@Bean(SPRING_SECURITY_WEBFILTERCHAINFILTER_BEAN_NAME) @Order(value = WEB_FILTER_CHAIN_FILTER_ORDER) public WebFilterChainProxy springSecurityWebFilterChainFilter() { return new WebFilterChainProxy(getSecurityWebFilterChains()); }
private WebTestClient buildClient() { WebFilterChainProxy springSecurityFilterChain = new WebFilterChainProxy( this.http.build()); return WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build(); }
@Bean(SPRING_SECURITY_WEBFILTERCHAINFILTER_BEAN_NAME) @Order(value = WEB_FILTER_CHAIN_FILTER_ORDER) public WebFilterChainProxy springSecurityWebFilterChainFilter() { return new WebFilterChainProxy(getSecurityWebFilterChains()); }
@Test public void buildWhenServerWebExchangeFromContextThenFound() { SecurityWebFilterChain filter = this.http.build(); WebTestClient client = WebTestClient.bindToController(new SubscriberContextController()) .webFilter(new WebFilterChainProxy(filter)) .build(); client.get().uri("/foo/bar") .exchange() .expectBody(String.class).isEqualTo("/foo/bar"); }
@Test public void defaultFormLoginRequestCache() { SecurityWebFilterChain securityWebFilter = this.http .authorizeExchange() .anyExchange().authenticated() .and() .formLogin().and() .build(); WebTestClient webTestClient = WebTestClient .bindToController(new SecuredPageController(), new WebTestClientBuilder.Http200RestController()) .webFilter(new WebFilterChainProxy(securityWebFilter)) .build(); WebDriver driver = WebTestClientHtmlUnitDriverBuilder .webTestClientSetup(webTestClient) .build(); DefaultLoginPage loginPage = SecuredPage.to(driver, DefaultLoginPage.class) .assertAt(); SecuredPage securedPage = loginPage.loginForm() .username("user") .password("password") .submit(SecuredPage.class); securedPage.assertAt(); }
@Test public void customLoginPage() { SecurityWebFilterChain securityWebFilter = this.http .authorizeExchange() .pathMatchers("/login").permitAll() .anyExchange().authenticated() .and() .formLogin() .loginPage("/login") .and() .build(); WebTestClient webTestClient = WebTestClient .bindToController(new CustomLoginPageController(), new WebTestClientBuilder.Http200RestController()) .webFilter(new WebFilterChainProxy(securityWebFilter)) .build(); WebDriver driver = WebTestClientHtmlUnitDriverBuilder .webTestClientSetup(webTestClient) .build(); CustomLoginPage loginPage = HomePage.to(driver, CustomLoginPage.class) .assertAt(); HomePage homePage = loginPage.loginForm() .username("user") .password("password") .submit(HomePage.class); homePage.assertAt(); }
@Test public void requestCacheNoOp() { SecurityWebFilterChain securityWebFilter = this.http .authorizeExchange() .anyExchange().authenticated() .and() .formLogin().and() .requestCache() .requestCache(NoOpServerRequestCache.getInstance()) .and() .build(); WebTestClient webTestClient = WebTestClient .bindToController(new SecuredPageController(), new WebTestClientBuilder.Http200RestController()) .webFilter(new WebFilterChainProxy(securityWebFilter)) .build(); WebDriver driver = WebTestClientHtmlUnitDriverBuilder .webTestClientSetup(webTestClient) .build(); DefaultLoginPage loginPage = SecuredPage.to(driver, DefaultLoginPage.class) .assertAt(); HomePage securedPage = loginPage.loginForm() .username("user") .password("password") .submit(HomePage.class); securedPage.assertAt(); }
@Bean(SPRING_SECURITY_WEBFILTERCHAINFILTER_BEAN_NAME) @Order(value = WEB_FILTER_CHAIN_FILTER_ORDER) public WebFilterChainProxy springSecurityWebFilterChainFilter() { return new WebFilterChainProxy(getSecurityWebFilterChains()); }
private WebFilterChainProxy postProcess(WebFilterChainProxy existing) { ServerWebExchangeMatcher cloudFoundryRequestMatcher = ServerWebExchangeMatchers .pathMatchers("/cloudfoundryapplication/**"); WebFilter noOpFilter = (exchange, chain) -> chain.filter(exchange); MatcherSecurityWebFilterChain ignoredRequestFilterChain = new MatcherSecurityWebFilterChain( cloudFoundryRequestMatcher, Collections.singletonList(noOpFilter)); MatcherSecurityWebFilterChain allRequestsFilterChain = new MatcherSecurityWebFilterChain( ServerWebExchangeMatchers.anyExchange(), Collections.singletonList(existing)); return new WebFilterChainProxy(ignoredRequestFilterChain, allRequestsFilterChain); }