Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Multipart request tests fail when enabling spring security [SPR-13317] #17902

Closed
spring-projects-issues opened this issue Aug 5, 2015 · 3 comments
Assignees
Labels
in: test in: web type: bug
Milestone

Comments

@spring-projects-issues
Copy link
Collaborator

@spring-projects-issues spring-projects-issues commented Aug 5, 2015

José Carlos Valero Sánchez opened SPR-13317 and commented

After enabling SpringSecurity parts in a multipart file are not properly extracted anymore because of Request being wrapped.

Disabling security make the test pass, and similar tests with non-multipart method work as expected.

The given test is an example to reproduce the bug:

@Test
public void postNewResourceDefinitionShouldReturnLocationHeader() throws Exception {
    mvc.perform((fileUpload("/documents/"))
                    .file("file", "abc".getBytes())
                    .file(new MockMultipartFile("metadata", "metadata", "application/json", "{\"name\":\"yeeeah\"}".getBytes()))
                    .with(writeOnlyUser)
    )
            .andExpect(header().string("location", not(isEmptyOrNullString())))
    .andExpect(header().string("location", containsString("http://localhost/documents/")))
    ;
}

Producing the exception:

Caused by: java.lang.IllegalArgumentException: Failed to obtain request part: metadata. The part is missing or multipart processing is not configured. Check for a MultipartResolver bean or if Servlet 3.0 multipart processing is enabled.
	at org.springframework.web.multipart.support.RequestPartServletServerHttpRequest.<init>(RequestPartServletServerHttpRequest.java:73)
	at org.springframework.web.servlet.mvc.method.annotation.RequestPartMethodArgumentResolver.resolveArgument(RequestPartMethodArgumentResolver.java:149)
	at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:77)
	at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:162)
	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:129)
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:776)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705)
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
	... 68 more

Affects: 4.1.7

Referenced from: commits 473dd5e

@spring-projects-issues
Copy link
Collaborator Author

@spring-projects-issues spring-projects-issues commented Aug 6, 2015

Rossen Stoyanchev commented

Does this issue occur only in tests or is the behavior the same when running the application?
Is this a regression, i.e. did it occur after an upgrade of either Spring Framework or Spring Security?
Do you use MultipartFilter for the multipart parsing?

@spring-projects-issues
Copy link
Collaborator Author

@spring-projects-issues spring-projects-issues commented Aug 6, 2015

José Carlos Valero Sánchez commented

  1. It's only in tests when using fileupload instead of post, put... The app works properly, and the tests also as long as you don't mix fileupload + with(user).
  2. It's something I can't say, since I just started using Spring Security Test features.
  3. For this specific system I'm relying on Spring Boot and I didn't set up MultipartFilter explicitly, but in regular Spring apps, I always enable it.

@spring-projects-issues
Copy link
Collaborator Author

@spring-projects-issues spring-projects-issues commented Aug 6, 2015

Rossen Stoyanchev commented

Okay thanks. It sounds like the issue is specific to the Spring MVC Test - Spring Security integration. I'll have a closer look. I suspect in the end it may make sense to fix in RequestPartServletServerHttpRequest accounting for potential request wrapping.

@spring-projects-issues spring-projects-issues added type: bug in: test in: web labels Jan 11, 2019
@spring-projects-issues spring-projects-issues added this to the 4.2.1 milestone Jan 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: test in: web type: bug
Projects
None yet
Development

No branches or pull requests

2 participants