编写使用SpringSecurity的JUnit测试提醒

近日在使用SpringSecurity的项目中发现一个小问题，就是在接口上加了@Secured标注限制调用接口权限时，某些JUnit无法正常调用了。

?

?

例如：

?

import java.util.ArrayList;import java.util.Collection;import java.util.List;import org.springframework.beans.factory.BeanFactory;import org.springframework.security.authentication.AuthenticationProvider;import org.springframework.security.authentication.ProviderManager;import org.springframework.security.authentication.TestingAuthenticationProvider;import org.springframework.security.authentication.TestingAuthenticationToken;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.GrantedAuthorityImpl;import org.springframework.security.core.context.SecurityContextHolder;import org.springframework.security.core.context.SecurityContextImpl;import cn.com.timekey.drugmonitor.po.Privilege;/** * @author kennylee * */public class SecurityTestingUnit {/** * 设置SpringSecurity的登录用户权限。 * * @param ctx * @param auths */public static void setAuthToken(BeanFactory ctx, GrantedAuthority[] auths) {TestingAuthenticationToken token = new TestingAuthenticationToken("admin", "test", auths);// Override the regular spring configurationProviderManager providerManager = (ProviderManager) ctx.getBean("authenticationManager");List<AuthenticationProvider> list = new ArrayList<AuthenticationProvider>();TestingAuthenticationProvider testingAuthenticationProvider = new TestingAuthenticationProvider();list.add(testingAuthenticationProvider);providerManager.setProviders(list);// Create and store the SpringSecurity SecureContext into the// SecurityContextHolder.SecurityContextImpl secureContext = new SecurityContextImpl();secureContext.setAuthentication(token);SecurityContextHolder.setContext(secureContext);}/** * 构造权限组 * * @param rolePrivileges * @return */public static GrantedAuthority[] generateAuthorities(Collection<Privilege> privileges) {GrantedAuthority[] auths = new GrantedAuthority[privileges.size()];if (!privileges.isEmpty()) {int count = 0;for (Privilege rolePrivilege : privileges) {String privilegeName = rolePrivilege.getPrivilegeName();GrantedAuthority authority = new GrantedAuthorityImpl(privilegeName);auths[count] = authority;count++;}}return auths;}}

?

其中generateAuthorities只是我的一个辅助构造方法。不是重点内容。setAuthToken为主体代码。

?

参考见：http://fishdujour.typepad.com/blog/2005/02/junit_testing_w.html

?