今天,我将项目从Spring Boot 1.5.9更新到了2.1.1,并且一些测试停止了工作。当我开始测试时,控制台上会弹出错误消息:
com.example.rest.config.SecurityConfig中的字段authEntryPoint需要一个类型为'com.example.rest.service.auth.entrypoints.AuthenticationEntryPoint'的bean。
问题是我在SecurityConfig类中定义了这种类型的bean,但是我在TestApplication类的测试包中覆盖了此配置。安全配置在那里定义为静态内部类。我尝试了不同的方法,包括Spring概要文件和@Primary批注,但是似乎没有任何效果,并且Spring没有像以前那样选择我的测试配置。唯一有效的方法是,当我删除SecurityConfig类的非测试版本,而测试版本仅成为这种类型的bean。
有人可以告诉我如何覆盖此原始配置,或者如何仅出于测试目的而关闭Spring Security?或者也许有一种方法可以迫使Spring不要拿起未经测试的@Configuration bean?
SecurityConfig.class
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthenticationEntryPoint authEntryPoint;
@Autowired
BasicAuthenticationProvider basicAuthProvider;
@Autowired
PreAuthenticatedUserDetailsService preAuthUserDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/rest/query/id/*/user/*",
"/rest/files/**/*").hasAnyRole("CLIENT", "SYSTEM")
.antMatchers("/public/api/management/**/*").hasRole("SYSTEM")
.antMatchers("/public/api/**/*").hasAnyRole("SYSTEM", "USER")
.antMatchers("/rest/**/*").hasRole("SYSTEM")
.and()
.x509()
.userDetailsService(preAuthUserDetailsService)
.and()
.httpBasic()
.authenticationEntryPoint(authEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().csrf().disable();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(basicAuthProvider);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/").antMatchers("/rest/files/name/**");
}
}
使用SecurityConfig在内部测试SpringBootClass
@SpringBootApplication 公共类TestApplication {
@Configuration
@EnableWebSecurity
public static class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/**").permitAll()
.and().csrf().disable();
}
}
}
套件中的示例测试
@RunWith(SpringRunner.class)
@WebMvcTest(DocumentManagementController.class)
public class DocumentManagementControllerTests {
@Autowired
MockMvc mvc;
@MockBean
SystemMetadataService systemMetadataService;
@MockBean
CustomMetadataService customMetadataService;
@MockBean
PrinterService printerService;
@MockBean
EventLoggerService eventLoggerService;
@Captor ArgumentCaptor<String> systemCaptor;
@Captor ArgumentCaptor<String> clientCaptor;
@Captor ArgumentCaptor<Boolean> holdCaptor;
@Captor ArgumentCaptor<String> retentionCaptor;
@Captor ArgumentCaptor<String> objectPathCaptor;
@Captor ArgumentCaptor<Boolean> accessCaptor;
@Captor ArgumentCaptor<Boolean> manualProcessingCaptor;
@Captor ArgumentCaptor<Boolean> incorrectCaptor;
@Captor ArgumentCaptor<Integer> statusCaptor;
@Captor ArgumentCaptor<Boolean> noTemplateCaptor;
@Test
public void setDocumentAccess_givenProperData_shouldReturnOk() throws Exception {
when(customMetadataService.setDocumentAccess(anyString(), anyBoolean()))
.then(inv -> new HcpCreateObjectResult(inv.getArgument(0)));
Boolean accessForbidden = true; String objectPath = "path";
mvc.perform(get("/rest/management/access/forbid/"+accessForbidden+"?objectPath="+objectPath))
.andExpect(status().isOk());
verify(customMetadataService).setDocumentAccess(objectPathCaptor.capture(), accessCaptor.capture());
assertThat(objectPathCaptor.getValue(), is(equalTo(objectPath)));
assertThat(accessCaptor.getValue(), is(equalTo(accessForbidden)));
}
答案 0 :(得分:0)
我设法使用@Profile和@ActiveProfiles来完成这项工作。但是我不得不将我的静态内部@Configuration类提取到另一个Java文件中,然后它自动开始工作。仍然找不到为什么它在早期版本的Spring Boot中起作用