AbstractAuthenticationProcessingFilter.securityContextRepository
Issue gh-10953
This commit is contained in:
@@ -27,6 +27,7 @@ import org.apache.commons.logging.Log;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
|
||||
import org.springframework.mock.web.MockFilterConfig;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
@@ -34,14 +35,17 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.InternalAuthenticationServiceException;
|
||||
import org.springframework.security.authentication.TestAuthentication;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServicesTests;
|
||||
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
|
||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
import org.springframework.security.web.firewall.DefaultHttpFirewall;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
@@ -322,6 +326,37 @@ public class AbstractAuthenticationProcessingFilterTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccessfulAuthenticationThenDefaultDoesNotCreateSession() throws Exception {
|
||||
Authentication authentication = TestAuthentication.authenticatedUser();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter();
|
||||
|
||||
filter.successfulAuthentication(request, response, chain, authentication);
|
||||
|
||||
assertThat(request.getSession(false)).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSuccessfulAuthenticationWhenCustomSecurityContextRepositoryThenAuthenticationSaved()
|
||||
throws Exception {
|
||||
ArgumentCaptor<SecurityContext> contextCaptor = ArgumentCaptor.forClass(SecurityContext.class);
|
||||
SecurityContextRepository repository = mock(SecurityContextRepository.class);
|
||||
Authentication authentication = TestAuthentication.authenticatedUser();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain(false);
|
||||
MockAuthenticationFilter filter = new MockAuthenticationFilter();
|
||||
filter.setSecurityContextRepository(repository);
|
||||
|
||||
filter.successfulAuthentication(request, response, chain, authentication);
|
||||
|
||||
verify(repository).saveContext(contextCaptor.capture(), eq(request), eq(response));
|
||||
assertThat(contextCaptor.getValue().getAuthentication()).isEqualTo(authentication);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailedAuthenticationInvokesFailureHandler() throws Exception {
|
||||
// Setup our HTTP request
|
||||
|
||||
Reference in New Issue
Block a user