Package org.springframework.security.web

Examples of org.springframework.security.web.FilterInvocation

42
43
44
45
46
47
48
    @Test
    public void abstainsIfNoAttributeFound() {
        WebExpressionVoter voter = new WebExpressionVoter();
        assertEquals(AccessDecisionVoter.ACCESS_ABSTAIN,
                voter.vote(user, new FilterInvocation("/path", "GET"), SecurityConfig.createList("A", "B", "C")));
    }
View Full Code Here
52
53
54
55
56
57
58
59
60
61
62
        WebExpressionVoter voter = new WebExpressionVoter();
        Expression ex = mock(Expression.class);
        WebExpressionConfigAttribute weca = new WebExpressionConfigAttribute(ex);
        EvaluationContext ctx = mock(EvaluationContext.class);
        SecurityExpressionHandler eh = mock(SecurityExpressionHandler.class);
        FilterInvocation fi = new FilterInvocation("/path", "GET");
        voter.setExpressionHandler(eh);
        when(eh.createEvaluationContext(user, fi)).thenReturn(ctx);
        when(ex.getValue(ctx, Boolean.class)).thenReturn(Boolean.TRUE).thenReturn(Boolean.FALSE);
        ArrayList attributes = new ArrayList();
        attributes.addAll(SecurityConfig.createList("A","B","C"));
View Full Code Here
51
52
53
54
55
56
57
58
59
    @Test
    public void lookupNotRequiringExactMatchSucceedsIfNotMatching() {
        createFids("/secure/super/**", null);

        FilterInvocation fi = createFilterInvocation("/SeCuRE/super/somefile.html", null, null, null);

        assertEquals(def, fids.getAttributes(fi));
    }
View Full Code Here
63
64
65
66
67
68
69
70
71
72
     */
    @Test
    public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() {
        createFids("/SeCuRE/super/**", null);

        FilterInvocation fi = createFilterInvocation("/secure", "/super/somefile.html", null, null);

        Collection<ConfigAttribute> response = fids.getAttributes(fi);
        assertEquals(def, response);
    }
View Full Code Here
73
74
75
76
77
78
79
80
81
82
    @Test
    public void lookupRequiringExactMatchIsSuccessful() {
        createFids("/SeCurE/super/**", null);

        FilterInvocation fi = createFilterInvocation("/SeCurE/super/somefile.html", null, null, null);

        Collection<ConfigAttribute> response = fids.getAttributes(fi);
        assertEquals(def, response);
    }
View Full Code Here
83
84
85
86
87
88
89
90
91
92
    @Test
    public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() {
        createFids("/someAdminPage.html**", null);

        FilterInvocation fi = createFilterInvocation("/someAdminPage.html", null, "a=/test", null);

        Collection<ConfigAttribute> response = fids.getAttributes(fi);
        assertEquals(def, response); // see SEC-161 (it should truncate after ? sign)
    }
View Full Code Here
98
99
100
101
102
103
104
105
106
    @Test
    public void httpMethodLookupSucceeds() {
        createFids("/somepage**", "GET");

        FilterInvocation fi = createFilterInvocation("/somepage", null, null, "GET");
        Collection<ConfigAttribute> attrs = fids.getAttributes(fi);
        assertEquals(def, attrs);
    }
View Full Code Here
107
108
109
110
111
112
113
114
115
    @Test
    public void generalMatchIsUsedIfNoMethodSpecificMatchExists() {
        createFids("/somepage**", null);

        FilterInvocation fi = createFilterInvocation("/somepage", null, null, "GET");
        Collection<ConfigAttribute> attrs = fids.getAttributes(fi);
        assertEquals(def, attrs);
    }
View Full Code Here
116
117
118
119
120
121
122
123
124
    @Test
    public void requestWithDifferentHttpMethodDoesntMatch() {
        createFids("/somepage**", "GET");

        FilterInvocation fi = createFilterInvocation("/somepage", null, null, "POST");
        Collection<ConfigAttribute> attrs = fids.getAttributes(fi);
        assertNull(attrs);
    }
View Full Code Here
132
133
134
135
136
137
138
139
140
        requestMap.put(new AntPathRequestMatcher("/user/**", null), userAttrs);
        requestMap.put(new AntPathRequestMatcher("/teller/**", "GET"),  SecurityConfig.createList("B"));
        fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);

        FilterInvocation fi = createFilterInvocation("/user", null, null, "GET");
        Collection<ConfigAttribute> attrs = fids.getAttributes(fi);
        assertEquals(userAttrs, attrs);
    }
View Full Code Here
TOP

Related Classes of org.springframework.security.web.FilterInvocation

  • com.example.bookstore.web.security.BookstoreSecurityFlowExecutionListener
  • com.gcrm.security.SecurityFilter
  • com.gtp.security.MySecureResourceFilter
  • com.gtp.security.MySecurityMetadaSource
  • com.iisigroup.cap.security.vote.CapPermissionVoter
  • com.lanyuan.security.MySecurityFilter
  • com.loc.security.MySecurityFilter
  • com.pe.pgn.clubpgn.security.MyFilterSecurityInterceptor
  • doan.thymeleaf.demo.security.SecurityInterceptor
  • grails.plugin.springsecurity.web.access.GrailsWebInvocationPrivilegeEvaluator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.