我有一个Spring启动应用程序,只是添加了安全性。这打破了我的测试,因为上下文甚至无法加载。
测试正在处理服务和持久层,因此安全性根本不会影响它们。这是为了控制器。
我按照官方的github示例进行了这个简单的安全配置:
@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").csrf().disable();
http.authorizeRequests()
.antMatchers("/user").permitAll()
.anyRequest().authenticated();
}
}
运行应用程序正常并且符合预期。但是运行测试,例如:
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = DeadlinesApplication.class)
public class TaskDAOHibernateTest {
@Test
@Transactional
public void someTest() {...}
}
失败:
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'applicationSecurity': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire method: public void org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.setAuthenticationConfiguration(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration); nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}
将@EnableWebSecurity注释添加到类中允许测试通过,但是在文档中写了:
To switch off the default web security configuration completely you can add a bean with @EnableWebSecurity
我想保留默认配置,只是有选择地覆盖它。