Split SecurityAutoConfiguration
Spring Security 3.2 has a new annotation @EnableWebMvcSecurity that we should use if MVC is being used.
This commit is contained in:
@@ -0,0 +1,117 @@
|
||||
package org.springframework.boot.sample.servlet;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Callable;
|
||||
import java.util.concurrent.Executors;
|
||||
import java.util.concurrent.Future;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||
import org.springframework.context.ConfigurableApplicationContext;
|
||||
import org.springframework.http.HttpRequest;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.http.client.ClientHttpRequestExecution;
|
||||
import org.springframework.http.client.ClientHttpRequestInterceptor;
|
||||
import org.springframework.http.client.ClientHttpResponse;
|
||||
import org.springframework.http.client.InterceptingClientHttpRequestFactory;
|
||||
import org.springframework.http.client.SimpleClientHttpRequestFactory;
|
||||
import org.springframework.security.crypto.codec.Base64;
|
||||
import org.springframework.web.client.DefaultResponseErrorHandler;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
/**
|
||||
* Basic integration tests for demo application.
|
||||
*
|
||||
* @author Dave Syer
|
||||
*/
|
||||
public class SampleServletApplicationTests {
|
||||
|
||||
private static ConfigurableApplicationContext context;
|
||||
|
||||
@BeforeClass
|
||||
public static void start() throws Exception {
|
||||
Future<ConfigurableApplicationContext> future = Executors
|
||||
.newSingleThreadExecutor().submit(
|
||||
new Callable<ConfigurableApplicationContext>() {
|
||||
@Override
|
||||
public ConfigurableApplicationContext call() throws Exception {
|
||||
return SpringApplication
|
||||
.run(SampleServletApplication.class);
|
||||
}
|
||||
});
|
||||
context = future.get(60, TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void stop() {
|
||||
if (context != null) {
|
||||
context.close();
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHomeIsSecure() throws Exception {
|
||||
ResponseEntity<String> entity = getRestTemplate().getForEntity(
|
||||
"http://localhost:8080", String.class);
|
||||
assertEquals(HttpStatus.UNAUTHORIZED, entity.getStatusCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHome() throws Exception {
|
||||
ResponseEntity<String> entity = getRestTemplate("user", getPassword()).getForEntity(
|
||||
"http://localhost:8080", String.class);
|
||||
assertEquals(HttpStatus.OK, entity.getStatusCode());
|
||||
assertEquals("Hello World", entity.getBody());
|
||||
}
|
||||
|
||||
private String getPassword() {
|
||||
return context.getBean(SecurityProperties.class).getUser().getPassword();
|
||||
}
|
||||
|
||||
private RestTemplate getRestTemplate() {
|
||||
return getRestTemplate(null, null);
|
||||
}
|
||||
|
||||
private RestTemplate getRestTemplate(final String username, final String password) {
|
||||
|
||||
List<ClientHttpRequestInterceptor> interceptors = new ArrayList<ClientHttpRequestInterceptor>();
|
||||
|
||||
if (username != null) {
|
||||
|
||||
interceptors.add(new ClientHttpRequestInterceptor() {
|
||||
|
||||
@Override
|
||||
public ClientHttpResponse intercept(HttpRequest request, byte[] body,
|
||||
ClientHttpRequestExecution execution) throws IOException {
|
||||
request.getHeaders().add(
|
||||
"Authorization",
|
||||
"Basic "
|
||||
+ new String(Base64
|
||||
.encode((username + ":" + password)
|
||||
.getBytes())));
|
||||
return execution.execute(request, body);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
RestTemplate restTemplate = new RestTemplate(
|
||||
new InterceptingClientHttpRequestFactory(
|
||||
new SimpleClientHttpRequestFactory(), interceptors));
|
||||
restTemplate.setErrorHandler(new DefaultResponseErrorHandler() {
|
||||
@Override
|
||||
public void handleError(ClientHttpResponse response) throws IOException {
|
||||
}
|
||||
});
|
||||
return restTemplate;
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user