MX-219: Fix self-service HTTPS auth and runreports IT#100
Merged
IOhacker merged 1 commit intoopenMF:developfrom Apr 8, 2026
Merged
MX-219: Fix self-service HTTPS auth and runreports IT#100IOhacker merged 1 commit intoopenMF:developfrom
IOhacker merged 1 commit intoopenMF:developfrom
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This pull request resolves integration test failures and refines the self-service API authentication logic. It updates the
testcontainersconfiguration to align with Fineract's strict HTTPS requirements and ensures accurate role-based constraint verifications during login.Key Changes
SelfServiceIntegrationTestBaseto use Fineract's default secure port (8443) and enabled SSL (FINERACT_SERVER_SSL_ENABLED=true). Updated the health check strategy to securely wait for the actuator using.allowInsecure()..relaxedHTTPSValidation()inSelfServiceTestUtilsso local RestAssured clients can successfully bypass the self-signed certificate constraints in ITs.FINERACT_IT_IMAGE) and system properties (-Dfineract.it.image) to dynamically override the docker image used by Testcontainers, with a fallback toapache/fineract:develop.FINERACT_MODULE_SELFSERVICE_ENABLED.TenantAwareJpaPlatformSelfServiceUserDetailsServiceto actively block login attempts and throwUsernameNotFoundExceptionif the user lacks the explicit Self-Service role flag or if the role isn't appropriately authorized for self-service functionality.Verification
./mvnw clean verify) pass successfully usingtestcontainers.