session - GroovyHttpBuilderを使用して2つのリクエスト間でセッション状態を維持する方法

Question

私は認証が必要な統合テストに取り組んでいます。セッション状態（つまりCookie）は、リクエスト間で維持されていないようです。CookieManagerなどはありますか？

@Test
public void whenAuthenticatedUserRequestAForbiddenUrlShouldObtain403() {
    def client = new RESTClient('http://127.0.0.1:8080/app/')

    def login = client .post(
            path: 'api/login.json',
            body: [j_username: 'user', j_password: 'test'],
            requestContentType: ContentType.URLENC)



    def resp = client .get(path: 'forbidden-url')
    assert (resp.status == 403) 
    ==> FAILS status = 200
}

Answer 1

It looks to me like the problem is not losing session state but rather the 'forbidden-url' might not be specified as secure in the first place. If it were, it does not seem that client request request should succeed EVEN IF you login. Try removing the login at the top and if you still get 200, you probably don't have the URL secured anyway.