Accept */* triggers 401 by Default

Fixes gh-4831
This commit is contained in:
Rob Winch
2017-11-16 09:58:29 -06:00
parent 64ad08e96d
commit 3e7e80a836
4 changed files with 66 additions and 2 deletions

View File

@@ -26,6 +26,7 @@ import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.config.users.ReactiveAuthenticationTestConfiguration;
@@ -87,6 +88,23 @@ public class EnableWebFluxSecurityTests {
.expectBody().isEmpty();
}
// gh-4831
@Test
public void defaultMediaAllThenUnAuthorized() {
this.spring.register(Config.class).autowire();
WebTestClient client = WebTestClientBuilder
.bindToWebFilters(this.springSecurityFilterChain)
.build();
client.get()
.uri("/")
.accept(MediaType.ALL)
.exchange()
.expectStatus().isUnauthorized()
.expectBody().isEmpty();
}
@Test
public void authenticateWhenBasicThenNoSession() {
this.spring.register(Config.class).autowire();