• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Junilu Lacar
  • Martin Vashko
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Scott Selikoff
  • salvin francis
  • Piet Souris

How to turn off Spring Security for specific JUnit tests

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have created a Microservice using TDD with Spring Boot, and I have just enabled Spring Security in the application. As expected, the tests I currently have no longer pass.

One thing I would like to do is disable security for the tests I currently have so that they can pass (since I am testing functionality, not the security). My plan is to create more tests that will exercise the security mechanisms that I will develop.

Looking at references in books and online (including questions answered in Stack Overflow) I learned about two methods to disable security in tests:



and


Both of these settings were identified in various Stack Overflow answers as being deprecated, but I tried them anyway.

Unfortunately, they didn't work. Apparently, in Version 2.2.1 of Spring Boot (the version I am using) secure isn't just deprecated, it is gone. Tests with the annotations using the "secure = false" parameter do not compile.

I did try setting a default user and password and using @WithMockUser, but the tests I have still break because Spring Security insists upon sending up the login page to tests that are specifically designed to only test the API. The only way I see to keep them working properly (without having to rewrite my entire test suite!) is to disable security for those specific tests. I want to be able to retain those tests that check the Controller's API and services, while writing new tests that engage with the security mechanisms.

Does Spring Boot still support a mechanism for disabling security for specific tests? If so, what is that mechanism?
 
To do a great right, do a little wrong - shakepeare. twisted little ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!