From 3a42147d3e0a360f2dbf9752daff7d2be2d46c27 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@gopivotal.com>
Date: Wed, 8 Apr 2015 16:59:38 -0500
Subject: [PATCH] Add NullRequestCache to rest sample

Fixes gh-183
---
 samples/rest/build.gradle                     |  3 +-
 .../src/main/java/sample/SecurityConfig.java  | 12 ++--
 .../src/test/java/rest/RestMockMvcTests.java  | 67 +++++++++++++++++++
 3 files changed, 77 insertions(+), 5 deletions(-)
 create mode 100644 samples/rest/src/test/java/rest/RestMockMvcTests.java

diff --git a/samples/rest/build.gradle b/samples/rest/build.gradle
index c459854a..7d13c86d 100644
--- a/samples/rest/build.gradle
+++ b/samples/rest/build.gradle
@@ -17,7 +17,8 @@ dependencies {
 
 	providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
 
-	testCompile "junit:junit:$junitVersion"
+	testCompile "junit:junit:$junitVersion",
+				"org.springframework.security:spring-security-test:$springSecurityVersion"
 
 	integrationTestCompile spockDependencies,
 					'org.codehaus.groovy.modules.http-builder:http-builder:0.7'
diff --git a/samples/rest/src/main/java/sample/SecurityConfig.java b/samples/rest/src/main/java/sample/SecurityConfig.java
index bca7a442..0df88acb 100644
--- a/samples/rest/src/main/java/sample/SecurityConfig.java
+++ b/samples/rest/src/main/java/sample/SecurityConfig.java
@@ -15,32 +15,36 @@
  */
 package sample;
 
-/**
- * @author Rob Winch
- */
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.savedrequest.NullRequestCache;
 
 @EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	// @formatter:off
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
 			.authorizeRequests()
 				.anyRequest().authenticated()
 				.and()
+			.requestCache()
+				.requestCache(new NullRequestCache())
+				.and()
 			.httpBasic();
 	}
+	// @formatter:on
 
+	// @formatter:off
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
 		auth
 			.inMemoryAuthentication()
 				.withUser("user").password("password").roles("USER");
 	}
+	// @formatter:on
 }
diff --git a/samples/rest/src/test/java/rest/RestMockMvcTests.java b/samples/rest/src/test/java/rest/RestMockMvcTests.java
new file mode 100644
index 00000000..28fc1566
--- /dev/null
+++ b/samples/rest/src/test/java/rest/RestMockMvcTests.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2002-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package rest;
+
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.session.ExpiringSession;
+import org.springframework.session.web.http.SessionRepositoryFilter;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import sample.HttpSessionConfig;
+import sample.SecurityConfig;
+import sample.mvc.MvcConfig;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes= {HttpSessionConfig.class,SecurityConfig.class, MvcConfig.class})
+@WebAppConfiguration
+public class RestMockMvcTests {
+
+	@Autowired
+	SessionRepositoryFilter<? extends ExpiringSession> sessionRepositoryFilter;
+
+	@Autowired
+	WebApplicationContext context;
+
+	MockMvc mvc;
+
+	@Before
+	public void setup() {
+		mvc = MockMvcBuilders.webAppContextSetup(context)
+				.alwaysDo(print())
+				.addFilters(sessionRepositoryFilter)
+				.apply(springSecurity()).build();
+	}
+
+	@Test
+	public void noSessionOnNoCredentials() throws Exception {
+		mvc.perform(get("/"))
+			.andExpect(header().doesNotExist("x-auth-token"));
+	}
+}