问题描述
我正在尝试使用 mvc-test 测试我的登录页面.在添加 Spring Security 之前,我工作得很好.
I'm trying to test my login page using mvc-test.I was working pretty good before I added spring security.
我的代码是:
mockMvc.perform(
post("j_spring_security_check")
.param(LOGIN_FORM_USERNAME_FIELD, testUsernameValue)
.param(LOGIN_FORM_PASSWORD_FIELD, testPasswordValue))
.andDo(print())
.andExpect(status().isOk())
.andExpect(model().attribute(LOGIN_PAGE_STATUS_VALUE, LOGIN_PAGE_STATUS_FALSE_INDICATOR));
测试类添加了正确的注释:
Test class has correct annotations added:
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@ContextConfiguration(locations = {"classpath:security-context.xml", "classpath:applicationContext.xml", "classpath:test-contexts/test-context.xml" })
我的过滤器已定义(在 web.xml 中):
My filter is defined (in web.xml):
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
当我尝试在@ContextConfiguration 中添加 web.xml 时它失败了,当我删除它时我得到一个异常:
When I try to add web.xml in @ContextConfiguration it fails, when I remove it I'm getting an Exception:
java.lang.AssertionError: Status expected:<200> but was:<405>
是否有任何方法可以添加 DelegatingProxyFilter 来测试具有在我的 security-context.xml 中定义的配置的上下文以使其工作?我尝试了一些关于注入 FilterProxyChain 的教程,但在我的情况下不起作用.
Is there any way to add DelegatingProxyFilter to test context with configuration defined in my security-context.xml to make it works? I tried few tutorials with injecting FilterProxyChain, but it is not working in my case.
有人可以帮我吗?提前致谢
Can someone help me with that?Thanks in advance
推荐答案
UPDATE:Spring Security 4+ 提供开箱即用的 与 MockMvc 的集成.为了使用它,请确保您使用 apply(springSecurity()) ,如下所示:
UPDATE: Spring Security 4+ provides out of the box integration with MockMvc. In order to use it ensure you use apply(springSecurity()) as shown below:
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration
@WebAppConfiguration
public class MockMvcSecurityTests {
@Autowired
private WebApplicationContext context;
private MockMvc mvc;
@Before
public void setup() {
mvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(springSecurity())
.build();
}
...
}
原答案
我不确定当我尝试在 @ContextConfiguration 中添加 web.xml 时失败"是什么意思,但是,您可以使用 Spring Test MVC 来验证 Spring Security.有一个很好的 spring-test-mvc 项目中概述的示例.
I'm not sure what you mean by "When I try to add web.xml in @ContextConfiguration it fails", however, you can use Spring Test MVC to validate Spring Security. There is a very good example outlined in the spring-test-mvc project.
基本大纲如下所示:
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@ContextConfiguration(locations = {"classpath:security-context.xml", "classpath:applicationContext.xml", "classpath:test-contexts/test-context.xml" })
public class MyTests {
@Autowired
private FilterChainProxy springSecurityFilterChain;
@Autowired
private WebApplicationContext wac;
private MockMvc mockMvc;
@Before
public void setup() {
this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac)
.addFilters(this.springSecurityFilterChain).build();
}
}
这个想法是你@AutowireFilterChainProxy(DelegatingProxyFilter 委托给什么)并指示MockMvc使用FilterChainProxy.
The idea is that you @Autowire the FilterChainProxy (what the DelegatingProxyFilter delegates to) and instruct MockMvc to use the FilterChainProxy.
注意 spring-test-mvc 已集成到 spring-test-3.2+ 和 Spring 3.1.x 的单独项目中,因此您可以相当互换地使用该示例(spring-test-mvc 可以不支持 @WebAppConfiguration,必须使用 WebContextLoader 代替).
NOTE spring-test-mvc is integrated into spring-test-3.2+ and a separate project for Spring 3.1.x, so you can use the example fairly interchangeably (spring-test-mvc does not have support for @WebAppConfiguration and has to use WebContextLoader instead).
这篇关于Spring MVC 与 Spring Security 的集成测试的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!