@Test public void shouldContinueFilterChainWhenUserHasRequiredRole() throws ServletException, IOException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithRequiredRole("roleB"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithAvailableRoles("roleA", "roleB", "roleC"); final HttpServletResponse response = mockResponse(); final FilterChain filterChain = mockFilterChain(); // when filter.doFilterInternal(request, response, filterChain); // then verify(filterChain).doFilter(request, response); verifyZeroInteractions(response); }
@Test public void shouldRejectUserThatHasNotRequiredRole() throws ServletException, IOException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithRequiredRole("roleX"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithAvailableRoles("roleA", "roleB"); final HttpServletResponse response = mockResponse(); final FilterChain filterChain = mockFilterChain(); // when filter.doFilterInternal(request, response, filterChain); // then verifyZeroInteractions(filterChain); verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); }