476rick
Reputation: 2795
RestAssured: How to disable PreAuthorize when
I'm testing an API with RestAssured.
The methods I'm calling are using the next Annotation:
@PreAuthorize("hasAnyRole('ROLE1', 'ROLE2', 'ROLE3')")
My Test class contains an active profile for testing.
For the testing configuration we use a .yaml file.
Is it possible to put something in the .yaml file so we don't need to authorize when running the tests?
Or is there any other way so the PreAuthorize is not active when I'm running tests?
Upvotes: 3
Views: 3354
Answers (1)
Pär Nilsson
Reputation: 2349
You could have a test profile in your code which you then activate when running tests against the code. You can then use the predefined user and password in your tests.
@Configuration
public class TestConfig {
@EnableWebSecurity
@Profile("test")
class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user").password("password").roles("ROLE1", "ROLE2", "ROLE3").build());
return manager;
}
}
}
Upvotes: 1
Related Questions
- @PreAuthorize(permitAll) still requires authentication
- PreAuthorize("isAuthenticated()") not working on RestController
- @PreAuthorize returns 403
- How to disable/ ignore @PreAuthorize in a Spring Boot application
- How to bypass the Spring @PreAuthorize annotation on RestController for tests?
- Disable Basic Authentication(Spring Security) for one request and leave for all any
- Spring @PreAuthorize not working in RestController
- Securing REST API using Spring-security @PreAuthorize annotation and OAuth2
- @PreAuthorize on JpaRepository
- Bypass Spring Security @preauthorize