Stack Overflow
Stack Overflow

Questions tagged [spring-security-test]

30 questions
8
votes
1 answer

Spring Boot: Disable security for Spring Boot Unit Test

Spring Boot version: 2.0.4.RELEASE For the Spring Boot Test below, the test returns an unwanted 401 response: "401" status, "error": "unauthorized" What is the best way to disable Spring Security for the tests? I tried a adding a configuration…
Jim Eadon
  • 83
  • 1
  • 1
  • 7
5
votes
1 answer

Getting 403 Forbidden for WebFluxTest in Oauth2 Secured (Client Credentials) Resource Server Application

I have a reactive(Spring WebFlux) web-application where I am having few REST APIs which are protected resources.(Oauth2) . To access them manually, I need to get an authorization token with client credentials grant type and use that token in the…
Abhinaba Chakraborty
  • 3,488
  • 2
  • 16
  • 37
4
votes
1 answer

Configuration of spring-security doesn't seem to be applied while testing

I have configured a standalone mockMvc with a corresponding xml security config for testing my controller that is annotated with @PreAuthorize(hasAnyRole('DM,CD')). But the result of my tests always is tatus 200, even though I make a call with a…
ryzhman
  • 674
  • 10
  • 22
4
votes
1 answer

Gradle not downloading test dependency

I am looking to add a test dependency to my project which uses gradle. What I simply need is for gradle to download the dependency jar so I can import part of the package. What I need is the following package: import…
DWB
  • 1,544
  • 2
  • 16
  • 33
4
votes
1 answer

Spring Security Unit Test - MockMvc perform test with custom user

I'm setting up unit tests for my Spring MVC Controllers and I am attempting to leverage the Spring MVC test framework. For each endpoint in my controller, I want to ensure that only users with designated authorities have access. My problem is that…
The Gilbert Arenas Dagger
  • 12,071
  • 13
  • 66
  • 80
3
votes
1 answer

Unit testing Spring controllers with CSRF

I have the version 5.6.10 in the following dependencies spring-security-test spring-security-core spring-security-web I have a controller with CSRF @GetMapping(value = "/data") public ResponseEntity data(@RequestParam(required =…
rMonteiro
  • 1,371
  • 1
  • 14
  • 37
3
votes
0 answers

Spring Boot integration test for Resource server's controller with oauth security

We have following secured controller: @RestController @RequestMapping("/api/employee") public class EmployeeController { @GetMapping @PreAuthorize("#oauth2.hasScope('edit') OR hasRole('ADMIN')") public String…
Denis Stephanov
  • 4,563
  • 24
  • 78
  • 174
3
votes
1 answer

Using Spring security test to test a secured Spring MVC controller

following the documentation about using Spring Security Test to write tests for a spring MVC app that is wired behind Spring Security. This is a vanilla spring-boot application employing a typical spring-security wiring. Here's the main…
apil.tamang
  • 2,545
  • 7
  • 29
  • 40
3
votes
0 answers

Spring MVC Test with RequestPostProcessor vs. Annotations

I have an application I've created with JHipster. I generated a Blog entity, then modified the BlogResource class so its getAll() method only returns the blog for the current user. /** * GET /blogs -> get all the blogs. */ @RequestMapping(value =…
Matt Raible
  • 8,187
  • 9
  • 61
  • 120
2
votes
1 answer

How to add a header to a MockMvc request, depending on test annotation?

As a follow up to this question, I wonder how to transparently add an "Authorization" header to a MockHttpServletRequestBuilder, only if a given annotation is present on the…
ch4mp
  • 6,622
  • 6
  • 29
  • 49
2
votes
1 answer

Spring Security + Spring-Boot Testing Controller

I'm trying to test the home controller @RequestMapping("/") @ResponseBody String home() { return "Hello World!"; } I'm using spring security using as username "user" and test as password by default but @PreAuthorize is not…
Carlos Chávez
  • 422
  • 5
  • 14
2
votes
2 answers

Spring Security Test and MockMvc supply null custom UserDetails parameter to REST Controller

I'm trying to write an integration test that hits a REST endpoint and gets data for a specific authenticated user (the one I'm setting up in the test). I initially tried my setup with mockMvc =…
akokskis
  • 1,486
  • 15
  • 32
1
vote
1 answer

Spring Security testing: .getPrincipal() returning different objects in app and tests

I'm making a Reddit clone as one of the projects for my portfolio. The problem I'm unable to solve (I'm a beginner) is this: I have a CommentController (REST) that's handling all the api calls regarding comments. There's an endpoint for creating a…
odxrs
  • 21
  • 6
1
vote
1 answer

Spring Security requests basic authentication even though it's disabled (reactive)

The following spring security config gives some unexpected behavior. When making a request to some (non-health-check) endpoint (/user), in the browser and when using curl (via git bash on windows), an unauthenticated request returns an idp redirect…
Segev Malool
  • 68
  • 5
1
vote
1 answer

Spring boot testing: User protected security controller on testing

Here you have my controller method: @PreAuthorize("principal == '" + EspaiDocConstants.BO_COMPONENT_APP + "'") public void ingestAudits() { // Do something } As you can see, it's protected using @PreAuthorize("principal == '" +…
Jordi
  • 20,868
  • 39
  • 149
  • 333
1
2