .antMatchers(HttpMethod.POST, "/**").permitAll()
                .anyRequest().authenticated();

        http.formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/j_spring_security_check")
                .failureUrl("/login?error")
                .usernameParameter("j_email")
                .passwordParameter("j_password")
                .permitAll();

        http.logout()
                .permitAll()
                .logoutUrl("/logout")
                .logoutSuccessUrl("/login?logout")
                .invalidateHttpSession(true);
    }

// code on server
// get user from db
private CUser getDBUser() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        String username;

        if (principal instanceof UserDetails) {
            username = ((UserDetails) principal).getUsername();
        } else {
            username = principal.toString();
        }

        System.out.println(username);
        CUser dbCUser = userService.findByEmail(username);

        return dbCUser;
    }
// endpoint /cabinet/spring_test, login test
@GetMapping("/spring_test")
    public ResponseEntity<Message> onSpringTest() {
        if (getDBUser() != null)
        return new ResponseEntity<>(new Message("/spring_test", "test success"), HttpStatus.OK);
        return new ResponseEntity<>(
                new Message("/spring_test",
                        "Unauthorized."),
                HttpStatus.UNAUTHORIZED);
    }

// unit test on login
@Test
    public void testLogin() {
        CUser user = new CUser(
                "vex788",
                passwordEncoder.encode("testvex"),
                UserRole.ADMIN,
                "testvex@mail.com",
                "0123456789",
                false,
                "123.45.67.89"
        );

        if (userService.addUser(user)) System.out.println("Admin added.");

        TestRestTemplate restTemplate = new TestRestTemplate();
        ResponseEntity<Message> result = restTemplate
                .withBasicAuth("testvex@mail.com","testvex")
                .getForEntity("http://localhost:8080/cabinet/spring_test", Message.class);
        System.out.println(result.getBody().getMessage());
        Assert.assertEquals(HttpStatus.OK, result.getStatusCode());
    }

我收到此代码的未授权。

0 个答案:

没有答案
相关问题
最新问题