Document how to structure configurations so that @Bean methods are included in slice tests #16088
Description
Hi!
I just updated several services to SpringBoot 2.1.3 and observed a different behavior regarding integration tests in WebFlux and WebMVC in combination with spring-security.
In both services a custom SecurityConfig exists.
In the WebMVC service the config looks like:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// custom config is here
}
}In the WebFlux service the config looks like:
@Configuration
@EnableWebFluxSecurity
public class SecurityConfiguration {
@Bean
public SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
//custom config is here
}
}When implementing an integration test using @WebMvcTest the custom WebSecurityConfig is called (placing a breakpoint in the configure method works). But in order to be active it is necessary to callapply(SecurityMockMvcConfigurers.springSecurity()) on the MockMvcBuilder.
I think this is in line with the documentation provided here:
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#test-mockmvc-setup
When implementing an integration test using @WebFluxTest the custom SecurityConfiguration is not called, but instead the standard org.springframework.security.config.annotation.web.reactive.WebFluxSecurityConfiguration is used. I have to use @Import on the test class to get the custom SecurityConfiguration to work.
I couldn't find anything in the documentation that describes this behavior of @WebFluxTest. I would expect that @WebFluxTest behaves like @WebMvcTest and uses the custom SecurityConfiguration.