Hello,
I'm using Shiro - Spring integration and it works great on my webapp. I'm
able to restrict users by either using
SecurityUtils.getSubject().isPermitted("something:do")
or @RequiresPermissions({"something:do"}).
The thing is I can't get @RequiresPermissions({"something:do"}) to work
with unit tests. If I use the AbstractShiroTest class shown here (
https://cwiki.apache.org/confluence/display/SHIRO/Testing), my tests work
fine for SecurityUtils.getSubject().isPermitted("something:do"),
but @RequiresPermissions({"something:do"}) is just ignored.
If I load up applicationContext.xml, it works fine, as the annotation
aspect is configured as below:
Spring - Shiro integration is configured on applicationContext.xml as
below:
* <bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">*
* <property name="realm" ref="myRealm"/>*
* <property name="rememberMeManager"><null/></property>*
* </bean>*
* <bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>*
*
*
* <!-- Enable Shiro Annotations for Spring-configured beans. Only run
after -->*
* <!-- the lifecycleBeanProcessor has run: -->*
* <bean
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
*
* depends-on="lifecycleBeanPostProcessor"/>*
* <bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
*
* <property name="securityManager" ref="securityManager"/>*
* </bean>*
Is there a way to "mock" Spring AOP behaviour so that my unit tests don't
need to load Spring context for annotations to work?
Thanks a lot
