diff --git a/spring-boot-samples/spring-boot-sample-web-method-security/src/test/java/sample/ui/method/SampleMethodSecurityApplicationTests.java b/spring-boot-samples/spring-boot-sample-web-method-security/src/test/java/sample/ui/method/SampleMethodSecurityApplicationTests.java index 58935422a0..62adc9a403 100644 --- a/spring-boot-samples/spring-boot-sample-web-method-security/src/test/java/sample/ui/method/SampleMethodSecurityApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-web-method-security/src/test/java/sample/ui/method/SampleMethodSecurityApplicationTests.java @@ -20,6 +20,7 @@ import java.util.Arrays; import java.util.regex.Matcher; import java.util.regex.Pattern; +import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Value; @@ -108,6 +109,21 @@ public class SampleMethodSecurityApplicationTests { .getBody().contains("Access denied")); } + @Test + public void testManagementProtected() throws Exception { + ResponseEntity entity = new TestRestTemplate() + .getForEntity("http://localhost:" + port + "/beans", String.class); + assertEquals(HttpStatus.UNAUTHORIZED, entity.getStatusCode()); + } + + @Test + @Ignore("https://github.com/spring-projects/spring-boot/issues/699") + public void testManagementAuthorizedAccess() throws Exception { + ResponseEntity entity = new TestRestTemplate("user", "user") + .getForEntity("http://localhost:" + port + "/beans", String.class); + assertEquals(HttpStatus.OK, entity.getStatusCode()); + } + private void getCsrf(MultiValueMap form, HttpHeaders headers) { ResponseEntity page = new TestRestTemplate().getForEntity( "http://localhost:" + port + "/login", String.class);