صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
github
/
spring-security
mirrorاز https://github.com/spring-projects/spring-security
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
فهرست منبع

SEC-1937: Added test to demonstrate SEC-1937 was invalid

Rob Winch 12 سال پیش
والد
3c82e63ded
کامیت
662bb24370
2فایلهای تغییر یافته به همراه56 افزوده شده و 3 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 1 0
      config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
  2. 55 3
      config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy

+ 1 - 0
config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
مشاهده فایل 

@@ -42,6 +42,7 @@ abstract class AbstractXmlConfigTests extends Specification {
 
     def mockBean(Class clazz, String id = clazz.simpleName) {
 
         xml.'b:bean'(id: id, 'class': Mockito.class.name, 'factory-method':'mock') {
 
             'b:constructor-arg'(value : clazz.name)
 
+            'b:constructor-arg'(value : id)
 
         }
 
     }

+ 55 - 3
config/src/test/groovy/org/springframework/security/config/http/MultiHttpBlockConfigTests.groovy
مشاهده فایل 

@@ -1,7 +1,17 @@
 
 package org.springframework.security.config.http
 
 
+import static org.mockito.Mockito.*
 
+
 
+import org.powermock.api.mockito.internal.verification.VerifyNoMoreInteractions;
 
 import org.springframework.beans.factory.parsing.BeanDefinitionParsingException
 
+import org.springframework.mock.web.MockFilterChain;
 
+import org.springframework.mock.web.MockHttpServletRequest;
 
+import org.springframework.mock.web.MockHttpServletResponse;
 
+import org.springframework.security.authentication.AuthenticationManager;
 
+import org.springframework.security.authentication.TestingAuthenticationToken;
 
 import org.springframework.security.config.BeanIds
 
+import org.springframework.security.core.Authentication;
 
+import org.springframework.security.core.userdetails.UserDetailsService;
 
 import org.springframework.security.web.FilterChainProxy
 
 import org.junit.Assert
 
 import org.springframework.beans.factory.BeanCreationException
 
@@ -60,9 +70,52 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
 
     }
 
 
 
+    def 'SEC-1937: http@authentication-manager-ref and multi authentication-mananager'() {
 
+        setup:
 
+            xml.http('authentication-manager-ref' : 'authManager', 'pattern' : '/first/**') {
 
+                'form-login'('login-processing-url': '/first/login')
 
+            }
 
+            xml.http('authentication-manager-ref' : 'authManager2') {
 
+                'form-login'()
 
+            }
 
+            mockBean(UserDetailsService,'uds')
 
+            mockBean(UserDetailsService,'uds2')
 
+            createAppContext("""
 
+<authentication-manager id="authManager">
 
+    <authentication-provider user-service-ref="uds" />
 
+</authentication-manager>
 
+<authentication-manager id="authManager2">
 
+    <authentication-provider user-service-ref="uds2" />
 
+</authentication-manager>
 
+""")
 
+            UserDetailsService uds = appContext.getBean('uds')
 
+            UserDetailsService uds2 = appContext.getBean('uds2')
 
+        when:
 
+            MockHttpServletRequest request = new MockHttpServletRequest()
 
+            MockHttpServletResponse response = new MockHttpServletResponse()
 
+            MockFilterChain chain = new MockFilterChain()
 
+            request.servletPath = "/first/login"
 
+            request.requestURI = "/first/login"
 
+            request.method = 'POST'
 
+            springSecurityFilterChain.doFilter(request,response,chain)
 
+        then:
 
+            verify(uds).loadUserByUsername(anyString()) || true
 
+            verifyZeroInteractions(uds2) || true
 
+        when:
 
+            MockHttpServletRequest request2 = new MockHttpServletRequest()
 
+            MockHttpServletResponse response2 = new MockHttpServletResponse()
 
+            MockFilterChain chain2 = new MockFilterChain()
 
+            request2.servletPath = "/j_spring_security_check"
 
+            request2.requestURI = "/j_spring_security_check"
 
+            request2.method = 'POST'
 
+            springSecurityFilterChain.doFilter(request2,response2,chain2)
 
+        then:
 
+            verify(uds2).loadUserByUsername(anyString()) || true
 
+            verifyNoMoreInteractions(uds) || true
 
+    }
 
 
-    def namedFilterChainIsExposedAsABean () {
 
-        xml.http(name: 'basic', pattern: '/basic/**', 'create-session': 'stateless') {
 
+    def multipleAuthenticationManagersWorks () {
 
+        xml.http(name: 'basic', pattern: '/basic/**', ) {
 
             'http-basic'()
 
         }
 
         xml.http(pattern: '/form/**') {
 
@@ -75,5 +128,4 @@ class MultiHttpBlockConfigTests extends AbstractHttpConfigTests {
 
         expect:
 
         Assert.assertSame (basicChain, appContext.getBean('basic'))
 
     }
 
-
 
 }