root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Fix tests to use GET to bypass CsrfFilter

This commit is contained in:
Madhura Bhave 2018-02-16 16:49:38 -08:00
parent 4e61136948
commit 75e82e1b2c
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-boot-integration-tests/spring-boot-security-tests/spring-boot-security-test-web-helloworld/src/test/java/sample/HelloWebSecurityApplicationTests.java
View File

@ -56,6 +56,7 @@ public class HelloWebSecurityApplicationTests {
@Test @Test
public void requiresAuthentication() throws Exception { public void requiresAuthentication() throws Exception {
this.request.setMethod("GET");
this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain); this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
assertThat(this.response.getStatus()) assertThat(this.response.getStatus())
.isEqualTo(HttpServletResponse.SC_UNAUTHORIZED); .isEqualTo(HttpServletResponse.SC_UNAUTHORIZED);
@ -63,6 +64,7 @@ public class HelloWebSecurityApplicationTests {
@Test @Test
public void userAuthenticates() throws Exception { public void userAuthenticates() throws Exception {
this.request.setMethod("GET");
this.request.addHeader("Authorization", this.request.addHeader("Authorization",
"Basic " + new String(Base64.encode("user:password".getBytes("UTF-8")))); "Basic " + new String(Base64.encode("user:password".getBytes("UTF-8"))));