Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish Clarify @WithSecurityContext thread scope

Browse Source
This commit is contained in:
Josh Cummings
2026-03-20 16:41:10 -06:00
parent 2a013ffaa2
commit c000477c37
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/modules/ROOT/pages/servlet/test/method.adoc
+1 -1
View File
@@ -187,7 +187,7 @@ You can change this to happen during the `TestExecutionListener.beforeTestExecut
[NOTE]
====
`@WithMockUser`, `@WithUserDetails`, and `@WithSecurityContext` populate the xref:servlet/authentication/architecture.adoc#servlet-authentication-securitycontextholder[`SecurityContextHolder`] for the test thread.
This works for method-security tests and for xref:servlet/test/mockmvc/index.adoc[`MockMvc`] (when using `testSecurityContext()`), but does not automatically apply to full HTTP requests made through external clients (for example, REST-assured against a running server), because those requests are handled on a different thread.
This cannot apply to full HTTP requests a test makes to a running server since those requests are handled by a different thread.
For end-to-end HTTP tests, xref:servlet/authentication/index.adoc[authenticate] the request itself (for example, with HTTP Basic or a bearer token).
====