Optimized login form - delegated CSRF token creation to thymeleaf

Also added additional test to verify behaviour.

Fixes gh-1039
This commit is contained in:
Javier Gayoso
2014-06-05 16:11:03 +02:00
committed by Dave Syer
parent aa30fdba18
commit b7d94d1364
3 changed files with 16 additions and 6 deletions

View File

@@ -69,6 +69,18 @@ public class SampleSecureApplicationTests {
entity.getHeaders().getLocation().toString().endsWith(port + "/login"));
}
@Test
public void testLoginPage() throws Exception {
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Arrays.asList(MediaType.TEXT_HTML));
ResponseEntity<String> entity = new TestRestTemplate().exchange(
"http://localhost:" + this.port + "/login", HttpMethod.GET, new HttpEntity<Void>(
headers), String.class);
assertEquals(HttpStatus.OK, entity.getStatusCode());
assertTrue("Wrong content:\n" + entity.getBody(),
entity.getBody().contains("_csrf"));
}
@Test
public void testLogin() throws Exception {
HttpHeaders headers = getHeaders();