这里有我的控制器方法:
@PreAuthorize("principal == '" + EspaiDocConstants.BO_COMPONENT_APP + "'")
public void ingestAudits() {
// Do something
}
如您所见,它受到保护@PreAuthorize("principal == '" + EspaiDocConstants.BO_COMPONENT_APP + "'")
这是我的测试代码:
@WithMockUser(username=EspaiDocConstants.BO_COMPONENT_APP)
@Test
public void test() throws IOException, NoSuchAlgorithmException {
this.controller.ingestAudits();
}
不过,我收到了这个异常消息:
DigestAuditsTest.test:91 » AccessDenied 访问被拒绝
编辑
为了填充主体,我使用了自定义过滤器:
public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
@Override
protected void doFilterInternal(
HttpServletRequest req,
HttpServletResponse res,
FilterChain chain
) throws IOException, ServletException {
String user = Jwts.parser().setSigningKey(SECRET)
.parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
.getBody().getSubject();
SecurityContextHolder.getContext()
.setAuthentication(
new UsernamePasswordAuthenticationToken(user, null)
);
chain.doFilter(req, res);
}
}
所以,principal是一个String包含用户。
除此之外,我现在无法更改此代码,我想知道如何"String user"使用@WithMockUser.