Fix authenticationFailureHandler not being used
The custom server authenticationFailureHandler was not always picked up Fixes: gh-7782
This commit is contained in:
@@ -33,6 +33,7 @@ import org.springframework.security.htmlunit.server.WebTestClientHtmlUnitDriverB
|
||||
import org.springframework.security.test.web.reactive.server.WebTestClientBuilder;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
import org.springframework.security.web.server.WebFilterChainProxy;
|
||||
import org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler;
|
||||
import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.server.context.ServerSecurityContextRepository;
|
||||
import org.springframework.security.web.server.csrf.CsrfToken;
|
||||
@@ -213,6 +214,37 @@ public class FormLoginTests {
|
||||
homePage.assertAt();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void formLoginWhenCustomAuthenticationFailureHandlerThenUsed() {
|
||||
SecurityWebFilterChain securityWebFilter = this.http
|
||||
.authorizeExchange()
|
||||
.pathMatchers("/login", "/failure").permitAll()
|
||||
.anyExchange().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/failure"))
|
||||
.and()
|
||||
.build();
|
||||
|
||||
WebTestClient webTestClient = WebTestClientBuilder
|
||||
.bindToWebFilters(securityWebFilter)
|
||||
.build();
|
||||
|
||||
WebDriver driver = WebTestClientHtmlUnitDriverBuilder
|
||||
.webTestClientSetup(webTestClient)
|
||||
.build();
|
||||
|
||||
DefaultLoginPage loginPage = HomePage.to(driver, DefaultLoginPage.class)
|
||||
.assertAt();
|
||||
|
||||
loginPage.loginForm()
|
||||
.username("invalid")
|
||||
.password("invalid")
|
||||
.submit(HomePage.class);
|
||||
|
||||
assertThat(driver.getCurrentUrl()).endsWith("/failure");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticationSuccess() {
|
||||
SecurityWebFilterChain securityWebFilter = this.http
|
||||
|
||||
Reference in New Issue
Block a user