Library version 4.4.0#83
Conversation
| sql: | ||
| init: | ||
| platform: h2 | ||
| sap.ams.test.enabled: true |
There was a problem hiding this comment.
Necessary because the CAP sample now includes spring-boot-starter-cap-ams-test as compile-scoped dependency, so that the app can be started via mvn spring-boot:run with mock users as intended by CAP.
Since the CAP sample tests include mocked identity and xsuaa bindings on the class path, the new back-off mechanism in the test starter thinks we're in production, so we must enforce its auto-configuration with this property in the test profile.
| <dependency> | ||
| <groupId>com.sap.cloud.security.ams</groupId> | ||
| <artifactId>spring-boot-starter-cap-ams-test</artifactId> | ||
| <scope>test</scope> |
There was a problem hiding this comment.
Changed, so that the app can be started via mvn spring-boot:run with mock users as intended by CAP.
| // authz.requestMatchers(POST, "/orders").access(via.precheckPrivilege(CREATE_ORDERS)); | ||
| // authz.requestMatchers(DELETE, "/orders/**").access(via.checkPrivilege(DELETE_ORDERS)); | ||
| // Idiom 2 (route-level authorization + service-level filtering) Showcases alternative endpoint protection via AMS route-level security (+ service-level filtering) | ||
| authz.requestMatchers(GET, "/products").access(via.checkPrivilege(READ_PRODUCTS)); |
There was a problem hiding this comment.
these lines are now commented-in, so we can test with the samples both SB3 and SB4 support for the route check bean.
No description provided.