Re: [appfuse-user] Strutstestcase and action roles setting

Sun, 04 Feb 2007 10:54:16 -0800 

Spring's MockHttpServletRequest allows you to setRemoteUser() and
addUserRole(), but I don't believe that's used when you're using
StrutsTestCase.  You could try logging in with Acegi programmatically.
There's some examples of this in UserSecurityAdviceTest.java:

http://tinyurl.com/yqca8n

HTH,

Matt

On 2/4/07, Sanders, Corey <[EMAIL PROTECTED]> wrote:





Hi all,



I am working on integrating my company's home-grown single-sign on system
with a new Appfuse webapp. It started off well. I plugged in a new Acegi
AuthenticationProvider with surprisingly few lines of code and I was off and
running. But then came a disturbance in the force. After adding "roles"
restrictions to my struts-config, I now get 403 errors in my web test cases.



    [junit] Testcase:
testSearchWithCriteria(com.sterlingcommerce.bpn.webapp.action.BusinessActionTest):
       FAILED

    [junit] received error 403 : User is not authorized to access action
/editBusiness

    [junit] junit.framework.AssertionFailedError: received
error 403 : User is not authorized to access action /editBusiness

    [junit]     at
servletunit.HttpServletResponseSimulator.sendError(HttpServletResponseSimulator.java:463)

    [junit]     at
org.apache.struts.action.RequestProcessor.processRoles(RequestProcessor.java:887)

    [junit]     at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:197)

    [junit]     at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)

    [junit]     at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)

    [junit]     at
servletunit.struts.MockStrutsTestCase.actionPerform(MockStrutsTestCase.java:394)



I poked around the BaseStrutsTestCase class to see if there was a way I
could mock up a user that is always used for the tests, but I don't see how
to make that happen. There is some code in there for loading a user and a
comment about putting it in the session, but no code that appears to put it
in the session.



        // populate the userForm and place into session

        UserManager userMgr = (UserManager) ctx.getBean("userManager");

        user = userMgr.getUserByUsername("tomcat");



So, I'm not really sure where the user is configured for the tests. My
thought is that there is some Spring magic, but I'm too much of a Spring
newbie to figure it out. I poked around the Spring forums for a while and
found one article on a similar issue, but it didn't really help. I'd
appreciate it if someone could explain to me how this is wired together and
where I can setup my user for the tests.



BTW, I am using Appfuse v.1.9.4 – Struts w/ Hibernate



Thanks,

-- Corey



--
http://raibledesigns.com

Reply via email to