Guy Tuberson wrote:
Hi,
Please bare with me I'm new to Hibernate, Spring and Acegi.
I'm using ACEGI to provide the Security framework for my Web Application and I'm having some issues with my Junit tests. I'm trying to load the Spring Application Context in a JUnit test and I'm getting the following errors.
Hi Guy
You should be using TestingAuthenticationToken and have the following setup in your application context:
<!-- This authentication provider accepts any presented TestingAuthenticationToken -->
<bean id="testingAuthenticationProvider" class="net.sf.acegisecurity.providers.TestingAuthenticationProvider"/>
<!-- The authentication manager that iterates through our only authentication provider -->
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="testingAuthenticationProvider"/>
</list>
</property>
</bean>
Having said that, why are you trying to unit test a business object which even has Acegi Security wired in front of it? Typically unit tests should focus on only the business logic - not the integration with such things as security. So I'd recommend you review whether you are even loading Acegi Security beans in a test-related application content.
Of course, sometimes just _need_ to test with security enabled. A good example is say your business object has code like this:
public Account getAccount(Long number) {
Account account = accountDao.getAccount(number);
// Check they have access
Authentication authentication = ((SecureContext) ContextHolder.getContext()).getAuthentication();
if (authentication.getPrincipal().equals("someUser")) {
return account;
} else {
return account.removeSomeProperties();
}
}
In this sort of situation, where your business logic _needs_ Acegi Security, you'd use the TestingAuthenticationProvider. Thus you can setup the Authentication object with whatever username and GrantedAuthority[]s your business logic wants to see. In the above example you'd run a TestingAuthenticationToken with "someUser" as the principal, probably null as the principal, and probably "notSomeUser" as the principal.
HTH Ben
PS: The forums at springframework.org are the best place for user questions, as it helps develop a long-term searchable archive for new users.
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
