diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/howto.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/howto.adoc index dcb83cc372f..e1322a02308 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/howto.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/howto.adoc @@ -1417,6 +1417,31 @@ For more detail, see the following sections: +[[howto-use-test-with-spring-security]] +== Testing With Spring Security +Spring Security provides support for running tests as a specific user. +For example, the test in the snippet below will run with an authenticated user +that has the `ADMIN` role. + +[source,java,indent=0] +---- + @Test + @WithMockUser(roles="ADMIN") + public void requestProtectedUrlWithUser() throws Exception { + mvc + .perform(get("/")) + ... + } +---- + +Spring Security provides comprehensive integration with Spring MVC Test and +this can also be used when testing controllers using the `@WebMvcTest` slice and `MockMvc`. + +For additional details on Spring Security's testing support, refer to Spring Security's +https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#test[reference documentation]). + + + [[howto-jersey]] == Jersey diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index 1b104334206..4c6c1b2ca06 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -6886,6 +6886,11 @@ that the driver exits after each test and that a new instance is injected. If yo not want this behavior, you can add `@Scope("singleton")` to your `WebDriver` `@Bean` definition. +If you have Spring Security on the classpath, `@WebMvcTest` will also scan `WebSecurityConfigurer` +beans. Instead of disabling security completely for such tests, you can use Spring Security's test support. +More details on how to use Spring Security's `MockMvc` support can be found in +this _<>_ how-to section. + TIP: Sometimes writing Spring MVC tests is not enough; Spring Boot can help you run <>.