Stack Overflow
Stack Overflow

Questions tagged [spring-security-test]

30 questions
1
vote
1 answer

Spring Security integration test for session authentication strategy

I have a Spring MVC + Spring Security Web application. The application has a custom session authentication strategy set up in the configuration http.sessionManagement() .sessionAuthenticationStrategy( ... ) Since the strategy…
leokom
  • 1,862
  • 1
  • 15
  • 26
1
vote
1 answer

Is there a way to up only security context in Spring Boot tests?

I want to write some kind of unit test which depends on Spring Security. For example, I have some service method which uses some repository and marked with @PreAuthorize annotation. Repository I can mock with Mockito, there is no problem. Also I can…
MarkHuntDev
  • 181
  • 3
  • 21
1
vote
2 answers

missing dependencies in latest spring security test

I need to resolve certain methods (status, jsonPath, content) mentioned in code shown below - mockMvc.perform(MockMvcRequestBuilders.get("/api/token") .with(getAuthentication(getOauthTestAuthentication())) …
comiventor
  • 3,922
  • 5
  • 50
  • 77
1
vote
1 answer

Issue with a Spring integration test involving an entity with lazy collections

I am experimenting with the new Spring Security Test framework. I have a test that involves returning a JPA entity with lazy collections. The following test ends up in error because one of the lazy…
balteo
  • 23,602
  • 63
  • 219
  • 412
0
votes
1 answer

Missing CsrfTokenRequestHandler when importing Spring Security Test 5.8.5

I'm writing unit test to test my secured endpoint (with @PreAutorized annotation), like described in spring documentation. But when the test arrive to the .with(jwt().authorities(new SimpleGrantedAuthority("SCOPE_data.read"), new…
fforfabio
  • 1
  • 2
0
votes
2 answers

How to test Spring Security config with resource server?

I have Spring Security config that configures OAuth2 resource server and endpoints with the predefined scopes and what you can do with what endpoint. Config is below: @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) public class…
Dmytro Chasovskyi
  • 3,209
  • 4
  • 40
  • 82
0
votes
0 answers

mockmvc unable to retrieve headers set by WebSecurityConfigurerAdapter

I created a commons library with the intent of injecting headers into the response of every API call. I updated the WebSecurityConfigurerAdaptor and wrote a mockmvc test case to test/assert those headers. However I observed that mockmvc is unable to…
Vikash Kodati
  • 21
  • 4
0
votes
1 answer

Change authorized user in tests

I want to test access to a method for a group of users with different roles in one test. I am trying to change the logged in user like this: @Test void allMenusAuthorizePermissions() throws Exception { for (User user : ALL_ROLES_USERS) { …
Константин Зубрилин
  • 13
  • 5
0
votes
2 answers

Spring Boot Test @PreAuthorize in a Library Module

I have a library-module written using Spring Boot 1.5.21. The library has a @Service with some methods annotated with @PreAutorize allowing only users with ADMIN authority to perform some actions, for example a delete. Then I have a Spring Boot…
sebasira
  • 1,739
  • 1
  • 22
  • 41
0
votes
0 answers

WithMockUser not working, but SecurityContext.getContext().setAuthentification does

I try to mock login with @WithMockUserbut it is not working. @SpringBootTest class RoleTest { @Autowired private UserService userService; @Autowired private RoleService roleService; private User user; @BeforeEach void…
Willey3x37
  • 310
  • 2
  • 12
0
votes
1 answer

Generate generate OAuth2 access token with additional claims to JUnit test

I have spring boot REST API secured using OAuth2. My authentication server and resource server are two applications. All the REST API security properly working with REST client. Then I need to write security test cases. I generate access token using…
Nuwan Sameera
  • 739
  • 1
  • 8
  • 25
0
votes
1 answer

Spring boot OAuth2 test secured end-point given 200 status without token

I develop spring boot web application with rest end points with OAuth 2 security. All the end points secure properly with password grant_type at runtime. But test cases with MockMvc not consider token. It can access secured endpoints without…
Nuwan Sameera
  • 739
  • 1
  • 8
  • 25
0
votes
1 answer

Spring Boot 2 Testing with Spring Security

I'm having some problems testing a Spgring Boot 2 app using Spring Security 5.1. Problem: I'm always getting a 403 on the response. Here are the two approaches I've tried: 1) Disable security for testing by…
epsilonmajorquezero
  • 559
  • 4
  • 19
0
votes
1 answer

Testing Spring Boot Security configuration

I've done a very simple demo app to try testing of Spring Boot security. This is my App configuration @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) @SpringBootApplication public class DemoApplication extends…
Javier Alvarez
  • 1,409
  • 2
  • 15
  • 33
-1
votes
1 answer

Spring Security: hasRole not working & AuthenticaionPrincipal is null

I have a PUT mapped controller method which should be restricted to users with ROLE_BUYER role. However during testing it is returing 200 OK to users without that role. The controller method is getting called but both the @AuthenticationPrincipal…
Nice Books
  • 1,675
  • 2
  • 17
  • 21
1
2