java - Spring Boot:禁用 Spring Boot 单元测试的安全性
问题描述
Spring Boot 版本:2.0.4.RELEASE
对于下面的 Spring Boot 测试,测试返回不需要的 401 响应:
“401”状态,“错误”:“未授权”
为测试禁用 Spring Security 的最佳方法是什么?
我尝试添加配置“security.basic.enabled=false”属性,如下所示:
@SpringBootTest(<br>
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,<br>
classes = TestApp.class,<br>
properties = {
"security.basic.enabled=false"
})
并将此注释添加到类中:
@AutoConfigureMockMvc(secure = false)
但不幸的是,测试仍然返回“401”未经授权的错误代码。
原始测试
@RunWith(SpringRunner.class)
@SpringBootTest(
webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
classes = App.class
)
public class ExampleTest{
@Autowired
public void setup(@LocalServerPort int port) {
RestAssured.port = port;
}
@Test
public voidtestMethod() {
// This test code is not important to my question.
given().log().all().get("/resources").then().log().all().statusCode(HttpURLConnection.HTTP_BAD_REQUEST).body("error", equalTo("invalid_request")).body(not(containsString("error_reason")));
}
}
被单元测试的类很简单:
@SpringBootApplication
@RestController
public class App {
@GetMapping("/resources")
public String[] resources(
@RequestParam("mandatory_param") String mandatory,
@RequestParam("valid_param") @NotNull String validParam) {
return new String[]{"1", "2"};
}
...
}
有谁知道如何为测试禁用弹簧安全性?谢谢
解决方案
将两者@SpringBootTest与随机端口一起使用@AutoConfiguration可能是一个问题。你能试一下吗:
@RunWith(SpringRunner.class)
@WebMvcTest(App.class)
@AutoConfigureMockMvc(secure = false)
public class ExampleTest{}
或者
@RunWith(SpringRunner.class)
@SpringBootTest
@EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class, ManagementSecurityAutoConfiguration.class })
public class ExampleTest{}
您可以添加自定义配置文件(integration_test)并制作:
security:
basic:
enabled: false
@RunWith(SpringRunner.class)
@SpringBootTest
@ActiveProfiles(value="integration_test")
public class ExampleTest{}
更新:刚刚在另一个 SO 问题中找到了类似的答案:Disable security for unit tests with spring boot
推荐阅读
- java - 捕获的图像未创建新文件
- c# - 验证以防止路径字符串上升到父文件夹
- sql-server - 如何在 SQL Server 中批量切换注释/取消注释某些行?
- python - Domain in xml odoo 10
- createjs - 如何在 createJS 中绘制任意曲线
- typescript - Can't set Content-Type of Azure Blob
- python - What replaces text.latex.unicode?
- python - Test that a consumer method can raise an exception with Django Channels and pytest-asyncio
- angular - angular 5 - bind full style expression
- spring - BootRun not booting?