20 Spring Security testing

 

This chapter covers

  • Testing integration with Spring Security configurations for endpoints.
  • Defining mock users for tests.
  • Testing integration with Spring Security for method level security.

The legend says that writing unit and integration tests started with a short verse:

“99 little bugs in the code,

99 little bugs in the code.

Track one down, patch it around,

113 little bugs in the code.”

                                                                Anonymous

With time, software became more complex, and teams became larger. Knowing all the functionalities implemented by others over time became impossible. So, developers needed a way to make sure they don’t break existing functionalities while correcting bugs or implementing new features.

While developing applications, we continuously write tests to validate that the functionalities we implement work as desired. The main reason why we write unit and integration tests is to make sure we don’t break anything when working on new changes. Testing that we don’t break existing functionalities while changing code for fixing a bug or implementing new features is also called regression testing.

20.1  Using mock users for test

 

20.2  Testing with users from a UserDetailsService

 
 
 

20.3  Using custom Authentication objects for testing

 
 
 

20.4  Testing method security

 

20.5  Testing authentication

 

20.6  Testing CSRF configurations

 
 
 

20.7  Testing CORS configurations

 
 
 

20.8  Testing reactive Spring Security implementations

 
 
 

20.9  Summary

 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest