PasswordEncoder as Bean default for XML
Issue: gh-4873
This commit is contained in:
@@ -15,25 +15,27 @@
|
||||
*/
|
||||
package org.springframework.security.config.authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.*;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationListener;
|
||||
import org.springframework.context.ConfigurableApplicationContext;
|
||||
import org.springframework.context.support.AbstractXmlApplicationContext;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
|
||||
import org.springframework.security.authentication.ProviderManager;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
|
||||
import org.springframework.security.config.test.SpringTestContext;
|
||||
import org.springframework.security.config.test.SpringTestRule;
|
||||
import org.springframework.security.config.util.InMemoryXmlApplicationContext;
|
||||
import org.springframework.security.util.FieldUtils;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -44,7 +46,8 @@ public class AuthenticationManagerBeanDefinitionParserTests {
|
||||
+ " <authentication-provider>"
|
||||
+ " <user-service>"
|
||||
+ " <user name='bob' password='{noop}bobspassword' authorities='ROLE_A,ROLE_B' />"
|
||||
+ " </user-service>" + " </authentication-provider>"
|
||||
+ " </user-service>"
|
||||
+ " </authentication-provider>"
|
||||
+ "</authentication-manager>";
|
||||
@Rule
|
||||
public final SpringTestRule spring = new SpringTestRule();
|
||||
@@ -92,6 +95,23 @@ public class AuthenticationManagerBeanDefinitionParserTests {
|
||||
assertThat(pm.isEraseCredentialsAfterAuthentication()).isFalse();
|
||||
}
|
||||
|
||||
@Autowired
|
||||
MockMvc mockMvc;
|
||||
|
||||
@Test
|
||||
public void passwordEncoderBeanUsed() throws Exception {
|
||||
this.spring.context("<b:bean id='passwordEncoder' class='org.springframework.security.crypto.password.NoOpPasswordEncoder' factory-method='getInstance'/>"
|
||||
+ "<user-service>"
|
||||
+ " <user name='user' password='password' authorities='ROLE_A,ROLE_B' />"
|
||||
+ "</user-service>"
|
||||
+ "<http/>")
|
||||
.mockMvcAfterSpringSecurityOk()
|
||||
.autowire();
|
||||
|
||||
this.mockMvc.perform(get("/").with(httpBasic("user", "password")))
|
||||
.andExpect(status().isOk());
|
||||
}
|
||||
|
||||
private static class AuthListener implements
|
||||
ApplicationListener<AbstractAuthenticationEvent> {
|
||||
List<AbstractAuthenticationEvent> events = new ArrayList<AbstractAuthenticationEvent>();
|
||||
|
||||
@@ -0,0 +1,60 @@
|
||||
/*
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.security.config.authentication;
|
||||
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.test.SpringTestRule;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
*/
|
||||
public class PasswordEncoderParserTests {
|
||||
@Rule
|
||||
public final SpringTestRule spring = new SpringTestRule();
|
||||
|
||||
@Autowired
|
||||
MockMvc mockMvc;
|
||||
|
||||
@Test
|
||||
public void passwordEncoderDefaultsToDelegatingPasswordEncoder() throws Exception {
|
||||
this.spring.configLocations("classpath:org/springframework/security/config/authentication/PasswordEncoderParserTests-default.xml")
|
||||
.mockMvcAfterSpringSecurityOk()
|
||||
.autowire();
|
||||
|
||||
this.mockMvc.perform(get("/").with(httpBasic("user", "password")))
|
||||
.andExpect(status().isOk());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void passwordEncoderDefaultsToPasswordEncoderBean() throws Exception {
|
||||
this.spring.configLocations("classpath:org/springframework/security/config/authentication/PasswordEncoderParserTests-bean.xml")
|
||||
.mockMvcAfterSpringSecurityOk()
|
||||
.autowire();
|
||||
|
||||
this.mockMvc.perform(get("/").with(httpBasic("user", "password")))
|
||||
.andExpect(status().isOk());
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user