Skip to main content

Return to Answer

minor text edits
Source Link
Fausto Carvalho Marques Silva
Fausto Carvalho Marques Silva
  • 1.7k
  • 4
  • 17
  • 32

For my applications i have been using a conbination of MockUser annotation with a MockMvc bean. MockUser is able to populate Spring SecurityContext with a user and his principal, which includes his User object and GrantedAuthority (aka ROLEs). With this you can test your controllers without needing to create any token. IsIt is easier and more decoupled from your autthentication process.

Like this:

@Test
@WithMockUser("admin")  
void testAuthorize() throws Exception {
    this.mockMvc.perform(get("/objects")).andExpect(status().isOk());
}

In Spring docs you can read more about. And you also have @WithAnonymousUser, to simulate anonnymouser, @WithUserDetails to put a custom UserDetailsService.

For my applications i have been using a conbination of MockUser annotation with a MockMvc bean. MockUser is able to populate Spring SecurityContext with a user and his principal, which includes his User object and GrantedAuthority (aka ROLEs). With this you can test your controllers without needing to create any token. Is easier and more decoupled from your autthentication process.

Like this:

@Test
@WithMockUser("admin")  
void testAuthorize() throws Exception {
    this.mockMvc.perform(get("/objects")).andExpect(status().isOk());
}

In Spring docs you can read more about. And you also have @WithAnonymousUser, to simulate anonnymouser, @WithUserDetails to put a custom UserDetailsService.

For my applications i have been using a conbination of MockUser annotation with a MockMvc bean. MockUser is able to populate Spring SecurityContext with a user and his principal, which includes his User object and GrantedAuthority (aka ROLEs). With this you can test your controllers without needing to create any token. It is easier and more decoupled from your autthentication process.

Like this:

@Test
@WithMockUser("admin")  
void testAuthorize() throws Exception {
    this.mockMvc.perform(get("/objects")).andExpect(status().isOk());
}

In Spring docs you can read more about. And you also have @WithAnonymousUser, to simulate anonnymouser, @WithUserDetails to put a custom UserDetailsService.

Source Link
Fausto Carvalho Marques Silva
Fausto Carvalho Marques Silva
  • 1.7k
  • 4
  • 17
  • 32

For my applications i have been using a conbination of MockUser annotation with a MockMvc bean. MockUser is able to populate Spring SecurityContext with a user and his principal, which includes his User object and GrantedAuthority (aka ROLEs). With this you can test your controllers without needing to create any token. Is easier and more decoupled from your autthentication process.

Like this:

@Test
@WithMockUser("admin")  
void testAuthorize() throws Exception {
    this.mockMvc.perform(get("/objects")).andExpect(status().isOk());
}

In Spring docs you can read more about. And you also have @WithAnonymousUser, to simulate anonnymouser, @WithUserDetails to put a custom UserDetailsService.