I have enabled security for my application, and these protected resources cannot be accessed unless the user is logged in.
However, I need to run multiple tests inside my java application. I wonder whether it is possible to login to my application from login-page ( ), use its session-id, and gain the authenticated object for my tests ( )? )登录到我的应用程序,使用其会话ID,并为我的测试( )获取经过身份验证的对象?
If it helps, I am using spring security.
I am looking for the general idea, if it takes time to explain how to do it.
Spring Security's Authentication has a handle on the current user's principal and authorized roles. It can be accessed using:
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Spring's RequestAttributes has a handle on the current session id. It can be accessed using:
RequestAttributes attributes = RequestContextHolder.getRequestAttributes();
String sessionId = attributes.getSessionId();
This works provided the RequestContextFilter has been configured in web.xml.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.