aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2019-10-01 12:36:49 +0300
committerGravatar Vitaly Takmazov2019-10-01 12:36:49 +0300
commit0ad4a26ab6b78b8bb3123faed6fcfaff807f49f3 (patch)
treed51cc828cb110f09ea6df059bea1c934f45807ce
parenta63cb2c7621994f1b631968b6657c8ea23ebf233 (diff)
Basic authentication endpoints must provide realm
Diffstat
-rw-r--r--src/main/java/com/juick/server/configuration/SecurityConfig.java5
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java3
2 files changed, 6 insertions, 2 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 30632a07..c5fe4fbb 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -41,6 +41,7 @@ import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
+import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
@@ -141,7 +142,9 @@ public class SecurityConfig {
@Bean
public AuthenticationEntryPoint juickAuthenticationEntryPoint() {
- return new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED);
+ var entryPoint = new BasicAuthenticationEntryPoint();
+ entryPoint.setRealmName("Juick");
+ return entryPoint;
}
@Override
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index e5d39743..51be7092 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -479,7 +479,8 @@ public class ServerTests {
.andExpect(status().isMovedPermanently());
mockMvc.perform(get("/api/auth"))
- .andExpect(status().isUnauthorized());
+ .andExpect(status().isUnauthorized())
+ .andExpect(header().exists("WwW-Authenticate"));
mockMvc.perform(get("/api/home"))
.andExpect(status().isUnauthorized());
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 11:56:29 +0000