Robert Brown Iii

Greenhorn
+ Follow
since Nov 22, 2019
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Robert Brown Iii

I have created a Microservice using TDD with Spring Boot, and I have just enabled Spring Security in the application. As expected, the tests I currently have no longer pass.

One thing I would like to do is disable security for the tests I currently have so that they can pass (since I am testing functionality, not the security). My plan is to create more tests that will exercise the security mechanisms that I will develop.

Looking at references in books and online (including questions answered in Stack Overflow) I learned about two methods to disable security in tests:



and


Both of these settings were identified in various Stack Overflow answers as being deprecated, but I tried them anyway.

Unfortunately, they didn't work. Apparently, in Version 2.2.1 of Spring Boot (the version I am using) secure isn't just deprecated, it is gone. Tests with the annotations using the "secure = false" parameter do not compile.

I did try setting a default user and password and using @WithMockUser, but the tests I have still break because Spring Security insists upon sending up the login page to tests that are specifically designed to only test the API. The only way I see to keep them working properly (without having to rewrite my entire test suite!) is to disable security for those specific tests. I want to be able to retain those tests that check the Controller's API and services, while writing new tests that engage with the security mechanisms.

Does Spring Boot still support a mechanism for disabling security for specific tests? If so, what is that mechanism?
2 weeks ago