Daniel Washusen wrote:
Yeah, after stuffing around a little more I realised it's something to do with the authentication call I'm making.
I get the error in my JUnit test but not when I deploy the app. I'm trying to authenticate using: ProviderManager providerManager = (ProviderManager) applicationContext.getBean("authenticationManager"); providerManager.authenticate(new TestingAuthenticationToken("dan", "blahblah", new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_BLOGGER") } ));
Using the TestingAuthenticationProvider and the deployed version uses a DaoAuthenticationProvider.
Hi Dan
Just to clarify, you're saying your deployed version uses DaoAuthenticationProvider and works successfully in all ways. Your unit test on the other hand uses TestingAuthenticationToken and does not work. Is that correct?
Your unit test extract above should work. The providerManager.authenticate(Authentication) method should return a valid Authentication object, assuming the providerManager being obtained from the applicationContext is wired with the TestingAuthenticationProvider (which automatically accepts as valid any presented TestingAuthenticationToken).
If some other unit test code (which wasn't in your post) causes the calling of the MethodSecurityInterceptor, you need to ensure the ContextHolder is setup. In a unit test you need to setup the ContextHolder yourself. Two methods like this (from BankTests in the Acegi Security source) should do the trick, when called before and after your actual code to be tested:
private static void createSecureContext() {
TestingAuthenticationToken auth = new TestingAuthenticationToken("test",
"test",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl(
"ROLE_PERMISSION_LIST")});
SecureContextImpl secureContext = new SecureContextImpl();
secureContext.setAuthentication(auth);
ContextHolder.setContext(secureContext);
} private static void destroySecureContext() {
ContextHolder.setContext(null);
}Now if I've misunderstood and your problem is actually to do with the web container deployed version of your application, in most cases the "A valid SecureContext was not provided in the RequestContext" indicates the net.sf.acegisecurity.ui package isn't being called or not being called at the appropriate time. Most of the time people use the AutoIntegrationFilter. Just double-check it is in your web.xml, as it is what is responsible for setting up the ContextHolder in a web container deployed application (equivalent to the createSecureContext() unit test code above).
If none of the above helps, would you mind elaborating on what your problem is with (unit test or deployed version) and provide a copy of your application context and web.xml?
HTH Ben
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
