Spring Boot 1.4 testing with Security enabled?

Spring Security provides a @WithMockUser annotation that can be used to indicate that a test should be run as a particular user:

@Test
@WithMockUser(username = "test", password = "test", roles = "USER")
public void withMockUser() throws Exception {
    this.mockMvc.perform(get("/")).andExpect(status().isOk());
}

Alternatively, if you're using basic authentication, you could send the required Authorization header:

@Test
public void basicAuth() throws Exception {
    this.mockMvc
            .perform(get("/").header(HttpHeaders.AUTHORIZATION,
                    "Basic " + Base64Utils.encodeToString("user:secret".getBytes())))
            .andExpect(status().isOk());
}

As an alternative to the previous answer, it's possible to use the following:

@Test
public void basicAuth() throws Exception {
    this.mockMvc
            .perform(get("/")
                .with(SecurityMockMvcRequestPostProcessors.httpBasic("user", "secret"))
            )
            .andExpect(status().isOk());
}

since it will generate the same header:

Headers = [Content-Type:"...", Authorization:"Basic dXNlcjpzZWNyZXQ="]

Spring Boot 1.4 testing with Security enabled?

Tags:

Spring

Spring Mvc

Spring Security

Spring Boot

Spring Test Mvc

Related

Recent Posts