You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I wanted to try new security MVC-based tests with WithMockUser annotation in my projects, but I couldn't make it work by following the examples from this repo (and the corresponding blog post). To disentangle my mistakes from spring security 4.0 code I tried to clone and run tests in this repo directly (using maven, gradle, using different versions of spring-security 4 etc) but I see kind of the same errors as I see in my project (but its hard to tell for sure).
Looks like that tests that involve MockMvcBuilders and WithMockUser do not bypass security. According to my understanding "WithMockUser" is supposed to put the Principal into the app so that login page is not even triggered. Is this correct?
For example, MockMvcHtmlUnitCreateMessageTest fails with
ElementNotFoundException at the line:
HtmlForm form = createMsgFormPage.getHtmlElementById("messageForm");
I see suspicious log messages during the tests
12:03:42.785 [main] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
The text was updated successfully, but these errors were encountered:
Hello,
I wanted to try new security MVC-based tests with WithMockUser annotation in my projects, but I couldn't make it work by following the examples from this repo (and the corresponding blog post). To disentangle my mistakes from spring security 4.0 code I tried to clone and run tests in this repo directly (using maven, gradle, using different versions of spring-security 4 etc) but I see kind of the same errors as I see in my project (but its hard to tell for sure).
Looks like that tests that involve MockMvcBuilders and WithMockUser do not bypass security. According to my understanding "WithMockUser" is supposed to put the Principal into the app so that login page is not even triggered. Is this correct?
For example, MockMvcHtmlUnitCreateMessageTest fails with
ElementNotFoundException at the line:
HtmlForm form = createMsgFormPage.getHtmlElementById("messageForm");
I see suspicious log messages during the tests
12:03:42.785 [main] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
The text was updated successfully, but these errors were encountered: