cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb3ebfea7c11e9ca6ae64a6f61e5bc80d7e5be6a
cameleer-server/.planning/phases/04-security/deferred-items.md
hsiegeln 45f0241079 docs(04-03): complete SSE payload signing plan 
- SUMMARY.md with self-check passed
- STATE.md updated to plan 3/3 complete, 100% progress
- ROADMAP.md and REQUIREMENTS.md updated (SECU-04 complete)
- deferred-items.md documents pre-existing test failures from Plan 02

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-11 20:31:58 +01:00

1.1 KiB
Raw Blame History

Phase 04 — Deferred Items

Pre-existing Test Failures (from Plan 02 security integration)

These tests fail because Plan 02 introduced real Spring Security but did not update all existing integration tests to pass JWT auth headers. The security filter returns 403 before controllers can return the expected error codes.

  1. AgentSseControllerIT.sseConnect_unknownAgent_returns404 — expects 404, gets 403 (security blocks unauthenticated request)
  2. AgentCommandControllerIT.sendCommandToUnregisteredAgent_returns404 — expects 404, gets 403
  3. AgentCommandControllerIT.acknowledgeUnknownCommand_returns404 — expects 404, gets 403
  4. JwtRefreshIT (all 5 tests) — all failing, likely needs bootstrap token for agent registration step

Root cause: Plan 02 emptied TestSecurityConfig and activated real SecurityConfig, but did not update pre-existing ITs to include JWT auth or adjust expected status codes for unauthenticated requests.

Discovered during: Plan 03 execution (04-03) Scope: Out of scope for Plan 03 (pre-existing, not caused by signing changes)

Reference in New Issue View Git Blame Copy Permalink