Spring Security Testing With JUnit
11-02-2016Maven Dependencies
<dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> <version>4.1.4.RELEASE</version> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> <version>4.0.0.RELEASE</version> <scope>test</scope> </dependency>
Notice that, above dependencies will be used when test phase because we set dependency's scope as test
Example
@RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration(locations = { "classpath:/applicationContext.xml", "classpath:/mvc-dispatcher-servlet.xml", "classpath:/spring-security.xml"}) @WebAppConfiguration public class SpringSecurityTest { private MockMvc mockMvc; @Autowired private WebApplicationContext wac; private MockMultipartFile file; @Before public void setup() throws Exception { this.mockMvc = MockMvcBuilders .webAppContextSetup(wac) .apply(springSecurity()).build(); initMockMultipartFile(); } private void initMockMultipartFile() throws IOException { File thisClassFile = new File("C:\test.txt"); file = new MockMultipartFile("file[]", thisClassFile.getName(), "text/plain",IOUtils.toByteArray(new FileInputStream(thisClassFile))); } @Test public void testFormLoginWithWrongPassword() throws Exception { Map<String, Object> sessionAttrs = new HashMap<String, Object>(); sessionAttrs.put("rand1", "5"); sessionAttrs.put("rand2", "5"); mockMvc.perform(post("/admin/login") .param("username", "myuce") .param("password", "test") .param("captcha", "10") .with(csrf()) .sessionAttrs(sessionAttrs)) .andExpect(status().isFound()) .andExpect(redirectedUrl("/admin/index?error=true")); } @Test public void testAdminLogout() throws Exception { mockMvc.perform(logout("/yonetim/logout")); } @Test @WithMockUser(username = "myuce", roles = {"USER", "ADMIN"}) public void testFileUpload() throws Exception { mockMvc.perform(MockMvcRequestBuilders.fileUpload("/admin/home/file-upload") .file(file) .with(csrf())) .andExpect(status().is(200)) .andDo(print()) .andExpect(content().string("success")); } @Test public void loginAuthenticationToken() throws Exception { assertNotNull(getToken()); } @Test public void testSendMailWithoutToken() throws Exception { assertEquals(401, sendMail(null).getStatus()); } @Test public void testSendMail() throws Exception { String token = getToken(); assertNotNull(token); MockHttpServletResponse response = sendMail(token); assertEquals(200, response.getStatus()); assertEquals("true", response.getContentAsString()); } private String getToken() throws Exception { return getClientLoginHttpResponse().getHeader("token"); } private MockHttpServletResponse getClientLoginHttpResponse() throws Exception { return mockMvc.perform(post("/login") .param("username", "myuce") .param("password", "19871987")) .andExpect(status().isOk()) .andDo(print()) .andReturn() .getResponse(); } private MockHttpServletResponse sendMail(String token) throws Exception { return mockMvc.perform(MockMvcRequestBuilders.fileUpload("/send-mail") .file(file) .param("token", token) .param("to", "test@gmail.com") .param("title", "ŞÖMSDLFMSD") .param("content", "sfşmsdfa")) .andReturn() .getResponse(); } }
For more information https://spring.io/blog/2014/05/07/preview-spring-security-test-method-security