Check the user of a SockJS request
Issue: SPR-12497
This commit is contained in:
@@ -29,6 +29,7 @@ import org.mockito.MockitoAnnotations;
|
||||
import org.springframework.scheduling.TaskScheduler;
|
||||
import org.springframework.web.socket.AbstractHttpRequestTests;
|
||||
import org.springframework.web.socket.WebSocketHandler;
|
||||
import org.springframework.web.socket.handler.TestPrincipal;
|
||||
import org.springframework.web.socket.server.HandshakeHandler;
|
||||
import org.springframework.web.socket.server.support.OriginHandshakeInterceptor;
|
||||
import org.springframework.web.socket.sockjs.transport.SockJsSessionFactory;
|
||||
@@ -243,6 +244,28 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
verify(this.xhrSendHandler).handleRequest(this.request, this.response, this.wsHandler, this.session);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void handleTransportRequestXhrSendWithDifferentUser() throws Exception {
|
||||
String sockJsPath = sessionUrlPrefix + "xhr";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
assertEquals(200, this.servletResponse.getStatus()); // session created
|
||||
verify(this.xhrHandler).handleRequest(this.request, this.response, this.wsHandler, this.session);
|
||||
|
||||
this.session.setPrincipal(new TestPrincipal("little red riding hood"));
|
||||
this.servletRequest.setUserPrincipal(new TestPrincipal("wolf"));
|
||||
|
||||
resetResponse();
|
||||
reset(this.xhrSendHandler);
|
||||
sockJsPath = sessionUrlPrefix + "xhr_send";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
assertEquals(404, this.servletResponse.getStatus());
|
||||
verifyNoMoreInteractions(this.xhrSendHandler);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void handleTransportRequestJsonp() throws Exception {
|
||||
TransportHandlingSockJsService jsonpService = new TransportHandlingSockJsService(this.taskScheduler, this.jsonpHandler, this.jsonpSendHandler);
|
||||
|
||||
Reference in New Issue
Block a user