JUnit测试与弹簧安全

我想测试，我没有被授权这样做。这里我的代码：JUnit测试与弹簧安全

/* imports */ 

@RunWith(SpringRunner.class) 
@SpringBootTest(classes = Application.class) 
@WebAppConfiguration 
public class AuthenticationTest { 

private UsernamePasswordAuthenticationToken authentication; 

@Autowired 
private AuthenticationManager authManager; 

    public void before() throws Exception { 
     this.authentication = new UsernamePasswordAuthenticationToken("username", "password"); 
     SecurityContextHolder.getContext().setAuthentication(manager.authenticate(authentication)); 

    } 

    @Test(expected = AccessDeniedException.class) 
    public void postExperience() throws Exception { 
     ExperienceEntity experience = new ExperienceEntity(); 
     experience.setExperience("Test"); 
     experience.setExperienceEng("Test"); 

     mockMvc.perform(
        post(URL_EXPERIENCES).principal(authentication).content(json(experience)).contentType(CONTENT_TYPE)) 
        .andExpect(status().isForbidden()); 
     }

错误日志：

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied

我不明白为什么这个测试不工作。我收到了这些我期望的错误。

来源

2017-08-25 Paddy3108

它看起来像异常类型的问题。您期待AccessDeniedException，但将其封装在NestedServletException。为了让你的测试成功，你可以做到这一点，像这样：

try { 
    mockMvc.perform(post(URL_EXPERIENCES).principal(authentication) 
     .content(json(experience)).contentType(CONTENT_TYPE)) 
     .andExpect(status().isForbidden()); 
    Assert.fail(); 
} catch (Exception e) { 
    Assert.assertTrue(e.getCause() instanceof AccessDeniedException); 
}

从你@Test注释删除expected财产。希望它有帮助！

来源

2017-08-25 06:34:18

谢谢。有用！ – Paddy3108

JUnit测试与弹簧安全

回答

相关问题