diff --git a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy index 420034e517..291d79646d 100644 --- a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy @@ -42,6 +42,7 @@ abstract class AbstractXmlConfigTests extends Specification { def mockBean(Class clazz, String id = clazz.simpleName) { xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') { 'b:constructor-arg'(value : clazz.name) + 'b:constructor-arg'(value : id) } } diff --git a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy index 84d787a31e..9aecde85d3 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy @@ -1,7 +1,17 @@ package org.springframework.security.config.http +import static org.mockito.Mockito.* + +import org.powermock.api.mockito.internal.verification.VerifyNoMoreInteractions; import org.springframework.beans.factory.parsing.BeanDefinitionParsingException +import org.springframework.mock.web.MockFilterChain; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.config.BeanIds +import org.springframework.security.core.Authentication; +import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.FilterChainProxy import org.junit.Assert import org.springframework.beans.factory.BeanCreationException @@ -60,9 +70,52 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests { } + def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() { + setup: + xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') { + 'form-login'('login-processing-url': '/first/login') + } + xml.http('authentication-manager-ref' : 'authManager2') { + 'form-login'() + } + mockBean(UserDetailsService,'uds') + mockBean(UserDetailsService,'uds2') + createAppContext(""" + + + + + + +""") + UserDetailsService uds = appContext.getBean('uds') + UserDetailsService uds2 = appContext.getBean('uds2') + when: + MockHttpServletRequest request = new MockHttpServletRequest() + MockHttpServletResponse response = new MockHttpServletResponse() + MockFilterChain chain = new MockFilterChain() + request.servletPath = "/first/login" + request.requestURI = "/first/login" + request.method = 'POST' + springSecurityFilterChain.doFilter(request,response,chain) + then: + verify(uds).loadUserByUsername(anyString()) || true + verifyZeroInteractions(uds2) || true + when: + MockHttpServletRequest request2 = new MockHttpServletRequest() + MockHttpServletResponse response2 = new MockHttpServletResponse() + MockFilterChain chain2 = new MockFilterChain() + request2.servletPath = "/j_spring_security_check" + request2.requestURI = "/j_spring_security_check" + request2.method = 'POST' + springSecurityFilterChain.doFilter(request2,response2,chain2) + then: + verify(uds2).loadUserByUsername(anyString()) || true + verifyNoMoreInteractions(uds) || true + } - def namedFilterChainIsExposedAsABean () { - xml.http(name: 'basic', pattern: '/basic/**', 'create-session': 'stateless') { + def multipleAuthenticationManagersWorks () { + xml.http(name: 'basic', pattern: '/basic/**', ) { 'http-basic'() } xml.http(pattern: '/form/**') { @@ -75,5 +128,4 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests { expect: Assert.assertSame (basicChain, appContext.getBean('basic')) } - }