diff --git a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
index 420034e517..291d79646d 100644
--- a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
@@ -42,6 +42,7 @@ abstract class AbstractXmlConfigTests extends Specification {
def mockBean(Class clazz, String id = clazz.simpleName) {
xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') {
'b:constructor-arg'(value : clazz.name)
+ 'b:constructor-arg'(value : id)
}
}
diff --git a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
index 84d787a31e..9aecde85d3 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
@@ -1,7 +1,17 @@
package org.springframework.security.config.http
+import static org.mockito.Mockito.*
+
+import org.powermock.api.mockito.internal.verification.VerifyNoMoreInteractions;
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException
+import org.springframework.mock.web.MockFilterChain;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.config.BeanIds
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.FilterChainProxy
import org.junit.Assert
import org.springframework.beans.factory.BeanCreationException
@@ -60,9 +70,52 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
}
+ def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() {
+ setup:
+ xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') {
+ 'form-login'('login-processing-url': '/first/login')
+ }
+ xml.http('authentication-manager-ref' : 'authManager2') {
+ 'form-login'()
+ }
+ mockBean(UserDetailsService,'uds')
+ mockBean(UserDetailsService,'uds2')
+ createAppContext("""
+
+
+
+
+
+
+""")
+ UserDetailsService uds = appContext.getBean('uds')
+ UserDetailsService uds2 = appContext.getBean('uds2')
+ when:
+ MockHttpServletRequest request = new MockHttpServletRequest()
+ MockHttpServletResponse response = new MockHttpServletResponse()
+ MockFilterChain chain = new MockFilterChain()
+ request.servletPath = "/first/login"
+ request.requestURI = "/first/login"
+ request.method = 'POST'
+ springSecurityFilterChain.doFilter(request,response,chain)
+ then:
+ verify(uds).loadUserByUsername(anyString()) || true
+ verifyZeroInteractions(uds2) || true
+ when:
+ MockHttpServletRequest request2 = new MockHttpServletRequest()
+ MockHttpServletResponse response2 = new MockHttpServletResponse()
+ MockFilterChain chain2 = new MockFilterChain()
+ request2.servletPath = "/j_spring_security_check"
+ request2.requestURI = "/j_spring_security_check"
+ request2.method = 'POST'
+ springSecurityFilterChain.doFilter(request2,response2,chain2)
+ then:
+ verify(uds2).loadUserByUsername(anyString()) || true
+ verifyNoMoreInteractions(uds) || true
+ }
- def namedFilterChainIsExposedAsABean () {
- xml.http(name: 'basic', pattern: '/basic/**', 'create-session': 'stateless') {
+ def multipleAuthenticationManagersWorks () {
+ xml.http(name: 'basic', pattern: '/basic/**', ) {
'http-basic'()
}
xml.http(pattern: '/form/**') {
@@ -75,5 +128,4 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
expect:
Assert.assertSame (basicChain, appContext.getBean('basic'))
}
-
}