How to test authenticated access to endpoint secured with spring-security
I am using spring-security with form based basic authentication in my jersey server to do a secure POST request.
When a client accesses the secure resource they are correctly redirected to the spring generated login form where username / password is entered and the form is submitted. After successful authentication and authorization the server then redirects to the secure resource.
I need to write a junit test that uses jersey client to invoke the secure POST request. Can any one tell me the outline of what the jersey client code needs to do in order to first authenticate and then issues the secure POST request.
The spring generated login form source looks like this:
I wrote the following jersey client code to simulate the submission of above form:Code:<html><head><title>Login Page</title></head><body onload='document.f.j_username.focus();'> <h3>Login with Username and Password</h3><form name='f' action='/mycontext/j_spring_security_check' method='POST'> <table> <tr><td>User:</td><td><input type='text' name='j_username' value=''></td></tr> <tr><td>Password:</td><td><input type='password' name='j_password'/></td></tr> <tr><td colspan='2'><input name="submit" type="submit"/></td></tr> <tr><td colspan='2'><input name="reset" type="reset"/></td></tr> </table> </form></body></html>
Based on debug session I can tell that above code does do authentication (good). But the response returns a status of 404.Code:Client c = Client.create(); Form form = new Form(); form.add("j_username", "myuser"); form.add("j_password", "mypassword"); String url = "http://localhost:8080/mycontext/j_spring_security_check"; WebResource webResource = c.resource(url); ClientResponse resp = webResource.type(MediaType.APPLICATION_FORM_URLENCODED_TYPE).post(ClientResponse.class, form); int status = resp.getStatus();
What am I doing wrong?
Reply With Quote