Secure module: how do you "log in" in a FunctionalTest?

225 views
Skip to first unread message

Mark Schaake

unread,
Apr 22, 2011, 8:14:02 PM4/22/11
to play-framework
I want to test controller actions that are secured by Secure module
class, so I need to log in prior to testing my controller.

How do you do this? I've tried the following:

========== code snipet ===================
Map<String, String> loginUserParams = new HashMap<String, String>();
loginUserParams.put("username", "admin");
loginUserParams.put("password", "admin");
Response response = POST("/login", loginUserParams);
========== end code snipet ===================

Which returns the expected response (redirect to home page). But then
in subsequent call to a secured action, I am always redirected to the
"/login" page. Is there a way to "fool" the Secure module into
believing you're authenticated?

I absolutely do not want to have to write a Selenium test for every
secured action - since almost all will be secured.

Thanks in advance,

Mark

Sam Liu

unread,
Apr 23, 2011, 1:22:24 AM4/23/11
to play-fr...@googlegroups.com
There is an annotation like @Before. You can try it...

@Before
public static void loginFirst(){
...
}

public static void testYourAction(){
...
}

2011/4/23 Mark Schaake <mark.s...@gmail.com>

--
You received this message because you are subscribed to the Google Groups "play-framework" group.
To post to this group, send email to play-fr...@googlegroups.com.
To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.


Mark Schaake

unread,
Apr 23, 2011, 4:50:21 PM4/23/11
to play-framework
Yes, I know about the org.junit.Before annotation. This doesn't work
in that cookies from previous call are not being placed in subsequent
calls (even though looking at FunctionalTest this is what is supposed
to happen). Looks like bug https://bugs.launchpad.net/play/+bug/497408
as pointed out by Havoc P on stackoverflow.com
http://stackoverflow.com/questions/5762246/playframework-secure-module-how-do-you-log-in-to-test-a-secured-controller-in/5765884#5765884

On Apr 22, 10:22 pm, Sam Liu <worldwin...@gmail.com> wrote:
> There is an annotation like @Before. You can try it...
>
> @Before
> public static void loginFirst(){
> ...
>
> }
>
> public static void testYourAction(){
> ...
>
> }
>
> 2011/4/23 Mark Schaake <mark.scha...@gmail.com>

Mark Schaake

unread,
Apr 24, 2011, 10:04:36 AM4/24/11
to play-framework
I've found a workaround to this issue. To preserve the cookies from a
previous request in a FunctionalTest, you have to manually build the
request. There is a helper method in FunctionTest to get you started:

// Make the login request
Map<String, String> loginUserParams = new HashMap<String,
String>();
loginUserParams.put("username", "admin");
loginUserParams.put("password", "admin");
Response loginResponse = POST("/login", loginUserParams);

Request request = newRequest(); // helper method from
FunctionalTest superclass
request.cookies = loginResponse.cookies; // this makes the request
authenticated for secure module
request.url = "/some/secured/action";
request.method = "POST";
request.params.put("someparam", "somevalue");
Response response = makeRequest(request);
assertIsOk(response); // Passes!


On Apr 23, 1:50 pm, Mark Schaake <mark.scha...@gmail.com> wrote:
> Yes, I know about the org.junit.Before annotation. This doesn't work
> in that cookies from previous call are not being placed in subsequent
> calls (even though looking at FunctionalTest this is what is supposed
> to happen). Looks like bughttps://bugs.launchpad.net/play/+bug/497408
> as pointed out by Havoc P on stackoverflow.comhttp://stackoverflow.com/questions/5762246/playframework-secure-modul...
Reply all
Reply to author
Forward
0 new messages