我正在使用TestRestTemplate的getForEntity。但是,它不会返回我在WebSecurityConfig类中配置的TLS,HSTS或HPKP标头。然而,它确实在现实世界的环境中工作。为什么安全过滤器链在测试期间没有调用?
@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
public class SecurityTest {
@Autowired
private TestRestTemplate restTemplate;
@LocalServerPort
private String portNumber;
@Test
public void testHeaders() {
ResponseEntity<?> response = this.restTemplate.getForEntity(
"/path/does/not/exist", Object.class);
HttpHeaders responseHeaders = response.getHeaders();
Set<Map.Entry<String, List<String>>> headers = responseHeaders.entrySet();
headers.stream().forEach((entry) -> {
assert entry.getKey().equals(SOMETHING_VALUABLE);
});
}
}