import org.springframework.security.config.BeanIds; //导入依赖的package包/类
/**
 * 메소드 접근 제어 권한에 따른 Role 맵핑을 처리함
 * 메소드 수행이 허용된 메소드 실행 시 성공 테스트
 * @throws Exception
 */
@Test
public void testMethodAndRoleMapping() throws Exception {
	
	DelegatingMethodDefinitionSource definitionsource = (DelegatingMethodDefinitionSource) context.getBean(BeanIds.DELEGATING_METHOD_DEFINITION_SOURCE);
	Method method = null;
	ConfigAttributeDefinition role = null;
	
	// test1 : matched role
	try {
		method = CategoryController.class.getMethod("selectCategoryList", null);
	} catch (NoSuchMethodException nsme) {
		log.error("## testMethodAndRoleMapping : ", nsme);
	}

	role = definitionsource.getAttributes(method, CategoryController.class);

	assertEquals("ROLE_USER", role.getConfigAttributes().toArray()[0].toString());
	log.debug("## testMethodAndRoleMapping : " + method.getName() + " is " + role.getConfigAttributes().toArray()[0].toString());

}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
/**
 * 메소드 수행이 허용되지 않은 메소드 실행 시 실패 테스트
 * @throws Exception
 */
@Test
public void testFailedMethodAndRoleMapping() throws Exception {
	
	DelegatingMethodDefinitionSource definitionsource = (DelegatingMethodDefinitionSource) context.getBean(BeanIds.DELEGATING_METHOD_DEFINITION_SOURCE);
	Method method = null;
	ConfigAttributeDefinition role = null;
	
	// test1 : no matched role
	try {
		method = CategoryController.class.getMethod("addCategoryView", null);
	} catch (NoSuchMethodException nsme) {
		log.error("## testMethodAndRoleMapping : ", nsme);
	}

	role = definitionsource.getAttributes(method, CategoryController.class);

	assertEquals(null, role);
	log.debug("## testMethodAndRoleMapping : " + method.getName() + " is no roles");
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
@SuppressWarnings({"unchecked"})
protected static String findDefaultFilterChainBeanId(ParserContext parserContext) {
  BeanDefinition filterChainList = parserContext.getRegistry().getBeanDefinition(BeanIds.FILTER_CHAINS);
  // Get the list of SecurityFilterChain beans
  List<BeanReference> filterChains = (List<BeanReference>)
            filterChainList.getPropertyValues().getPropertyValue("sourceList").getValue();

  return filterChains.get(filterChains.size() - 1).getBeanName();
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
public void afterPropertiesSet() throws Exception {
    Assert.notNull(this.applicationContext, "applicationContext is null");

    if (null == authentificationManager) {
        setAuthentificationManager((AuthenticationManager) applicationContext.getBean(BeanIds.AUTHENTICATION_MANAGER));
    }
    filterChainProxy = applicationContext.getBean(BeanIds.FILTER_CHAIN_PROXY, FilterChainProxy.class);
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
/**
 * DB에 등록된 사용자의 인증 실패 테스트
 * @throws Exception
 */
@Test
@ExpectedException(BadCredentialsException.class)
public void testRejectAccessForUnauthorizedUser() throws Exception {
   
   UsernamePasswordAuthenticationToken login = new UsernamePasswordAuthenticationToken("jimi", "wrongpw");
   AuthenticationManager authManager =
   	(AuthenticationManager) context.getBean(BeanIds.AUTHENTICATION_MANAGER);
   
   log.debug("### jimi's password is wrong!!");
   SecurityContextHolder.getContext().setAuthentication(authManager.authenticate(login));
   
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
	return super.authenticationManagerBean();
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}
 

import org.springframework.security.config.BeanIds; //导入依赖的package包/类
/**
 * 웹 접근이 허용된 URL로 접근 시 Context 에서 지정한 로그인 화면으로 이동됨 검사
 * @throws Exception
 */
@Test
public void testSuccessfulUrlInvocation() throws Exception {

	final String loginPage = "/cvpl/EgovCvplLogin.do";
	
	FilterChainProxy filterChainProxy = (FilterChainProxy) context.getBean(BeanIds.FILTER_CHAIN_PROXY);

	
	////////////////
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setMethod("GET");
    request.setServletPath("/test.do");

	MockHttpServletResponse response = new MockHttpServletResponse();
	MockFilterChain chain = new MockFilterChain();

	filterChainProxy.doFilter(request, response, chain);
	
	assertTrue(response.getRedirectedUrl().indexOf(loginPage) >= 0);
	log.debug("### getRedirectedUrl " + response.getRedirectedUrl());
	log.debug("### getForwardedUrl " + response.getForwardedUrl());
	log.debug("### getIncludedUrl " + response.getIncludedUrl());
	log.debug("### getErrorMessage " + response.getErrorMessage());
	log.debug("### getContentAsString " + response.getContentAsString());


	/////////////
	request = new MockHttpServletRequest();
    request.setMethod("GET");
    request.setServletPath("/sale/index.do");

	response = new MockHttpServletResponse();

	filterChainProxy.doFilter(request, response, chain);
	
	assertTrue(response.getRedirectedUrl().indexOf(loginPage) >= 0);
	log.debug("### getRedirectedUrl " + response.getRedirectedUrl());
	log.debug("### getForwardedUrl " + response.getForwardedUrl());
	log.debug("### getIncludedUrl " + response.getIncludedUrl());
	log.debug("### getErrorMessage " + response.getErrorMessage());
	log.debug("### getContentAsString " + response.getContentAsString());

}