测试WebSecurityConfigurerAdapter

时间:2015-05-24 06:01:41

标签: java spring spring-mvc spring-security spring-boot

这是我的测试,我添加了额外的标题测试after testing my filter 

@RunWith( SpringJUnit4ClassRunner.class )
@WebAppConfiguration
@EnableWebMvcSecurity
@SpringApplicationConfiguration( classes = {
        MockServletContext.class,
        HttpSessionConfig.class,
        WebSecurityConfig.class
} )
@SuppressWarnings( "PMD.TooManyStaticImports" )
public class HeadersTest {

    private MockMvc mockMvc = null;

    @Autowired
    private WebApplicationContext context;

    @Before
    public void setup() {
        mockMvc = MockMvcBuilders.webAppContextSetup( context )
                .addFilter( new CORSFilter(), "/*" )
                .build();
    }

    @Test
    public void testOptions() throws Exception {
        mockMvc.perform( options( "/" ) )
                .andExpect( status().is2xxSuccessful() )
                .andExpect( header().string( "Access-Control-Allow-Origin", notNullValue() ) )
                .andExpect( header().string( "Access-Control-Allow-",
                        equalToIgnoringCase( "POST, GET, PUT, OPTIONS, DELETE" ) ) )
                .andExpect( header().string( "Access-Control-Allow-Headers",
                        equalToIgnoringCase( "content-type, x-auth-token, x-requested-with" ) ) )
                .andExpect( header().string( "Access-Control-Expose-Headers", equalToIgnoringCase( "Location" ) ) )
                .andExpect( header().string( "Access-Control-Max-Age", notNullValue() ) )
        ;
    }    
}

如果从配置中删除WebSecurityConfig.class,则测试有效,但是当我添加它时,我得到此异常

 Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.config.annotation.ObjectPostProcessor]

这是WebSecurityConfig 

@Configuration
@Order( SecurityProperties.BASIC_AUTH_ORDER - 1 )
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure( final HttpSecurity http ) throws Exception {
        http.httpBasic().and()
                .authorizeRequests()
                .antMatchers( "/" ).permitAll()
                .anyRequest().authenticated();
    }
}

如何更改测试以使WebSecurityConfig正确?

1 个答案:

答案 0 :(得分:0)

这似乎有效,但看起来显得更重,所以也许他们的答案更轻/更快?

我添加了

@SpringBootApplication
public class Application {
}

并加载它,以及添加@WebAppConfiguration和我的WebSecurityConfig

@RunWith( SpringJUnit4ClassRunner.class )
@WebAppConfiguration
@SpringBootApplication
@SpringApplicationConfiguration( classes = {
        MockServletContext.class,
        HttpSessionConfig.class,
        WebSecurityConfig.class,
        Application.class
} )
public class HeadersTest {

现在测试再次通过,并添加一个检查X-Frame-Options

的测试
相关问题
最新问题