원클릭으로 Manus에서 모든 스킬 실행

$pwd:

spring-security-testing

Name: Spring Security Testing
Author: spring-ai-community

// Spring Security 7 changed method security defaults and CSRF handling — tests using hasRole() or csrf() may need updates. Read before testing authentication, authorization, or secured endpoints. Triggers: @WithMockUser, csrf(), jwt(), oauth2Login(), SecurityFilterChain, @PreAuthorize, AccessDeniedException, @WithUserDetails, @WithSecurityContext, hasRole, hasAuthority, SCOPE_, JwtAuthenticationToken.

Manus에서 실행

$ git log --oneline --stat

stars:43

forks:2

updated:2026년 4월 8일 03:26

파일 탐색기

2 개 파일

SKILL.md

readonly

name	spring-security-testing
description	Spring Security 7 changed method security defaults and CSRF handling — tests using hasRole() or csrf() may need updates. Read before testing authentication, authorization, or secured endpoints. Triggers: @WithMockUser, csrf(), jwt(), oauth2Login(), SecurityFilterChain, @PreAuthorize, AccessDeniedException, @WithUserDetails, @WithSecurityContext, hasRole, hasAuthority, SCOPE_, JwtAuthenticationToken.
version	0.1.0
license	Apache-2.0

Spring Security Testing

Signals: @WithMockUser, @WithUserDetails, csrf(), jwt(), oauth2Login(), mockOidcLogin(), @WithSecurityContext, SecurityMockMvcRequestPostProcessors, AccessDeniedException, SCOPE_

Tested With

Spring Boot 3.2+ / Spring Boot 4.x
Spring Security 6.x / 7.x
Spring Framework 6.x / Spring Framework 7.x
JUnit 5

Do NOT Use This Skill When

Testing REST controller HTTP behavior (status codes, JSON body, headers) without security focus → use spring-mvc-testing
Testing reactive endpoints with security → use spring-webflux-testing
Testing JPA repositories → use spring-jpa-testing
Writing pure unit tests for service logic without security context → use spring-testing-fundamentals

When to Read References

Situation	Read
`@WithMockUser` and `@WithUserDetails` setup	`references/security-testing-patterns.md`
`roles` vs `authorities` and the `ROLE_` prefix trap	`references/security-testing-patterns.md`
Per-request auth with `SecurityMockMvcRequestPostProcessors` (`user()`, `httpBasic()`)	`references/security-testing-patterns.md`
CSRF on POST/PUT/DELETE — preventing 403 in tests	`references/security-testing-patterns.md`
JWT resource server testing with `jwt()` post-processor	`references/security-testing-patterns.md`
OAuth2 login and OIDC testing with `oauth2Login()`, `mockOidcLogin()`	`references/security-testing-patterns.md`
Custom `@WithSecurityContext` for complex JWT scenarios	`references/security-testing-patterns.md`
`@PreAuthorize` method security testing	`references/security-testing-patterns.md`
Boot 3.x → 4.x security testing changes	`references/security-testing-patterns.md`

related-skills.json

같은 저장소

spring-jpa-testing.md

from "spring-ai-community/spring-testing-skills"

@DataJpaTest requires TestEntityManager + flush()/clear() before assertions — without this, tests read from Hibernate L1 cache and pass falsely. Read before writing any JPA test. Triggers: @DataJpaTest, JpaRepository, TestEntityManager, @ServiceConnection, Testcontainers, @Modifying, Hibernate 6/7, @AutoConfigureTestDatabase, flush and clear in tests, @Transactional in tests, jakarta.persistence.EntityManager.

2026-04-0843

spring-mvc-testing.md

from "spring-ai-community/spring-testing-skills"

Boot 4+ replaced MockMvc assertions with MockMvcTester — incompatible API your training data gets wrong. Read before writing any @WebMvcTest. Triggers: @WebMvcTest, MockMvc, MockMvcTester, @RestController, jsonPath, @GetMapping, @PostMapping, @AutoConfigureMockMvc, MockMvcRequestBuilders, status().isOk(), @RestControllerAdvice, contentType(APPLICATION_JSON).

2026-04-0843

spring-testing-fundamentals.md

from "spring-ai-community/spring-testing-skills"

Boot 4 renamed @MockBean to @MockitoBean, moved test slice annotations to new packages, and changed context caching behavior. Read for correct AssertJ/BDDMockito idioms and Boot 4 migration. Default fallback when no specific slice annotation is present. Triggers: assertThat, BDDMockito, ArgumentCaptor, @MockitoBean, @MockitoSpyBean, @DirtiesContext, UnnecessaryStubbingException, testing pyramid, context cache.

2026-04-0843

spring-webflux-testing.md

from "spring-ai-community/spring-testing-skills"

WebFlux testing requires StepVerifier for reactive streams — standard assertions silently pass on empty Flux. WebTestClient API differs from MockMvc. Read before testing reactive endpoints. Triggers: @WebFluxTest, WebTestClient, StepVerifier, Mono, Flux, mockUser(), mockJwt(), mutateWith, verifyComplete, expectBody, expectStatus, @AutoConfigureWebTestClient.

2026-04-0843

spring-websocket-testing.md

from "spring-ai-community/spring-testing-skills"

WebSocket tests require @SpringBootTest(RANDOM_PORT) and async message handling — @WebMvcTest won't work. Timeout and session leak traps are common. Read before testing STOMP or WebSocket. Triggers: WebSocketStompClient, StompSession, @MessageMapping, @SendToUser, BlockingQueue, /topic/, /queue/, CountDownLatch, session.subscribe, session.send.

2026-04-0843

package.json

"author": "spring-ai-community"

"repository": "spring-ai-community/spring-testing-skills"

GitHub 저장소 열기 Creator 저장소 보기

$ install --global

$ download --local

Manus에서 실행

$ useful --forSOC

소프트웨어 품질 보증 분석가·테스터컴퓨터 및 수학직15-1253L4

name	spring-security-testing
description	Spring Security 7 changed method security defaults and CSRF handling — tests using hasRole() or csrf() may need updates. Read before testing authentication, authorization, or secured endpoints. Triggers: @WithMockUser, csrf(), jwt(), oauth2Login(), SecurityFilterChain, @PreAuthorize, AccessDeniedException, @WithUserDetails, @WithSecurityContext, hasRole, hasAuthority, SCOPE_, JwtAuthenticationToken.
version	0.1.0
license	Apache-2.0

Spring Security Testing

Tested With

Spring Boot 3.2+ / Spring Boot 4.x
Spring Security 6.x / 7.x
Spring Framework 6.x / Spring Framework 7.x
JUnit 5

Do NOT Use This Skill When

Testing REST controller HTTP behavior (status codes, JSON body, headers) without security focus → use spring-mvc-testing
Testing reactive endpoints with security → use spring-webflux-testing
Testing JPA repositories → use spring-jpa-testing
Writing pure unit tests for service logic without security context → use spring-testing-fundamentals

When to Read References

Situation	Read
`@WithMockUser` and `@WithUserDetails` setup	`references/security-testing-patterns.md`
`roles` vs `authorities` and the `ROLE_` prefix trap	`references/security-testing-patterns.md`
Per-request auth with `SecurityMockMvcRequestPostProcessors` (`user()`, `httpBasic()`)	`references/security-testing-patterns.md`
CSRF on POST/PUT/DELETE — preventing 403 in tests	`references/security-testing-patterns.md`
JWT resource server testing with `jwt()` post-processor	`references/security-testing-patterns.md`
OAuth2 login and OIDC testing with `oauth2Login()`, `mockOidcLogin()`	`references/security-testing-patterns.md`
Custom `@WithSecurityContext` for complex JWT scenarios	`references/security-testing-patterns.md`
`@PreAuthorize` method security testing	`references/security-testing-patterns.md`
Boot 3.x → 4.x security testing changes	`references/security-testing-patterns.md`

spring-security-testing

Spring Security Testing

Tested With

Do NOT Use This Skill When

When to Read References

이 저장소의 다른 Skills

이 저장소의 다른 Skills

Spring Security Testing

Tested With

Do NOT Use This Skill When

When to Read References