root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix test.adoc typo

This commit is contained in:
stonio 2016-11-10 16:03:46 +01:00 committed by Rob Winch
parent c8ed130008
commit 6df5b76f24
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/manual/src/docs/asciidoc/_includes/test.adoc
View File

@ -11,7 +11,7 @@ To use the Spring Security test support, you must include `spring-security-test-
[[test-method]] [[test-method]]
== Testing Method Security == Testing Method Security
This section demonstrates how to use Spring Security's Test support to test method based security. This section demonstrates how to use Spring Security's Test support to test method based security.
We first introduce a `MessageService` that requires the user to be authenticated in order to access it. We first introduce a `MessageService` that requires the user to be authenticated in order to access it.
[source,java] [source,java]
@ -49,10 +49,10 @@ public class WithMockUserTests {
This is a basic example of how to setup Spring Security Test. The highlights are: This is a basic example of how to setup Spring Security Test. The highlights are:
<1> `@RunWith` instructs the spring-test module that it should create an ApplicationContext This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#integration-testing-annotations-standard[Spring Reference] <1> `@RunWith` instructs the spring-test module that it should create an `ApplicationContext`. This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#integration-testing-annotations-standard[Spring Reference]
<2> `@ContextConfiguration` instructs the spring-test the configuration to use to create the `ApplicationContext`. Since no configuration is specified, the default configuration locations will be tried. This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#testcontext-ctx-management[Spring Reference] <2> `@ContextConfiguration` instructs the spring-test the configuration to use to create the `ApplicationContext`. Since no configuration is specified, the default configuration locations will be tried. This is no different than using the existing Spring Test support. For additional information, refer to the http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/#testcontext-ctx-management[Spring Reference]
NOTE: Spring Security hooks into Spring Test support using the `WithSecurityContextTestExecutionListener` which will ensure our tests are ran with the correct user. NOTE: Spring Security hooks into Spring Test support using the `WithSecurityContextTestExecutionListener` which will ensure our tests are ran with the correct user.
It does this by populating the `SecurityContextHolder` prior to running our tests. It does this by populating the `SecurityContextHolder` prior to running our tests.
After the test is done, it will clear out the `SecurityContextHolder`. After the test is done, it will clear out the `SecurityContextHolder`.
If you only need Spring Security related support, you can replace `@ContextConfiguration` with `@SecurityTestExecutionListeners`. If you only need Spring Security related support, you can replace `@ContextConfiguration` with `@SecurityTestExecutionListeners`.
@ -73,7 +73,7 @@ public void getMessageUnauthenticated() {
The question is "How could we most easily run the test as a specific user?" The question is "How could we most easily run the test as a specific user?"
The answer is to use `@WithMockUser`. The answer is to use `@WithMockUser`.
The following test will be ran as a user with the username "user", the password "password", and the roles "ROLE_USER". The following test will be run as a user with the username "user", the password "password", and the roles "ROLE_USER".
[source,java] [source,java]
---- ----
@ -291,7 +291,7 @@ final class WithUserDetailsSecurityContextFactory
public SecurityContext createSecurityContext(WithUserDetails withUser) { public SecurityContext createSecurityContext(WithUserDetails withUser) {
String username = withUser.value(); String username = withUser.value();
Assert.hasLength(username, "value() must be non empty String"); Assert.hasLength(username, "value() must be non-empty String");
UserDetails principal = userDetailsService.loadUserByUsername(username); UserDetails principal = userDetailsService.loadUserByUsername(username);
Authentication authentication = new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), principal.getAuthorities()); Authentication authentication = new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), principal.getAuthorities());
SecurityContext context = SecurityContextHolder.createEmptyContext(); SecurityContext context = SecurityContextHolder.createEmptyContext();
@ -386,7 +386,7 @@ import static org.springframework.security.test.web.servlet.request.SecurityMock
[[test-mockmvc-csrf]] [[test-mockmvc-csrf]]
==== Testing with CSRF Protection ==== Testing with CSRF Protection
When testing any non safe HTTP methods and using Spring Security's CSRF protection, you must be sure to include a valid CSRF Token in the request. When testing any non-safe HTTP methods and using Spring Security's CSRF protection, you must be sure to include a valid CSRF Token in the request.
To specify a valid CSRF token as a request parameter using the following: To specify a valid CSRF token as a request parameter using the following:
[source,java] [source,java]