"Authentication obj not found" err in JUnit Tests after adding MethodSecurityIntercep

[mihajlo]

Ok, I realize I'm a new member and may not know a whole lot about Acegi Security, but would someone please answer one of my posts

I finally figured out how to protect service method invocations using MethodSecurityInterceptor; however now I am getting the following error when trying to run JUnit tests on my Service methods:

Code:

An Authentication object was not found in the SecurityContext 

org.acegisecurity.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext at org.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:339) at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:254) at org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:63) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:203) at $Proxy23.createNewSar(Unknown Source) at halo.service.SarServiceTest.testCreateNewFederalSar(SarServiceTest.java:163) at org.springframework.test.ConditionalTestCase.runBare(ConditionalTestCase.java:69)

Any clues as to why this is happening?

[karldmoore]

Ok, I would assume as the exception states there is no Authentication information. Have you faked up signing in via the unit test?

[mihajlo]

Yes, in the onSetUp() method:

Code:

protected void onSetUp() throws Exception {
    super.onSetUp();
    testUser = (UserDTO) authenticationService.loadUserByUsername(TEST_SID_1);
    log.debug(testUser);
}

As I mentioned previously this was working fine until I added MethodSecurityInterceptor to protect the Service methods being tested, which as I understand has nothing to do with Authentication.

[karldmoore]

All you are doing here is loading the user, you aren't authenticating them. Have a look at this thread.
http://forum.springframework.org/arc...p/t-24331.html

[mihajlo]

Thanks very much, adding the following lines did the trick:

Code:

UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(TEST_SID_1, null);
Authentication auth = authenticationManager.authenticate(authRequest);
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(auth);

[karldmoore]

Thanks for posting back and confirming that worked! Glad you got it all working.