How to mock Spring SecurityContext so I can use it with TestNG?

I have to build a Unit test to test some user actions, when they are authenticated.

I have everything in place with EasyMock and TestNG.

But I cannot find a way to inject a SecurityContextHolderStrategy (I am using this interface in order to be able to inject and mock SecurityContextHolder in my Controller so I can have 2 different setups one for production and one for testing using separated applicationContext.xml)

But I am having a hard time creating a bean that can match SecurityContextHolderStrategy with the proper settings ( in Test a empty context a开发者_StackOverflownd in prod inject the real one).

Can anyone help me ?

here is a code sample of the Controller.

@Controller
@RequestMapping("/topic/**")
public class TopicController {

@Autowired
PostRepository postRepo;
@Autowired
TopicRepository top;
@Autowired
PersonRepository per;
@Autowired
ProductRepository pro;
@Autowired
TopicControllerHelper topHelper;
@Autowired
SecurityContextHolderStrategy securityContext;

@RequestMapping(value="/topic/{topicId}", method=RequestMethod.GET)
public ModelAndView showPage(@PathVariable("topicId") int id){
    ModelAndView model = new ModelAndView("/topic");
    Topic topic = top.findTopicByID((long) id);
    model.addObject("topic",topic); 
    Post post = new Post();
    post.setPerson(topic.getPerson());
    post.setTopic(topic);
    model.addObject("post",post);
    model.addObject("logged",securityContext.getContext().getAuthentication().getName());
    return model;
}

And my testApplicationContext.xml

    <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:sec="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="
        http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd">

    <context:spring-configured />
    <context:component-scan base-package="br.com.gsc" />
    <tx:annotation-driven mode="aspectj" transaction-manager="transactionManager"/>
<!--    <tx:annotation-driven transaction-manager="transactionManager"/>     -->
    <mvc:annotation-driven />

    <bean id="entityManagerFactory"
        class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
        <property name="persistenceUnitName" value="gscTest" />
    </bean>

    <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
        <property name="entityManagerFactory" ref="entityManagerFactory" />
    </bean>

    <bean id="securityContext" class="org.springframework.security.core.context.SecurityContextHolderStrategy">

I am lost at here !!! WHAT should be here in Test and Production to make the Context work in each .xml ?

    </bean>

    <!-- <bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles2.TilesConfigurer" 
        p:definitions="/WEB-INF/tiles-defs.xml" /> -->

</beans>

---

I realize this isn't a straight answer to your question but have you thought of using Powermock to mock the static SecurityContextHolder.getSecurityContext() method?

---

Create a separate bean with interface that you can mock and let that bean read the Authentication from the static context. If you have a user object, it could even return a user rather than a name.