Change a default realm name

Change a default realm name of Basic Authentication for XML namespace to 'Realm'.

Fixes gh-4220
This commit is contained in:
Kazuki Shimizu
2017-02-18 12:31:47 +09:00
committed by Rob Winch
parent 35706ad60a
commit 3d5989dea4
6 changed files with 23 additions and 5 deletions

View File

@@ -94,6 +94,24 @@ public class NamespaceHttpBasicTests {
assertThat(this.response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
}
// gh-4220
@Test
public void httpBasicUnauthorizedOnDefault() throws Exception {
// @formatter:off
loadContext("<http>\n" +
" <intercept-url pattern=\"/**\" access=\"hasRole('USER')\" />\n" +
" <http-basic />\n" +
" </http>\n" +
"\n" +
" <authentication-manager />");
// @formatter:on
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
assertThat(this.response.getStatus()).isEqualTo(HttpServletResponse.SC_UNAUTHORIZED);
assertThat(this.response.getHeader("WWW-Authenticate")).isEqualTo("Basic realm=\"Realm\"");
}
private void loadContext(String context) {
this.context = new InMemoryXmlApplicationContext(context);
this.springSecurityFilterChain = this.context.getBean("springSecurityFilterChain",