20 Spring Security testing

 

This chapter covers

  • Testing integration with Spring Security configurations for endpoints.
  • Defining mock users for tests.
  • Testing integration with Spring Security for method level security.

The legend says that writing unit and integration tests started with a short verse:

“99 little bugs in the code,

99 little bugs in the code.

Track one down, patch it around,

113 little bugs in the code.”

                                                                Anonymous

With time, software became more complex, and teams became larger. Knowing all the functionalities implemented by others over time became impossible. So, developers needed a way to make sure they don’t break existing functionalities while correcting bugs or implementing new features.

While developing applications, we continuously write tests to validate that the functionalities we implement work as desired. The main reason why we write unit and integration tests is to make sure we don’t break anything when working on new changes. Testing that we don’t break existing functionalities while changing code for fixing a bug or implementing new features is also called regression testing.

20.1  Using mock users for test

20.2  Testing with users from a UserDetailsService

20.3  Using custom Authentication objects for testing

20.4  Testing method security

20.5  Testing authentication

20.6  Testing CSRF configurations

20.7  Testing CORS configurations

20.8  Testing reactive Spring Security implementations

20.9  Summary

sitemap