You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by turja12 <tu...@ca.com> on 2013/05/02 15:18:15 UTC
Shiro+Spring+Junit integration
Hello,
we are using the shiro for user authentication in our Spring project. The
authentication works correctly in our web application and rest requests to
controllers are handled correctly. Currently I am trying to write a Junit
test for testing these controllers, but I always get a back a response that
the user is not authorized. I tried to use sample for junit test from
documentation and it works for me, so I add some code which we were using
previously in our controller Junits, but when I debug the code I can see
that user is not authorized when I am in controller. Does someone have some
experience with integrating these technologies? I was not able to find any
sample, how to use these frameworks together in JUnit.
I am attaching the junit which I am trying to use.
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@ContextConfiguration(locations =
"file:src/main/webapp/WEB-INF/spring-servlet.xml")
public class ExampleShiroIntegrationTest extends AbstractShiroTest {
@Autowired
protected WebApplicationContext wac;
protected MockMvc mockMvc;
protected MockHttpSession mockSession;
@BeforeClass
public static void beforeClass() {
//0. Build and set the SecurityManager used to build Subject
instances used in your tests
// This typically only needs to be done once per class if your
shiro.ini doesn't change,
// otherwise, you'll need to do this logic in each test that is
different
//String initPath = "classpath:shiro/shiroTest.ini";
Factory<SecurityManager> factory = new
IniSecurityManagerFactory("classpath:shiro/shiroTest.ini");
setSecurityManager(factory.getInstance());
}
@Before
public void setUp() throws Exception
{
mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
final Authenticate bean = (Authenticate)
wac.getBean("authenticate");
Subject subjectUnderTest = new
Subject.Builder(getSecurityManager()).buildSubject();
mockSession = new MockHttpSession(wac.getServletContext(),
subjectUnderTest.getSession().getId().toString());
//2. Bind the subject to the current thread:
setSubject(subjectUnderTest);
bean.logon("User01", "User01", mockSession.getId());
}
@Test
public void testSimple5() throws Exception {
String commandInJSON = "{\"key\":\"value\"}";
final MockHttpServletRequestBuilder sendRequestBuilder =
MockMvcRequestBuilders
.post("/rest/send").
content(commandInJSON).
contentType(new MediaType("application", "json",
Charset.forName("UTF-8")));
addViewDefRequestBuilder.session(mockSession);
MvcResult mvcReturn = null;
try
{
mvcReturn = mockMvc.perform(sendRequestBuilder)
.andExpect(status().isOk())
.andExpect(content().contentType(RestBaseTest.MEDIA_APP_JSON_UTF8))
.andDo(print())
.andReturn();
}
catch (final Exception e)
{
e.printStackTrace();
}
//perform test logic here. Any call to
//SecurityUtils.getSubject() directly (or nested in the
//call stack) will work properly.
}
If you have any tip how can I correctly bind the spring session with the
authenticated shiro session to make it works, or you see any other possible
problem in this code please let me know. Also if you ware more succesfull in
searching and you was able to find some tutorial or sample how to integreate
junit, shiro and spring it can be helpfull for me. Thanks
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-Spring-Junit-integration-tp7578682.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro+Spring+Junit integration
Posted by Harald Wellmann <hw...@gmail.com>.
For a web test, you probably need a *Web*IniSecurityManagerFactory.
Regards,
Harald
2013/5/2 turja12 <tu...@ca.com>
> Hello,
> we are using the shiro for user authentication in our Spring project. The
> authentication works correctly in our web application and rest requests to
> controllers are handled correctly. Currently I am trying to write a Junit
> test for testing these controllers, but I always get a back a response that
> the user is not authorized. I tried to use sample for junit test from
> documentation and it works for me, so I add some code which we were using
> previously in our controller Junits, but when I debug the code I can see
> that user is not authorized when I am in controller. Does someone have some
> experience with integrating these technologies? I was not able to find any
> sample, how to use these frameworks together in JUnit.
>
> I am attaching the junit which I am trying to use.
>
> @RunWith(SpringJUnit4ClassRunner.class)
> @WebAppConfiguration
> @ContextConfiguration(locations =
> "file:src/main/webapp/WEB-INF/spring-servlet.xml")
> public class ExampleShiroIntegrationTest extends AbstractShiroTest {
>
> @Autowired
> protected WebApplicationContext wac;
>
> protected MockMvc mockMvc;
>
> protected MockHttpSession mockSession;
> @BeforeClass
> public static void beforeClass() {
> //0. Build and set the SecurityManager used to build Subject
> instances used in your tests
> // This typically only needs to be done once per class if your
> shiro.ini doesn't change,
> // otherwise, you'll need to do this logic in each test that is
> different
> //String initPath = "classpath:shiro/shiroTest.ini";
> Factory<SecurityManager> factory = new
> IniSecurityManagerFactory("classpath:shiro/shiroTest.ini");
> setSecurityManager(factory.getInstance());
> }
>
> @Before
> public void setUp() throws Exception
> {
> mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
> final Authenticate bean = (Authenticate)
> wac.getBean("authenticate");
>
>
> Subject subjectUnderTest = new
> Subject.Builder(getSecurityManager()).buildSubject();
> mockSession = new MockHttpSession(wac.getServletContext(),
> subjectUnderTest.getSession().getId().toString());
> //2. Bind the subject to the current thread:
> setSubject(subjectUnderTest);
> bean.logon("User01", "User01", mockSession.getId());
> }
> @Test
> public void testSimple5() throws Exception {
>
> String commandInJSON = "{\"key\":\"value\"}";
>
> final MockHttpServletRequestBuilder sendRequestBuilder =
> MockMvcRequestBuilders
> .post("/rest/send").
> content(commandInJSON).
> contentType(new MediaType("application", "json",
> Charset.forName("UTF-8")));
>
> addViewDefRequestBuilder.session(mockSession);
> MvcResult mvcReturn = null;
> try
> {
> mvcReturn = mockMvc.perform(sendRequestBuilder)
> .andExpect(status().isOk())
>
> .andExpect(content().contentType(RestBaseTest.MEDIA_APP_JSON_UTF8))
> .andDo(print())
> .andReturn();
> }
> catch (final Exception e)
> {
> e.printStackTrace();
> }
>
> //perform test logic here. Any call to
> //SecurityUtils.getSubject() directly (or nested in the
> //call stack) will work properly.
> }
>
> If you have any tip how can I correctly bind the spring session with the
> authenticated shiro session to make it works, or you see any other possible
> problem in this code please let me know. Also if you ware more succesfull
> in
> searching and you was able to find some tutorial or sample how to
> integreate
> junit, shiro and spring it can be helpfull for me. Thanks
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Shiro-Spring-Junit-integration-tp7578682.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>