For a web test, you probably need a *Web*IniSecurityManagerFactory. Regards, Harald
2013/5/2 turja12 <[email protected]> > Hello, > we are using the shiro for user authentication in our Spring project. The > authentication works correctly in our web application and rest requests to > controllers are handled correctly. Currently I am trying to write a Junit > test for testing these controllers, but I always get a back a response that > the user is not authorized. I tried to use sample for junit test from > documentation and it works for me, so I add some code which we were using > previously in our controller Junits, but when I debug the code I can see > that user is not authorized when I am in controller. Does someone have some > experience with integrating these technologies? I was not able to find any > sample, how to use these frameworks together in JUnit. > > I am attaching the junit which I am trying to use. > > @RunWith(SpringJUnit4ClassRunner.class) > @WebAppConfiguration > @ContextConfiguration(locations = > "file:src/main/webapp/WEB-INF/spring-servlet.xml") > public class ExampleShiroIntegrationTest extends AbstractShiroTest { > > @Autowired > protected WebApplicationContext wac; > > protected MockMvc mockMvc; > > protected MockHttpSession mockSession; > @BeforeClass > public static void beforeClass() { > //0. Build and set the SecurityManager used to build Subject > instances used in your tests > // This typically only needs to be done once per class if your > shiro.ini doesn't change, > // otherwise, you'll need to do this logic in each test that is > different > //String initPath = "classpath:shiro/shiroTest.ini"; > Factory<SecurityManager> factory = new > IniSecurityManagerFactory("classpath:shiro/shiroTest.ini"); > setSecurityManager(factory.getInstance()); > } > > @Before > public void setUp() throws Exception > { > mockMvc = MockMvcBuilders.webAppContextSetup(wac).build(); > final Authenticate bean = (Authenticate) > wac.getBean("authenticate"); > > > Subject subjectUnderTest = new > Subject.Builder(getSecurityManager()).buildSubject(); > mockSession = new MockHttpSession(wac.getServletContext(), > subjectUnderTest.getSession().getId().toString()); > //2. Bind the subject to the current thread: > setSubject(subjectUnderTest); > bean.logon("User01", "User01", mockSession.getId()); > } > @Test > public void testSimple5() throws Exception { > > String commandInJSON = "{\"key\":\"value\"}"; > > final MockHttpServletRequestBuilder sendRequestBuilder = > MockMvcRequestBuilders > .post("/rest/send"). > content(commandInJSON). > contentType(new MediaType("application", "json", > Charset.forName("UTF-8"))); > > addViewDefRequestBuilder.session(mockSession); > MvcResult mvcReturn = null; > try > { > mvcReturn = mockMvc.perform(sendRequestBuilder) > .andExpect(status().isOk()) > > .andExpect(content().contentType(RestBaseTest.MEDIA_APP_JSON_UTF8)) > .andDo(print()) > .andReturn(); > } > catch (final Exception e) > { > e.printStackTrace(); > } > > //perform test logic here. Any call to > //SecurityUtils.getSubject() directly (or nested in the > //call stack) will work properly. > } > > If you have any tip how can I correctly bind the spring session with the > authenticated shiro session to make it works, or you see any other possible > problem in this code please let me know. Also if you ware more succesfull > in > searching and you was able to find some tutorial or sample how to > integreate > junit, shiro and spring it can be helpfull for me. Thanks > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Shiro-Spring-Junit-integration-tp7578682.html > Sent from the Shiro User mailing list archive at Nabble.com. >
