Skip to content

Clarify @WithSecurityContext thread scope#18812

Closed
wonderfulrosemari wants to merge 1 commit intospring-projects:mainfrom
wonderfulrosemari:gh-3721-withsecuritycontext-non-mockmvc-doc
Closed

Clarify @WithSecurityContext thread scope#18812
wonderfulrosemari wants to merge 1 commit intospring-projects:mainfrom
wonderfulrosemari:gh-3721-withsecuritycontext-non-mockmvc-doc

Conversation

@wonderfulrosemari
Copy link
Copy Markdown
Contributor

Closes gh-3721

Clarify that @WithMockUser, @WithUserDetails, and @WithSecurityContext
populate SecurityContextHolder for the test thread.

Document that this works for method-security tests and for MockMvc when using
testSecurityContext(), but does not automatically apply to full HTTP client
tests against a running server because those requests execute on different threads.

Also add guidance to authenticate end-to-end HTTP requests directly
(for example, HTTP Basic or Bearer token).

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Feb 27, 2026
Copy link
Copy Markdown
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @wonderfulrosemari! I've left some feedback inline.

Comment thread docs/modules/ROOT/pages/servlet/test/method.adoc Outdated
Comment thread docs/modules/ROOT/pages/servlet/test/method.adoc Outdated
Comment thread docs/modules/ROOT/pages/servlet/test/method.adoc Outdated
@jzheaux jzheaux self-assigned this Mar 4, 2026
@jzheaux jzheaux added in: docs An issue in Documentation or samples type: enhancement A general enhancement status: waiting-for-feedback We need additional information before we can continue and removed status: waiting-for-triage An issue we've not yet triaged labels Mar 4, 2026
Closes spring-projectsgh-3721

Signed-off-by: wonderfulrosemari <whwlsgur1419@naver.com>
@wonderfulrosemari wonderfulrosemari force-pushed the gh-3721-withsecuritycontext-non-mockmvc-doc branch from 2470b93 to ec6a5a8 Compare March 4, 2026 01:50
@jzheaux jzheaux removed the status: waiting-for-feedback We need additional information before we can continue label Mar 4, 2026
@jzheaux jzheaux added this to the 7.1.0-M3 milestone Mar 4, 2026
Copy link
Copy Markdown
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, @wonderfulrosemari, thanks again for your updates.

Unfortunately, I don't think this sufficiently addresses #3721 since the question in that issue is about JAX-RS, not REST-assured, and because JAX-RS tests can run in-memory, which is likely the use case that #3721 is about. That is, explaining what to do when tests and the server run on separate threads is not the use case that the OP was raising.

In addition to my inline feedback, will you please remove "Closes gh-3721" from the updated commit message?

Comment thread docs/modules/ROOT/pages/servlet/test/method.adoc
@jzheaux jzheaux added the status: waiting-for-feedback We need additional information before we can continue label Mar 4, 2026
@jzheaux jzheaux modified the milestones: 7.1.0-M3, 7.1.x, 7.1.0-RC1 Mar 16, 2026
@jzheaux
Copy link
Copy Markdown
Contributor

jzheaux commented Mar 20, 2026

@wonderfulrosemari thank you again for your responsiveness during this PR! I went ahead and applied my remaining review commits. Your PR is merged in 47bafbd38d3d74bd13733c595ffa8173e2ef8447 and my polish is e7416dfaba33968d95bcafd19d9ff553a88c9d59 on main.

@jzheaux jzheaux closed this Mar 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

in: docs An issue in Documentation or samples status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement

Projects

None yet

Development

Successfully merging this pull request may close these issues.

@WithSecurityContext test without MockMVC

3 participants