我在这个主题上看到了类似的问题,但似乎我的问题不大。
我正在关注 [this][1] 文章,但我无法通过 MockUser 的测试用例,我总是得到 403,而不是 200。
下面是我的测试用例。
import static org.mockito.Mockito.when;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import org.junit.Before;
import org.junit.jupiter.api.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import static org.hamcrest.Matchers.is;
import com.ebi.uk.controller.PersonController;
import com.ebi.uk.entity.Person;
import com.ebi.uk.repository.PersonRepository;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@RunWith(SpringRunner.class)
@SpringBootTest
@AutoConfigureMockMvc
@ActiveProfiles("test")
//@WebMvcTest
public class EbiProjectIntegrationTest {
@Autowired
private MockMvc mockMvc;
@MockBean
private PersonRepository mockRepository;
@Before
public void init() {
List<Person> persons = new ArrayList<>();
Person person = new Person("Dumm1","lastDummy", 29);
person.setId(1l);
persons.add(person);
when(mockRepository.findAll()).thenReturn(persons);
}
@WithMockUser("ADMIN")
@Test
public void testGetAllPersons() throws Exception {
mockMvc.perform(get("/persons/all"))
// .andDo(print())
.andExpect(status().isOk());
/*.andExpect(jsonPath("$.id", is(1)))
.andExpect(jsonPath("$.firstName", is("Dumm1")))
.andExpect(jsonPath("$.lastName", is("lastDummy")))
.andExpect(jsonPath("$.age", is(29)));*/
}
}
下面是我的安全配置
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("{noop}password").roles("USER")
.and()
.withUser("admin").password("{noop}password").roles("USER", "ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//HTTP Basic authentication
.httpBasic()
.and()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/persons/**").hasRole("ADMIN")
.antMatchers(HttpMethod.POST, "/persons/**").hasRole("USER")
.antMatchers(HttpMethod.DELETE, "/persons/**").hasRole("ADMIN")
.antMatchers(HttpMethod.PUT, "/persons/**").hasRole("ADMIN")
.and()
.csrf().disable()
.formLogin().disable();
}
}
不知道我哪里出错了 [1]:https://mkyong.com/spring-boot/spring-rest-spring-security-example/