如何模拟 Spring SecurityContext 以便我可以将它与 TestNG 一起使用?
我必须构建一个单元测试来测试一些用户操作(当它们经过身份验证时)。
我已经用 EasyMock 和 TestNG 准备好了一切。
但我找不到一种注入 SecurityContextHolderStrategy 的方法(我使用这个接口是为了能够在我的控制器中注入和模拟 SecurityContextHolder,这样我就可以有 2 种不同的设置,一种用于生产,一种用于使用单独的 applicationContext.xml 进行测试)
但是我很难创建一个可以将 SecurityContextHolderStrategy 与正确的设置相匹配的 bean(在测试空上下文中并在产品中注入真实的上下文)。
谁能帮助我吗?
这是控制器的代码示例。
@Controller
@RequestMapping("/topic/**")
public class TopicController {
@Autowired
PostRepository postRepo;
@Autowired
TopicRepository top;
@Autowired
PersonRepository per;
@Autowired
ProductRepository pro;
@Autowired
TopicControllerHelper topHelper;
@Autowired
SecurityContextHolderStrategy securityContext;
@RequestMapping(value="/topic/{topicId}", method=RequestMethod.GET)
public ModelAndView showPage(@PathVariable("topicId") int id){
ModelAndView model = new ModelAndView("/topic");
Topic topic = top.findTopicByID((long) id);
model.addObject("topic",topic);
Post post = new Post();
post.setPerson(topic.getPerson());
post.setTopic(topic);
model.addObject("post",post);
model.addObject("logged",securityContext.getContext().getAuthentication().getName());
return model;
}
我的 testApplicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:sec="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd">
<context:spring-configured />
<context:component-scan base-package="br.com.gsc" />
<tx:annotation-driven mode="aspectj" transaction-manager="transactionManager"/>
<!-- <tx:annotation-driven transaction-manager="transactionManager"/> -->
<mvc:annotation-driven />
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceUnitName" value="gscTest" />
</bean>
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
<bean id="securityContext" class="org.springframework.security.core.context.SecurityContextHolderStrategy">
我在这里迷路了!测试和生产中应该包含什么 使 Context 在每个 .xml 中工作?
</bean>
<!-- <bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles2.TilesConfigurer"
p:definitions="/WEB-INF/tiles-defs.xml" /> -->
</beans>
I have to build a Unit test to test some user actions, when they are authenticated.
I have everything in place with EasyMock and TestNG.
But I cannot find a way to inject a SecurityContextHolderStrategy (I am using this interface in order to be able to inject and mock SecurityContextHolder in my Controller so I can have 2 different setups one for production and one for testing using separated applicationContext.xml)
But I am having a hard time creating a bean that can match SecurityContextHolderStrategy with the proper settings ( in Test a empty context and in prod inject the real one).
Can anyone help me ?
here is a code sample of the Controller.
@Controller
@RequestMapping("/topic/**")
public class TopicController {
@Autowired
PostRepository postRepo;
@Autowired
TopicRepository top;
@Autowired
PersonRepository per;
@Autowired
ProductRepository pro;
@Autowired
TopicControllerHelper topHelper;
@Autowired
SecurityContextHolderStrategy securityContext;
@RequestMapping(value="/topic/{topicId}", method=RequestMethod.GET)
public ModelAndView showPage(@PathVariable("topicId") int id){
ModelAndView model = new ModelAndView("/topic");
Topic topic = top.findTopicByID((long) id);
model.addObject("topic",topic);
Post post = new Post();
post.setPerson(topic.getPerson());
post.setTopic(topic);
model.addObject("post",post);
model.addObject("logged",securityContext.getContext().getAuthentication().getName());
return model;
}
And my testApplicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:sec="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd">
<context:spring-configured />
<context:component-scan base-package="br.com.gsc" />
<tx:annotation-driven mode="aspectj" transaction-manager="transactionManager"/>
<!-- <tx:annotation-driven transaction-manager="transactionManager"/> -->
<mvc:annotation-driven />
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceUnitName" value="gscTest" />
</bean>
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
<bean id="securityContext" class="org.springframework.security.core.context.SecurityContextHolderStrategy">
I am lost at here !!! WHAT should be here in Test and Production
to make the Context work in each .xml ?
</bean>
<!-- <bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles2.TilesConfigurer"
p:definitions="/WEB-INF/tiles-defs.xml" /> -->
</beans>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我意识到这不是对您问题的直接答案,但您是否考虑过使用 Powermock 来模拟静态 SecurityContextHolder.getSecurityContext() 方法?
I realize this isn't a straight answer to your question but have you thought of using Powermock to mock the static SecurityContextHolder.getSecurityContext() method?
创建一个带有可以模拟的接口的单独 bean,并让该 bean 从静态上下文中读取身份验证。如果您有一个用户对象,它甚至可以返回用户而不是名称。
Create a separate bean with interface that you can mock and let that bean read the Authentication from the static context. If you have a user object, it could even return a user rather than a name.