4 |
5 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/service/MessageService.java:
--------------------------------------------------------------------------------
1 | package org.springframework.security.test.context.showcase.service;
2 |
3 | import org.springframework.security.access.prepost.PreAuthorize;
4 |
5 | /**
6 | * @author Rob Winch
7 | */
8 | public interface MessageService {
9 | String getMessage();
10 | }
11 |
--------------------------------------------------------------------------------
/src/main/resources/log4j.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/src/main/java/sample/data/MessageRepository.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.data;
14 |
15 | import org.springframework.data.repository.CrudRepository;
16 |
17 | /**
18 | *
19 | * @author Rob Winch
20 | *
21 | */
22 | public interface MessageRepository extends CrudRepository {
23 |
24 | }
25 |
--------------------------------------------------------------------------------
/src/test/java/sample/fest/Assertions.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.fest;
17 |
18 | import sample.data.Message;
19 |
20 | /**
21 | * @author Rob Winch
22 | */
23 | public class Assertions extends org.fest.assertions.Assertions {
24 |
25 | public static MessageAssert assertThat(Message message) {
26 | return new MessageAssert(message);
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/src/main/java/sample/config/WebSecurityAppInitializer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
19 |
20 | /**
21 | * @author Rob Winch
22 | */
23 | public class WebSecurityAppInitializer extends AbstractSecurityWebApplicationInitializer {
24 | public WebSecurityAppInitializer() {
25 | super(WebSecurityConfig.class);
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/templates/messages/view.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Messages : View
6 |
7 |
8 |
9 |
34 |
35 |
--------------------------------------------------------------------------------
/src/main/java/sample/config/WebMvcAppInitializer.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
19 |
20 | /**
21 | * @author Rob Winch
22 | */
23 | public class WebMvcAppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
24 | @Override
25 | protected Class[] getRootConfigClasses() {
26 | return null;
27 | }
28 |
29 | @Override
30 | protected Class[] getServletConfigClasses() {
31 | return new Class[] { DataConfig.class, WebMvcConfig.class};
32 | }
33 |
34 | @Override
35 | protected String[] getServletMappings() {
36 | return new String[] { "/"};
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/test/java/sample/webdriver/pages/AbstractPage.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.webdriver.pages;
14 |
15 | import org.openqa.selenium.WebDriver;
16 | import org.openqa.selenium.WebElement;
17 | import org.openqa.selenium.support.FindBy;
18 |
19 | /**
20 | * Represents the common elements in a page within the message application.
21 | *
22 | * @author Rob Winch
23 | *
24 | */
25 | public class AbstractPage {
26 | protected WebDriver driver;
27 |
28 | @FindBy(css = "label.error, .alert-error")
29 | private WebElement errors;
30 |
31 | public AbstractPage(WebDriver driver) {
32 | setDriver(driver);
33 | }
34 |
35 | public void setDriver(WebDriver driver) {
36 | this.driver = driver;
37 | }
38 |
39 | public String getErrors() {
40 | return errors.getText();
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/service/HelloMessageService.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package org.springframework.security.test.context.showcase.service;
17 |
18 | import org.springframework.security.access.prepost.PreAuthorize;
19 | import org.springframework.security.core.Authentication;
20 | import org.springframework.security.core.context.SecurityContextHolder;
21 | import org.springframework.stereotype.Component;
22 |
23 | /**
24 | * @author Rob Winch
25 | */
26 | @Component
27 | public class HelloMessageService implements MessageService {
28 |
29 | @PreAuthorize("authenticated")
30 | public String getMessage() {
31 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
32 | return "Hello " + authentication;
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/src/main/java/sample/config/WebSecurityConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import org.springframework.beans.factory.annotation.Autowired;
19 | import org.springframework.context.annotation.Configuration;
20 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
21 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
22 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
23 |
24 | /**
25 | * @author Rob Winch
26 | */
27 | @EnableWebMvcSecurity
28 | @Configuration
29 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
30 | @Autowired
31 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
32 | auth
33 | .inMemoryAuthentication()
34 | .withUser("user").password("password").roles("USER");
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/templates/messages/form.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Messages : Create
5 |
6 |
7 |
8 |
9 |
Messages : Create
10 |
23 |
24 |
25 |
26 |
33 |
34 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/WithMockCustomUser.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.context.showcase;
17 |
18 | import org.springframework.security.test.context.support.WithSecurityContext;
19 |
20 | /**
21 | * @author Rob Winch
22 | */
23 | @WithSecurityContext(factory = WithMockCustomUserSecurityContextFactory.class)
24 | public @interface WithMockCustomUser {
25 | /**
26 | * The username to be used. The default is rob
27 | * @return
28 | */
29 | String username() default "rob";
30 |
31 | /**
32 | * The roles to use. The default is "USER". A {@link org.springframework.security.core.GrantedAuthority} will
33 | * be created for each value within roles. Each value in roles will
34 | * automatically be prefixed with "ROLE_". For example, the default will
35 | * result in "ROLE_USER" being used.
36 | *
37 | * @return
38 | */
39 | String[] roles() default { "USER" };
40 |
41 | /**
42 | * The name of the user
43 | * @return
44 | */
45 | String name() default "Rob Winch";
46 | }
47 |
--------------------------------------------------------------------------------
/src/test/java/sample/webdriver/pages/CreateMessagePage.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.webdriver.pages;
14 |
15 | import org.openqa.selenium.WebDriver;
16 | import org.openqa.selenium.WebElement;
17 | import org.openqa.selenium.support.FindBy;
18 | import org.openqa.selenium.support.PageFactory;
19 | import sample.data.Message;
20 |
21 | /**
22 | * Represents the page where a {@link Message} is created.
23 | *
24 | * @author Rob Winch
25 | *
26 | */
27 | public class CreateMessagePage extends AbstractPage {
28 | private WebElement summary;
29 |
30 | private WebElement text;
31 |
32 | @FindBy(css = "input[type=submit]")
33 | private WebElement submit;
34 |
35 | public CreateMessagePage(WebDriver driver) {
36 | super(driver);
37 | }
38 |
39 | public T createMessage(Class resultPage, String summary, String details) {
40 | this.summary.sendKeys(summary);
41 | this.text.sendKeys(details);
42 | this.submit.click();
43 | return PageFactory.initElements(driver, resultPage);
44 | }
45 |
46 | public static CreateMessagePage to(WebDriver driver) {
47 | driver.get("http://localhost:9990/mail/messages/form");
48 | return PageFactory.initElements(driver, CreateMessagePage.class);
49 | }
50 | }
--------------------------------------------------------------------------------
/src/test/java/sample/fest/MessageAssert.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.fest;
17 |
18 | import org.fest.assertions.ObjectAssert;
19 | import org.springframework.test.util.MatcherAssertionErrors;
20 | import sample.data.Message;
21 |
22 | import java.util.Calendar;
23 |
24 | import static org.fest.assertions.Assertions.assertThat;
25 |
26 | /**
27 | * @author Rob Winch
28 | */
29 | public class MessageAssert extends ObjectAssert {
30 |
31 | public MessageAssert(Message message) {
32 | super(message);
33 | }
34 |
35 | @Override
36 | public MessageAssert isEqualTo(Object expected) {
37 | isEqualToIgnoringGeneratedFields(expected);
38 | Message expectedMessage = (Message) expected;
39 | Message actualMessage = (Message) actual;
40 | assertThat(actualMessage.getId()).isEqualTo(expectedMessage.getId());
41 | assertThat(actualMessage.getCreated()).isEqualTo(expectedMessage.getCreated());
42 | return this;
43 | }
44 |
45 | public MessageAssert isEqualToIgnoringGeneratedFields(Object expected) {
46 | assertThat(expected).isInstanceOf(Message.class);
47 | Message expectedMessage = (Message) expected;
48 | Message actualMessage = (Message) actual;
49 | assertThat(actualMessage.getSummary()).isEqualTo(expectedMessage.getSummary());
50 | assertThat(actualMessage.getText()).isEqualTo(expectedMessage.getText());
51 | return this;
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/src/main/java/sample/data/Message.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.data;
14 |
15 | import java.util.Calendar;
16 |
17 | import javax.persistence.Entity;
18 | import javax.persistence.GeneratedValue;
19 | import javax.persistence.GenerationType;
20 | import javax.persistence.Id;
21 | import javax.persistence.Version;
22 |
23 | import org.hibernate.validator.constraints.NotEmpty;
24 |
25 | /**
26 | *
27 | * @author Rob Winch
28 | *
29 | */
30 | @Entity
31 | public class Message {
32 | @Id
33 | @GeneratedValue(strategy = GenerationType.AUTO)
34 | private Long id;
35 |
36 | @NotEmpty(message = "Message is required.")
37 | private String text;
38 |
39 | @NotEmpty(message = "Summary is required.")
40 | private String summary;
41 |
42 | @Version
43 | private Calendar created = Calendar.getInstance();
44 |
45 | public Long getId() {
46 | return id;
47 | }
48 |
49 | public void setId(Long id) {
50 | this.id = id;
51 | }
52 |
53 | public Calendar getCreated() {
54 | return created;
55 | }
56 |
57 | public void setCreated(Calendar created) {
58 | this.created = created;
59 | }
60 |
61 | public String getText() {
62 | return text;
63 | }
64 |
65 | public void setText(String text) {
66 | this.text = text;
67 | }
68 |
69 | public String getSummary() {
70 | return summary;
71 | }
72 |
73 | public void setSummary(String summary) {
74 | this.summary = summary;
75 | }
76 | }
77 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/WithMockCustomUserSecurityContextFactory.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package org.springframework.security.test.context.showcase;
17 |
18 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
19 | import org.springframework.security.core.Authentication;
20 | import org.springframework.security.core.GrantedAuthority;
21 | import org.springframework.security.core.authority.AuthorityUtils;
22 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
23 | import org.springframework.security.core.context.SecurityContext;
24 | import org.springframework.security.core.context.SecurityContextHolder;
25 | import org.springframework.security.test.context.support.WithSecurityContextFactory;
26 |
27 | import java.util.ArrayList;
28 | import java.util.List;
29 |
30 | /**
31 | * @author Rob Winch
32 | */
33 | public class WithMockCustomUserSecurityContextFactory implements WithSecurityContextFactory {
34 | @Override
35 | public SecurityContext createSecurityContext(WithMockCustomUser customUser) {
36 | SecurityContext context = SecurityContextHolder.createEmptyContext();
37 |
38 | CustomUserDetails principal = new CustomUserDetails(customUser.name(), customUser.username());
39 | Authentication auth =
40 | new UsernamePasswordAuthenticationToken(principal, "password", principal.getAuthorities());
41 | context.setAuthentication(auth);
42 | return context;
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/CustomUserDetails.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package org.springframework.security.test.context.showcase;
17 |
18 | import org.springframework.security.core.GrantedAuthority;
19 | import org.springframework.security.core.authority.AuthorityUtils;
20 | import org.springframework.security.core.userdetails.UserDetails;
21 |
22 | import java.util.Collection;
23 |
24 | /**
25 | * @author Rob Winch
26 | */
27 | public class CustomUserDetails implements UserDetails {
28 | private final String name;
29 | private final String username;
30 | private final Collection authorities;
31 |
32 | public CustomUserDetails(String name, String username) {
33 | this.name = name;
34 | this.username = username;
35 | this.authorities = AuthorityUtils.createAuthorityList("ROLE_USER");
36 | }
37 |
38 | @Override
39 | public Collection getAuthorities() {
40 | return authorities;
41 | }
42 |
43 | @Override
44 | public String getPassword() {
45 | return null;
46 | }
47 |
48 | @Override
49 | public String getUsername() {
50 | return username;
51 | }
52 |
53 | @Override
54 | public boolean isAccountNonExpired() {
55 | return true;
56 | }
57 |
58 | @Override
59 | public boolean isAccountNonLocked() {
60 | return true;
61 | }
62 |
63 | @Override
64 | public boolean isCredentialsNonExpired() {
65 | return true;
66 | }
67 |
68 | @Override
69 | public boolean isEnabled() {
70 | return true;
71 | }
72 |
73 | @Override
74 | public String toString() {
75 | return "CustomUserDetails{" +
76 | "username='" + username + '\'' +
77 | '}';
78 | }
79 | }
--------------------------------------------------------------------------------
/src/test/java/sample/webdriver/pages/ViewMessagePage.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.webdriver.pages;
14 |
15 | import org.openqa.selenium.WebDriver;
16 | import org.openqa.selenium.WebElement;
17 | import org.openqa.selenium.support.FindBy;
18 | import sample.data.Message;
19 |
20 | import java.text.DateFormat;
21 | import java.text.ParseException;
22 | import java.util.Calendar;
23 | import java.util.Locale;
24 |
25 | /**
26 | * Represents the page where the {@link Message} details can be viewed.
27 | *
28 | * @author Rob Winch
29 | *
30 | */
31 | public class ViewMessagePage extends AbstractPage {
32 | @FindBy(className = "alert-success")
33 | private WebElement success;
34 |
35 | private WebElement id;
36 |
37 | private WebElement created;
38 |
39 | private WebElement summary;
40 |
41 | private WebElement text;
42 |
43 | public ViewMessagePage(WebDriver driver) {
44 | super(driver);
45 | }
46 |
47 | public String getSuccess() {
48 | return success.getText();
49 | }
50 |
51 | public Long getId() {
52 | return Long.parseLong(id.getText());
53 | }
54 |
55 | public Calendar getCreated() throws ParseException {
56 | Calendar result = Calendar.getInstance();
57 | DateFormat format = DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, Locale.ENGLISH);
58 | result.setTime(format.parse(created.getText()));
59 | return result;
60 | }
61 |
62 | public String getSummary() {
63 | return summary.getText();
64 | }
65 |
66 | public String getText() {
67 | return text.getText();
68 | }
69 |
70 | public Message getMessage() throws ParseException {
71 | Message message = new Message();
72 | message.setId(getId());
73 | message.setCreated(getCreated());
74 | message.setSummary(getSummary());
75 | message.setText(getText());
76 | return message;
77 | }
78 | }
79 |
--------------------------------------------------------------------------------
/src/main/java/sample/mvc/MessageController.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.mvc;
14 |
15 | import javax.validation.Valid;
16 |
17 | import org.springframework.beans.factory.annotation.Autowired;
18 | import org.springframework.stereotype.Controller;
19 | import sample.data.Message;
20 | import sample.data.MessageRepository;
21 | import org.springframework.validation.BindingResult;
22 | import org.springframework.web.bind.annotation.ModelAttribute;
23 | import org.springframework.web.bind.annotation.PathVariable;
24 | import org.springframework.web.bind.annotation.RequestMapping;
25 | import org.springframework.web.bind.annotation.RequestMethod;
26 | import org.springframework.web.servlet.ModelAndView;
27 | import org.springframework.web.servlet.mvc.support.RedirectAttributes;
28 |
29 | /**
30 | *
31 | * @author Rob Winch
32 | *
33 | */
34 | @Controller
35 | @RequestMapping("/messages/")
36 | public class MessageController {
37 | private MessageRepository messageRepository;
38 |
39 | @Autowired
40 | public MessageController(MessageRepository messageRepository) {
41 | this.messageRepository = messageRepository;
42 | }
43 |
44 | @RequestMapping
45 | public ModelAndView list() {
46 | Iterable messages = messageRepository.findAll();
47 | return new ModelAndView("messages/list", "messages", messages);
48 | }
49 |
50 | @RequestMapping("{id}")
51 | public ModelAndView view(@PathVariable("id")
52 | Message message) {
53 | return new ModelAndView("messages/view", "message", message);
54 | }
55 |
56 | @RequestMapping(value = "form", method = RequestMethod.GET)
57 | public String createForm(@ModelAttribute
58 | Message message) {
59 | return "messages/form";
60 | }
61 |
62 | @RequestMapping(method = RequestMethod.POST)
63 | public ModelAndView create(@Valid
64 | Message message, BindingResult result, RedirectAttributes redirect) {
65 | if (result.hasErrors()) {
66 | return new ModelAndView("messages/form");
67 | }
68 | message = messageRepository.save(message);
69 | redirect.addFlashAttribute("globalMessage", "Successfully created a new message");
70 | return new ModelAndView("redirect:/messages/{message.id}", "message.id", message.getId());
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/src/main/java/sample/config/DataConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import javax.sql.DataSource;
19 |
20 | import org.springframework.context.annotation.Bean;
21 | import org.springframework.context.annotation.Configuration;
22 | import org.springframework.context.annotation.DependsOn;
23 | import org.springframework.core.io.ClassPathResource;
24 | import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
25 | import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
26 | import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
27 | import org.springframework.jdbc.datasource.init.ResourceDatabasePopulator;
28 | import org.springframework.orm.jpa.JpaTransactionManager;
29 | import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
30 | import org.springframework.orm.jpa.vendor.Database;
31 | import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
32 | import sample.data.Message;
33 | import org.springframework.transaction.PlatformTransactionManager;
34 | import sample.data.MessageRepository;
35 |
36 |
37 | @Configuration
38 | @EnableJpaRepositories(basePackageClasses = MessageRepository.class)
39 | public class DataConfig {
40 |
41 | @Bean
42 | public DataSource dataSource() {
43 | EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
44 | return builder.setType(EmbeddedDatabaseType.HSQL).build();
45 | }
46 |
47 | @Bean
48 | public LocalContainerEntityManagerFactoryBean entityManagerFactory() {
49 | HibernateJpaVendorAdapter vendorAdapter = new HibernateJpaVendorAdapter();
50 | vendorAdapter.setDatabase(Database.HSQL);
51 | vendorAdapter.setGenerateDdl(true);
52 |
53 | LocalContainerEntityManagerFactoryBean factory = new LocalContainerEntityManagerFactoryBean();
54 | factory.setJpaVendorAdapter(vendorAdapter);
55 | factory.setPackagesToScan(Message.class.getPackage().getName());
56 | factory.setDataSource(dataSource());
57 |
58 | return factory;
59 | }
60 |
61 | @Bean
62 | public PlatformTransactionManager transactionManager() {
63 | JpaTransactionManager txManager = new JpaTransactionManager();
64 | txManager.setEntityManagerFactory(entityManagerFactory().getObject());
65 | return txManager;
66 | }
67 | }
--------------------------------------------------------------------------------
/src/test/java/sample/config/MockDataConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import org.mockito.invocation.InvocationOnMock;
19 | import org.mockito.stubbing.Answer;
20 | import org.springframework.context.annotation.Bean;
21 | import org.springframework.context.annotation.Configuration;
22 | import org.springframework.context.annotation.Scope;
23 | import org.springframework.core.convert.ConversionService;
24 | import org.springframework.core.convert.converter.ConverterRegistry;
25 | import sample.data.Message;
26 | import sample.data.MessageRepository;
27 | import sample.data.mock.MockConversionService;
28 |
29 | import java.util.Calendar;
30 | import java.util.Locale;
31 |
32 | import static org.mockito.Matchers.any;
33 | import static org.mockito.Matchers.anyLong;
34 | import static org.mockito.Mockito.mock;
35 | import static org.mockito.Mockito.when;
36 |
37 | /**
38 | * @author Rob Winch
39 | */
40 | @Configuration
41 | public class MockDataConfig {
42 |
43 | @Bean
44 | public MessageRepository messageRepository() {
45 | final Message message = createMessage();
46 | MessageRepository messages = mock(MessageRepository.class);
47 | when(messages.save(any(Message.class))).thenAnswer(new Answer() {
48 | @Override
49 | public Message answer(InvocationOnMock invocation) throws Throwable {
50 | Object[] args = invocation.getArguments();
51 | Message result = (Message) args[0];
52 | result.setId(message.getId());
53 | result.setCreated(message.getCreated());
54 | return result;
55 | }
56 | });
57 | when(messages.findOne(anyLong())).thenReturn(message);
58 | return messages;
59 | }
60 |
61 | @Bean
62 | public MockConversionService conversionService(T conversionService) {
63 | return new MockConversionService(conversionService);
64 | }
65 |
66 | @Bean
67 | public Message createMessage() {
68 | Calendar created = Calendar.getInstance(Locale.ENGLISH);
69 | // we need to clear out the milliseconds since we are not interested in being that precise
70 | created.set(Calendar.MILLISECOND, 0);
71 | created.getTime().setTime(1397672456000L);
72 | Message message = new Message();
73 | message.setCreated(created);
74 | message.setId(123L);
75 | message.setSummary("Spring Rocks");
76 | message.setText("In case you didn't know, Spring Rocks!");
77 | return message;
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/src/main/java/sample/config/WebMvcConfig.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package sample.config;
17 |
18 | import org.springframework.beans.factory.annotation.Autowired;
19 | import org.springframework.context.annotation.Bean;
20 | import org.springframework.context.annotation.ComponentScan;
21 | import org.springframework.core.Ordered;
22 | import org.springframework.data.repository.support.DomainClassConverter;
23 | import org.springframework.format.support.FormattingConversionService;
24 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
25 | import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
26 | import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
27 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
28 | import org.thymeleaf.spring4.SpringTemplateEngine;
29 | import org.thymeleaf.spring4.view.ThymeleafViewResolver;
30 | import org.thymeleaf.templateresolver.ServletContextTemplateResolver;
31 | import org.thymeleaf.templateresolver.TemplateResolver;
32 | import sample.mvc.MessageController;
33 |
34 | @EnableWebMvc
35 | @ComponentScan(basePackageClasses = MessageController.class)
36 | public class WebMvcConfig extends WebMvcConfigurerAdapter {
37 |
38 | @Autowired
39 | private FormattingConversionService mvcConversionService;
40 |
41 | @Override
42 | public void addViewControllers(ViewControllerRegistry registry) {
43 | registry.addViewController("/login").setViewName("login");
44 | registry.setOrder(Ordered.HIGHEST_PRECEDENCE);
45 | }
46 |
47 | @Override
48 | public void addResourceHandlers(ResourceHandlerRegistry registry) {
49 | registry
50 | .addResourceHandler("/resources/**")
51 | .addResourceLocations("/resources/")
52 | .setCachePeriod(31556926);
53 | registry.setOrder(Ordered.HIGHEST_PRECEDENCE);
54 | }
55 |
56 | @Bean
57 | public TemplateResolver templateResolver() {
58 | TemplateResolver result = new ServletContextTemplateResolver();
59 | result.setPrefix("/WEB-INF/templates/");
60 | result.setSuffix(".html");
61 | result.setTemplateMode("HTML5");
62 | return result;
63 | }
64 |
65 | @Bean
66 | public SpringTemplateEngine templateEngine(TemplateResolver templateResolver) {
67 | SpringTemplateEngine templateEngine = new SpringTemplateEngine();
68 | templateEngine.setTemplateResolver(templateResolver);
69 | return templateEngine;
70 | }
71 |
72 | @Bean
73 | public ThymeleafViewResolver viewResolver(SpringTemplateEngine templateEngine) {
74 | ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
75 | viewResolver.setTemplateEngine(templateEngine);
76 | return viewResolver;
77 | }
78 |
79 | @Bean
80 | public DomainClassConverter domainClassConverter() {
81 | return new DomainClassConverter(mvcConversionService);
82 | }
83 | }
--------------------------------------------------------------------------------
/src/test/java/sample/data/mock/MockConversionService.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2012 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5 | * the License. You may obtain a copy of the License at
6 | *
7 | * http://www.apache.org/licenses/LICENSE-2.0
8 | *
9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11 | * specific language governing permissions and limitations under the License.
12 | */
13 | package sample.data.mock;
14 |
15 | import java.io.Serializable;
16 | import java.util.Collection;
17 | import java.util.Collections;
18 | import java.util.Set;
19 |
20 | import org.springframework.context.ApplicationContext;
21 | import org.springframework.context.ApplicationContextAware;
22 | import org.springframework.core.GenericTypeResolver;
23 | import org.springframework.core.convert.ConversionService;
24 | import org.springframework.core.convert.TypeDescriptor;
25 | import org.springframework.core.convert.converter.ConditionalGenericConverter;
26 | import org.springframework.core.convert.converter.ConverterRegistry;
27 | import org.springframework.data.repository.CrudRepository;
28 | import org.springframework.data.repository.support.DomainClassConverter;
29 | import sample.mvc.MessageController;
30 |
31 | /**
32 | * Allows using Mock {@link CrudRepository} instances (i.e. using Mockito) and still support converting from a String to
33 | * a domain object. This is used internally by Spring on methods like
34 | * {@link MessageController#view(sample.data.Message)}
35 | *
36 | * @author Rob Winch
37 | *
38 | * @param
39 | * @see DomainClassConverter
40 | */
41 | public class MockConversionService implements ApplicationContextAware,
42 | ConditionalGenericConverter {
43 | @SuppressWarnings("rawtypes")
44 | private Collection repositories;
45 |
46 | private final T conversionService;
47 |
48 | public MockConversionService(T conversionService) {
49 | this.conversionService = conversionService;
50 | }
51 |
52 | public Set getConvertibleTypes() {
53 | return Collections.singleton(new ConvertiblePair(Object.class, Object.class));
54 | }
55 |
56 | public Object convert(Object source, TypeDescriptor sourceType, TypeDescriptor targetType) {
57 | CrudRepository repo = getRepository(targetType.getType(), sourceType.getType());
58 | return repo == null ? null : repo.findOne((Serializable) source);
59 | }
60 |
61 | public boolean matches(TypeDescriptor sourceType, TypeDescriptor targetType) {
62 | return getRepository(targetType.getType(), sourceType.getType()) != null;
63 | }
64 |
65 | public void setApplicationContext(ApplicationContext context) {
66 | this.repositories = context.getBeansOfType(CrudRepository.class).values();
67 | this.conversionService.addConverter(this);
68 | }
69 |
70 | private CrudRepository getRepository(Class domainClass, Class idClass) {
71 | for (CrudRepository repository : repositories) {
72 | Class[] typeArgs = GenericTypeResolver.resolveTypeArguments(repository.getClass(), CrudRepository.class);
73 | if (domainClass.equals(typeArgs[0]) && conversionService.canConvert(typeArgs[1], idClass)) {
74 | return repository;
75 | }
76 | }
77 | return null;
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/DefaultCsrfShowcaseTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.csrf;
17 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
18 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
19 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
20 |
21 | import javax.servlet.Filter;
22 |
23 | import org.junit.Before;
24 | import org.junit.Test;
25 | import org.junit.runner.RunWith;
26 | import org.springframework.beans.factory.annotation.Autowired;
27 | import org.springframework.context.annotation.Configuration;
28 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
29 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
30 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
31 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
32 | import org.springframework.test.context.ContextConfiguration;
33 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
34 | import org.springframework.test.context.web.WebAppConfiguration;
35 | import org.springframework.test.web.servlet.MockMvc;
36 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
37 | import org.springframework.web.context.WebApplicationContext;
38 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
39 |
40 | @RunWith(SpringJUnit4ClassRunner.class)
41 | @ContextConfiguration
42 | @WebAppConfiguration
43 | public class DefaultCsrfShowcaseTests {
44 |
45 | @Autowired
46 | private WebApplicationContext context;
47 |
48 | @Autowired
49 | private Filter springSecurityFilterChain;
50 |
51 | private MockMvc mvc;
52 |
53 | @Before
54 | public void setup() {
55 | mvc = MockMvcBuilders
56 | .webAppContextSetup(context)
57 | .defaultRequest(get("/").with(csrf()))
58 | .addFilters(springSecurityFilterChain)
59 | .build();
60 | }
61 |
62 | @Test
63 | public void postWithCsrfWorks() throws Exception {
64 | mvc
65 | .perform(post("/"))
66 | .andExpect(status().isNotFound());
67 | }
68 |
69 | @Test
70 | public void postWithCsrfWorksWithPut() throws Exception {
71 | mvc
72 | .perform(put("/"))
73 | .andExpect(status().isNotFound());
74 | }
75 |
76 | @Configuration
77 | @EnableWebMvcSecurity
78 | @EnableWebMvc
79 | static class Config extends WebSecurityConfigurerAdapter {
80 |
81 | @Override
82 | protected void configure(HttpSecurity http) throws Exception {
83 | }
84 |
85 | @Autowired
86 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
87 | auth
88 | .inMemoryAuthentication()
89 | .withUser("user").password("password").roles("USER");
90 | }
91 | }
92 | }
93 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CsrfShowcaseTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.csrf;
17 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
18 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
19 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
20 |
21 | import javax.servlet.Filter;
22 |
23 | import org.junit.Before;
24 | import org.junit.Test;
25 | import org.junit.runner.RunWith;
26 | import org.springframework.beans.factory.annotation.Autowired;
27 | import org.springframework.context.annotation.Configuration;
28 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
29 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
30 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
31 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
32 | import org.springframework.test.context.ContextConfiguration;
33 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
34 | import org.springframework.test.context.web.WebAppConfiguration;
35 | import org.springframework.test.web.servlet.MockMvc;
36 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
37 | import org.springframework.web.context.WebApplicationContext;
38 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
39 |
40 | @RunWith(SpringJUnit4ClassRunner.class)
41 | @ContextConfiguration
42 | @WebAppConfiguration
43 | public class CsrfShowcaseTests {
44 |
45 | @Autowired
46 | private WebApplicationContext context;
47 |
48 | @Autowired
49 | private Filter springSecurityFilterChain;
50 |
51 | private MockMvc mvc;
52 |
53 | @Before
54 | public void setup() {
55 | mvc = MockMvcBuilders
56 | .webAppContextSetup(context)
57 | .addFilters(springSecurityFilterChain)
58 | .build();
59 | }
60 |
61 | @Test
62 | public void postWithCsrfWorks() throws Exception {
63 | mvc
64 | .perform(post("/").with(csrf()))
65 | .andExpect(status().isNotFound());
66 | }
67 |
68 | @Test
69 | public void postWithCsrfWorksWithPut() throws Exception {
70 | mvc
71 | .perform(put("/").with(csrf()))
72 | .andExpect(status().isNotFound());
73 | }
74 |
75 | @Test
76 | public void postWithNoCsrfForbidden() throws Exception {
77 | mvc
78 | .perform(post("/"))
79 | .andExpect(status().isForbidden());
80 | }
81 |
82 | @Configuration
83 | @EnableWebMvcSecurity
84 | @EnableWebMvc
85 | static class Config extends WebSecurityConfigurerAdapter {
86 |
87 | @Override
88 | protected void configure(HttpSecurity http) throws Exception {
89 | }
90 |
91 | @Autowired
92 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
93 | auth
94 | .inMemoryAuthentication()
95 | .withUser("user").password("password").roles("USER");
96 | }
97 | }
98 | }
99 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/WithMockUserTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package org.springframework.security.test.context.showcase;
17 |
18 | import static org.fest.assertions.Assertions.assertThat;
19 |
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.beans.factory.annotation.Autowired;
23 | import org.springframework.context.annotation.ComponentScan;
24 | import org.springframework.context.annotation.Configuration;
25 | import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
26 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
27 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
28 | import org.springframework.security.test.context.showcase.service.HelloMessageService;
29 | import org.springframework.security.test.context.showcase.service.MessageService;
30 | import org.springframework.security.test.context.support.WithMockUser;
31 | import org.springframework.security.test.context.support.WithSecurityContextTestExcecutionListener;
32 | import org.springframework.test.context.ContextConfiguration;
33 | import org.springframework.test.context.TestExecutionListeners;
34 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
35 | import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
36 | import org.springframework.test.context.support.DirtiesContextTestExecutionListener;
37 | import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
38 | import org.springframework.test.context.web.ServletTestExecutionListener;
39 |
40 | /**
41 | * @author Rob Winch
42 | */
43 |
44 | @RunWith(SpringJUnit4ClassRunner.class)
45 | @ContextConfiguration
46 | @TestExecutionListeners(listeners={ServletTestExecutionListener.class,
47 | DependencyInjectionTestExecutionListener.class,
48 | DirtiesContextTestExecutionListener.class,
49 | TransactionalTestExecutionListener.class,
50 | WithSecurityContextTestExcecutionListener.class})
51 | public class WithMockUserTests {
52 | @Autowired
53 | private MessageService messageService;
54 |
55 | @Test(expected = AuthenticationCredentialsNotFoundException.class)
56 | public void getMessageUnauthenticated() {
57 | messageService.getMessage();
58 | }
59 |
60 | @Test
61 | @WithMockUser
62 | public void getMessageWithMockUser() {
63 | String message = messageService.getMessage();
64 | assertThat(message).contains("user");
65 | }
66 |
67 | @Test
68 | @WithMockUser("customUsername")
69 | public void getMessageWithMockUserCustomUsername() {
70 | String message = messageService.getMessage();
71 | assertThat(message).contains("customUsername");
72 | }
73 |
74 | @Test
75 | @WithMockUser(username="admin",roles={"USER","ADMIN"})
76 | public void getMessageWithMockUserCustomUser() {
77 | String message = messageService.getMessage();
78 | assertThat(message).contains("admin").contains("ROLE_USER").contains("ROLE_ADMIN");
79 | }
80 |
81 | @Configuration
82 | @EnableGlobalMethodSecurity(prePostEnabled = true)
83 | @ComponentScan(basePackageClasses = HelloMessageService.class)
84 | static class Config {
85 | @Autowired
86 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
87 | auth
88 | .inMemoryAuthentication()
89 | .withUser("user").password("password").roles("USER");
90 | }
91 | }
92 | }
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.csrf;
17 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
18 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
19 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
20 |
21 | import javax.servlet.Filter;
22 |
23 | import org.junit.Before;
24 | import org.junit.Test;
25 | import org.junit.runner.RunWith;
26 | import org.springframework.beans.factory.annotation.Autowired;
27 | import org.springframework.context.annotation.Bean;
28 | import org.springframework.context.annotation.Configuration;
29 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
30 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
31 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
32 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
33 | import org.springframework.security.web.csrf.CsrfTokenRepository;
34 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
35 | import org.springframework.test.context.ContextConfiguration;
36 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
37 | import org.springframework.test.context.web.WebAppConfiguration;
38 | import org.springframework.test.web.servlet.MockMvc;
39 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
40 | import org.springframework.web.context.WebApplicationContext;
41 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
42 |
43 | @RunWith(SpringJUnit4ClassRunner.class)
44 | @ContextConfiguration
45 | @WebAppConfiguration
46 | public class CustomCsrfShowcaseTests {
47 |
48 | @Autowired
49 | private WebApplicationContext context;
50 |
51 | @Autowired
52 | private Filter springSecurityFilterChain;
53 |
54 | @Autowired
55 | private CsrfTokenRepository repository;
56 |
57 | private MockMvc mvc;
58 |
59 | @Before
60 | public void setup() {
61 | mvc = MockMvcBuilders
62 | .webAppContextSetup(context)
63 | .defaultRequest(get("/").with(csrf()))
64 | .addFilters(springSecurityFilterChain)
65 | .build();
66 | }
67 |
68 | @Test
69 | public void postWithCsrfWorks() throws Exception {
70 | mvc
71 | .perform(post("/").with(csrf()))
72 | .andExpect(status().isNotFound());
73 | }
74 |
75 | @Test
76 | public void postWithCsrfWorksWithPut() throws Exception {
77 | mvc
78 | .perform(put("/").with(csrf()))
79 | .andExpect(status().isNotFound());
80 | }
81 |
82 | @Configuration
83 | @EnableWebMvcSecurity
84 | @EnableWebMvc
85 | static class Config extends WebSecurityConfigurerAdapter {
86 |
87 | @Override
88 | protected void configure(HttpSecurity http) throws Exception {
89 | http
90 | .csrf()
91 | .csrfTokenRepository(repo());
92 | }
93 |
94 | @Autowired
95 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
96 | auth
97 | .inMemoryAuthentication()
98 | .withUser("user").password("password").roles("USER");
99 | }
100 |
101 | @Bean
102 | public CsrfTokenRepository repo() {
103 | HttpSessionCsrfTokenRepository repo = new HttpSessionCsrfTokenRepository();
104 | repo.setParameterName("custom_csrf");
105 | return repo;
106 | }
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/login/AuthenticationTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.login;
17 |
18 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.*;
19 | import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.*;
20 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
21 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
22 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
23 |
24 | import javax.servlet.Filter;
25 |
26 | import org.junit.Before;
27 | import org.junit.Test;
28 | import org.junit.runner.RunWith;
29 | import org.springframework.beans.factory.annotation.Autowired;
30 | import org.springframework.context.annotation.Configuration;
31 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
32 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
33 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
34 | import org.springframework.test.context.ContextConfiguration;
35 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
36 | import org.springframework.test.context.web.WebAppConfiguration;
37 | import org.springframework.test.web.servlet.MockMvc;
38 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
39 | import org.springframework.web.context.WebApplicationContext;
40 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
41 |
42 | @RunWith(SpringJUnit4ClassRunner.class)
43 | @ContextConfiguration
44 | @WebAppConfiguration
45 | public class AuthenticationTests {
46 |
47 | @Autowired
48 | private WebApplicationContext context;
49 |
50 | @Autowired
51 | private Filter springSecurityFilterChain;
52 |
53 | private MockMvc mvc;
54 |
55 | @Before
56 | public void setup() {
57 | mvc = MockMvcBuilders
58 | .webAppContextSetup(context)
59 | .addFilters(springSecurityFilterChain)
60 | .build();
61 | }
62 |
63 | @Test
64 | public void requiresAuthentication() throws Exception {
65 | mvc
66 | .perform(get("/"))
67 | .andExpect(status().isMovedTemporarily());
68 | }
69 |
70 | @Test
71 | public void httpBasicAuthenticationSuccess() throws Exception {
72 | mvc
73 | .perform(get("/secured/butnotfound").with(httpBasic("user","password")))
74 | .andExpect(status().isNotFound())
75 | .andExpect(authenticated().withUsername("user"));
76 | }
77 |
78 | @Test
79 | public void authenticationSuccess() throws Exception {
80 | mvc
81 | .perform(formLogin())
82 | .andExpect(status().isMovedTemporarily())
83 | .andExpect(redirectedUrl("/"))
84 | .andExpect(authenticated().withUsername("user"));
85 | }
86 |
87 | @Test
88 | public void authenticationFailed() throws Exception {
89 | mvc
90 | .perform(formLogin().user("user").password("invalid"))
91 | .andExpect(status().isMovedTemporarily())
92 | .andExpect(redirectedUrl("/login?error"))
93 | .andExpect(unauthenticated());
94 | }
95 |
96 | @Configuration
97 | @EnableWebMvcSecurity
98 | @EnableWebMvc
99 | static class Config extends WebSecurityConfigurerAdapter {
100 | @Autowired
101 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
102 | auth
103 | .inMemoryAuthentication()
104 | .withUser("user").password("password").roles("USER");
105 | }
106 | }
107 | }
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.secured;
17 |
18 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
19 | import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.*;
20 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
21 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
22 |
23 | import javax.servlet.Filter;
24 |
25 | import org.junit.Before;
26 | import org.junit.Test;
27 | import org.junit.runner.RunWith;
28 | import org.springframework.beans.factory.annotation.Autowired;
29 | import org.springframework.context.annotation.Configuration;
30 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
31 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
32 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
33 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
34 | import org.springframework.test.context.ContextConfiguration;
35 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
36 | import org.springframework.test.context.web.WebAppConfiguration;
37 | import org.springframework.test.web.servlet.MockMvc;
38 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
39 | import org.springframework.web.context.WebApplicationContext;
40 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
41 |
42 | @RunWith(SpringJUnit4ClassRunner.class)
43 | @ContextConfiguration
44 | @WebAppConfiguration
45 | public class DefaultfSecurityRequestsTests {
46 |
47 | @Autowired
48 | private WebApplicationContext context;
49 |
50 | @Autowired
51 | private Filter springSecurityFilterChain;
52 |
53 | private MockMvc mvc;
54 |
55 | @Before
56 | public void setup() {
57 | mvc = MockMvcBuilders
58 | .webAppContextSetup(context)
59 | .defaultRequest(get("/").with(user("user").roles("ADMIN")))
60 | .addFilters(springSecurityFilterChain)
61 | .build();
62 | }
63 |
64 | @Test
65 | public void requestProtectedUrlWithUser() throws Exception {
66 | mvc
67 | .perform(get("/"))
68 | // Ensure we got past Security
69 | .andExpect(status().isNotFound())
70 | // Ensure it appears we are authenticated with user
71 | .andExpect(authenticated().withUsername("user"));
72 | }
73 |
74 | @Test
75 | public void requestProtectedUrlWithAdmin() throws Exception {
76 | mvc
77 | .perform(get("/admin"))
78 | // Ensure we got past Security
79 | .andExpect(status().isNotFound())
80 | // Ensure it appears we are authenticated with user
81 | .andExpect(authenticated().withUsername("user"));
82 | }
83 |
84 | @Configuration
85 | @EnableWebMvcSecurity
86 | @EnableWebMvc
87 | static class Config extends WebSecurityConfigurerAdapter {
88 |
89 | @Override
90 | protected void configure(HttpSecurity http) throws Exception {
91 | http
92 | .authorizeRequests()
93 | .antMatchers("/admin/**").hasRole("ADMIN")
94 | .anyRequest().authenticated()
95 | .and()
96 | .formLogin();
97 | }
98 |
99 | @Autowired
100 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
101 | auth
102 | .inMemoryAuthentication()
103 | .withUser("user").password("password").roles("USER");
104 | }
105 | }
106 | }
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2014 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | package org.springframework.security.test.web.servlet.showcase.login;
17 |
18 | import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.*;
19 | import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
20 |
21 | import javax.servlet.Filter;
22 |
23 | import org.junit.Before;
24 | import org.junit.Test;
25 | import org.junit.runner.RunWith;
26 | import org.springframework.beans.factory.annotation.Autowired;
27 | import org.springframework.context.annotation.Configuration;
28 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
29 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
30 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
31 | import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
32 | import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders;
33 | import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder;
34 | import org.springframework.test.context.ContextConfiguration;
35 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
36 | import org.springframework.test.context.web.WebAppConfiguration;
37 | import org.springframework.test.web.servlet.MockMvc;
38 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
39 | import org.springframework.web.context.WebApplicationContext;
40 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
41 |
42 | @RunWith(SpringJUnit4ClassRunner.class)
43 | @ContextConfiguration
44 | @WebAppConfiguration
45 | public class CustomLoginRequestBuilderAuthenticationTests {
46 |
47 | @Autowired
48 | private WebApplicationContext context;
49 |
50 | @Autowired
51 | private Filter springSecurityFilterChain;
52 |
53 | private MockMvc mvc;
54 |
55 | @Before
56 | public void setup() {
57 | mvc = MockMvcBuilders
58 | .webAppContextSetup(context)
59 | .addFilters(springSecurityFilterChain)
60 | .build();
61 | }
62 |
63 | @Test
64 | public void authenticationSuccess() throws Exception {
65 | mvc
66 | .perform(login())
67 | .andExpect(status().isMovedTemporarily())
68 | .andExpect(redirectedUrl("/"))
69 | .andExpect(authenticated().withUsername("user"));
70 | }
71 |
72 | @Test
73 | public void authenticationFailed() throws Exception {
74 | mvc
75 | .perform(login().user("notfound").password("invalid"))
76 | .andExpect(status().isMovedTemporarily())
77 | .andExpect(redirectedUrl("/authenticate?error"))
78 | .andExpect(unauthenticated());
79 | }
80 |
81 | static FormLoginRequestBuilder login() {
82 | return SecurityMockMvcRequestBuilders
83 | .formLogin("/authenticate")
84 | .userParameter("user")
85 | .passwordParam("pass");
86 | }
87 |
88 | @Configuration
89 | @EnableWebMvcSecurity
90 | @EnableWebMvc
91 | static class Config extends WebSecurityConfigurerAdapter {
92 |
93 | @Override
94 | protected void configure(HttpSecurity http) throws Exception {
95 | http
96 | .authorizeRequests()
97 | .anyRequest().authenticated()
98 | .and()
99 | .formLogin()
100 | .usernameParameter("user")
101 | .passwordParameter("pass")
102 | .loginPage("/authenticate");
103 | }
104 |
105 | @Autowired
106 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
107 | auth
108 | .inMemoryAuthentication()
109 | .withUser("user").password("password").roles("USER");
110 | }
111 | }
112 | }
--------------------------------------------------------------------------------
/src/test/java/org/springframework/security/test/context/showcase/WithUserDetailsTests.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2002-2013 the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5 | * use this file except in compliance with the License. You may obtain a copy of
6 | * the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 | * License for the specific language governing permissions and limitations under
14 | * the License.
15 | */
16 | package org.springframework.security.test.context.showcase;
17 |
18 | import static org.fest.assertions.Assertions.assertThat;
19 |
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.beans.factory.annotation.Autowired;
23 | import org.springframework.context.annotation.Bean;
24 | import org.springframework.context.annotation.ComponentScan;
25 | import org.springframework.context.annotation.Configuration;
26 | import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
27 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
28 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
29 | import org.springframework.security.core.context.SecurityContextHolder;
30 | import org.springframework.security.core.userdetails.UserDetails;
31 | import org.springframework.security.core.userdetails.UserDetailsService;
32 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
33 | import org.springframework.security.test.context.showcase.service.HelloMessageService;
34 | import org.springframework.security.test.context.showcase.service.MessageService;
35 | import org.springframework.security.test.context.support.WithSecurityContextTestExcecutionListener;
36 | import org.springframework.security.test.context.support.WithUserDetails;
37 | import org.springframework.test.context.ContextConfiguration;
38 | import org.springframework.test.context.TestExecutionListeners;
39 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
40 | import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
41 | import org.springframework.test.context.support.DirtiesContextTestExecutionListener;
42 | import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
43 | import org.springframework.test.context.web.ServletTestExecutionListener;
44 |
45 | /**
46 | * @author Rob Winch
47 | */
48 |
49 | @RunWith(SpringJUnit4ClassRunner.class)
50 | @ContextConfiguration
51 | @TestExecutionListeners(listeners={ServletTestExecutionListener.class,
52 | DependencyInjectionTestExecutionListener.class,
53 | DirtiesContextTestExecutionListener.class,
54 | TransactionalTestExecutionListener.class,
55 | WithSecurityContextTestExcecutionListener.class})
56 | public class WithUserDetailsTests {
57 | @Autowired
58 | private MessageService messageService;
59 |
60 | @Test(expected = AuthenticationCredentialsNotFoundException.class)
61 | public void getMessageUnauthenticated() {
62 | messageService.getMessage();
63 | }
64 |
65 | @Test
66 | @WithUserDetails
67 | public void getMessageWithUserDetails() {
68 | String message = messageService.getMessage();
69 | assertThat(message).contains("user");
70 | assertThat(getPrincipal()).isInstanceOf(CustomUserDetails.class);
71 | }
72 |
73 | @Test
74 | @WithUserDetails("customUsername")
75 | public void getMessageWithUserDetailsCustomUsername() {
76 | String message = messageService.getMessage();
77 | assertThat(message).contains("customUsername");
78 | assertThat(getPrincipal()).isInstanceOf(CustomUserDetails.class);
79 | }
80 |
81 | @Configuration
82 | @EnableGlobalMethodSecurity(prePostEnabled = true)
83 | @ComponentScan(basePackageClasses = HelloMessageService.class)
84 | static class Config {
85 | @Autowired
86 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
87 | auth
88 | .userDetailsService(userDetailsService());
89 | }
90 |
91 | @Bean
92 | public UserDetailsService userDetailsService() {
93 | return new CustomUserDetailsService();
94 | }
95 | }
96 |
97 | private Object getPrincipal() {
98 | return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
99 | }
100 |
101 | static class CustomUserDetailsService implements UserDetailsService {
102 |
103 | @Override
104 | public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException {
105 | return new CustomUserDetails("name", username);
106 | }
107 | }
108 | }
109 |
--------------------------------------------------------------------------------
/src/test/java/sample/webdriver/MockMvcHtmlUnitDriverCreateMessageTest.java:
--------------------------------------------------------------------------------
1 | package sample.webdriver;
2 |
3 | import org.junit.After;
4 | import org.junit.Before;
5 | import org.junit.Test;
6 | import org.junit.runner.RunWith;
7 | import org.openqa.selenium.WebDriver;
8 | import org.springframework.beans.factory.annotation.Autowired;
9 | import org.springframework.security.test.context.support.WithMockUser;
10 | import org.springframework.security.test.context.support.WithSecurityContextTestExcecutionListener;
11 | import org.springframework.test.context.ContextConfiguration;
12 | import org.springframework.test.context.TestExecutionListeners;
13 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
14 | import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
15 | import org.springframework.test.context.support.DirtiesContextTestExecutionListener;
16 | import org.springframework.test.context.transaction.TransactionalTestExecutionListener;
17 | import org.springframework.test.context.web.ServletTestExecutionListener;
18 | import org.springframework.test.context.web.WebAppConfiguration;
19 | import org.springframework.test.web.servlet.MockMvc;
20 | import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriver;
21 | import org.springframework.test.web.servlet.setup.MockMvcBuilders;
22 | import org.springframework.web.context.WebApplicationContext;
23 |
24 | import sample.config.MockDataConfig;
25 | import sample.config.WebMvcConfig;
26 | import sample.config.WebSecurityConfig;
27 | import sample.data.Message;
28 | import sample.webdriver.pages.CreateMessagePage;
29 | import sample.webdriver.pages.ViewMessagePage;
30 |
31 | import java.text.ParseException;
32 |
33 | import javax.servlet.Filter;
34 |
35 | import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.testSecurityContext;
36 | import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
37 | import static sample.fest.Assertions.assertThat;
38 |
39 | /**
40 | * An end to end test that validates the {@link CreateMessagePage}. A few things to notice:
41 | *
42 | *
43 | *
You will see that all the tests are the same as {@link WebDriverCreateMessageITest}. This shows how little difference
44 | * there is in how you would write the tests.
45 | *
The only difference is how we initialize our {@link WebDriver}
46 | *
We do not need to run the web application on a server for this test since we are using
47 | * {@link org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriver}