0

I have a Grails application that is using Spring Security, and I'm trying to run tests on it with Cucumber/Geb

When I load my website with run-app and navigate to 'MyProject/' it redirects me to the index page (ok so far)

When I load my functional tests and navigate to 'MyProject/', it redirects me to the MyProject/login/auth page.

So my issue is, run-app in development mode works fine with Spring Security, but when I run test-app functional:cucumber, the site thinks I need to be logged in.

Here is my config file with my Spring Security info

grails.plugin.springsecurity.rejectIfNoRule = true
grails.plugin.springsecurity.fii.rejectPublicInvocations = true

grails.plugin.springsecurity.logout.postOnly = false
grails.plugin.springsecurity.password.bcrypt.logrounds = 15
grails.plugin.springsecurity.userLookup.userDomainClassName = 'myproject.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'myproject.UserRole'
grails.plugin.springsecurity.authority.className = 'myproject.Role'
grails.plugin.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugin.springsecurity.interceptUrlMap = [
'/':                              ['permitAll'],
'/index':                         ['permitAll'],
'/index.gsp':                     ['permitAll'],
'/assets/**':                     ['permitAll'],
'/**/js/**':                      ['permitAll'],
'/**/css/**':                     ['permitAll'],
'/**/images/**':                  ['permitAll'],
'/**/favicon.ico':                ['permitAll'],
'/login/**':                          ['permitAll'],
'/logout/**':                         ['permitAll']
]

and my step

import static cucumber.api.groovy.EN.*
import pages.HomePage

Given(~/^I am on the home page$/) { ->
    to HomePage
    at HomePage
}

and my page

package pages

import geb.Page

class HomePage extends Page {
    static url = "MyProject/"

    static at = {
        title ==~ /Welcome to Grails/
    }

    static content = {

    }
}

With test run-app it seems to work fine, so I have to believe it is either in my Cucumber/Geb code or in the test-app functional:cucumber command somewhere

Burt Beckwith
  • 75,342
  • 5
  • 143
  • 156
Matt Westlake
  • 3,499
  • 7
  • 39
  • 80

1 Answers1

0

Try turning on debug option in spring security to check what resource your tests are accessing. It looks like tests are trying to access the following: http://localhost:8080/MyProject/MyProject and resource '/MyProject' is not mapped in InterceptUrlMap so pessimistic locking takes place.

Try changing this

static url = "MyProject/"

to this

static url = "/MyProject"

There is a difference between these two. Check Geb docs for more details.

BTW, but you've got an error in you Spring Security config. These two lines:

grails.plugin.springsecurity.rejectIfNoRule = true
grails.plugin.springsecurity.fii.rejectPublicInvocations = true

are mutually exclusive. If resource is not mapped explicitly you might want to return 403 (first option) or throw an exception (second option). More details: http://grails-plugins.github.io/grails-spring-security-core/guide/requestMappings.html

mordka
  • 392
  • 3
  • 11