Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clarify @WithSecurityContext thread scope

Browse Source 
Signed-off-by: wonderfulrosemari <whwlsgur1419@naver.com>
This commit is contained in:
wonderfulrosemari
2026-02-28 01:19:48 +09:00
committed by Josh Cummings
parent ea05089443
commit 2a013ffaa2
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/modules/ROOT/pages/servlet/test/method.adoc
+7
View File
@@ -184,6 +184,13 @@ You can change this to happen during the `TestExecutionListener.beforeTestExecut
@WithSecurityContext(setupBefore = TestExecutionEvent.TEST_EXECUTION) @WithSecurityContext(setupBefore = TestExecutionEvent.TEST_EXECUTION)
---- ----
[NOTE]
====
`@WithMockUser`, `@WithUserDetails`, and `@WithSecurityContext` populate the xref:servlet/authentication/architecture.adoc#servlet-authentication-securitycontextholder[`SecurityContextHolder`] for the test thread.
This works for method-security tests and for xref:servlet/test/mockmvc/index.adoc[`MockMvc`] (when using `testSecurityContext()`), but does not automatically apply to full HTTP requests made through external clients (for example, REST-assured against a running server), because those requests are handled on a different thread.
For end-to-end HTTP tests, xref:servlet/authentication/index.adoc[authenticate] the request itself (for example, with HTTP Basic or a bearer token).
====
[[test-method-meta-annotations]] [[test-method-meta-annotations]]
== Test Meta Annotations == Test Meta Annotations