Reputation: 590
Is there a way to unit test the use of the authorize tag provided by Spring Security? The MockMvc integration does not go far enough to do that, as I can only seem to check for the forwarded/redirected URL but not the content of the URL.
The work I am doing involves writing custom SpEL expressions and it would be great to check that they work on real sec:authorize
usages! Right now I am confined to testing that the basic call to these expressions are working outside the scope of the JSP pages (specifically using the access
attribute in the intercept-url
element)
Upvotes: 1
Views: 89
Reputation: 21720
Unfortunately, JSPs don't work in unit testing since they need to be compiled by the servlet container. I would recommend using something that works without the container (i.e. Thymeleaf) since you can easily render your response in these instances.
If you use a technology that can render outside of the container, then you can leverage the HtmlUnit MockMvc integration found in Spring Framework 4.2+. If you are on an older version of Spring Framework and cannot upgrade, you can use Spring Test HtmlUnit.
NOTE Spring Test HtmlUnit is now only maintained as part of Spring Framework 4.2+ and not as a distinct project.
If you really must use JSPs, it will likely be somewhat painful. However, there is a pretty decent github project that lists some mechanisms for unit testing JSPs. Out of the options JspTest seems the most promising (but still quite dated).
If you are feeling ambitious it would be quite interesting to see if you could provide a hook with Jasper (Tomcat's JSP compiler) to work with MockMvc.
Upvotes: 1