# Testing Method Security

For example, we can test our example from [EnableReactiveMethodSecurity](../authorization/method.html#jc-erms) using the same setup and annotations we did in [Testing Method Security](../../servlet/test/method.html#test-method).
Here is a minimal sample of what we can do:

Java

```
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = HelloWebfluxMethodApplication.class)
public class HelloWorldMessageServiceTests {
	@Autowired
	HelloWorldMessageService messages;

	@Test
	public void messagesWhenNotAuthenticatedThenDenied() {
		StepVerifier.create(this.messages.findMessage())
			.expectError(AccessDeniedException.class)
			.verify();
	}

	@Test
	@WithMockUser
	public void messagesWhenUserThenDenied() {
		StepVerifier.create(this.messages.findMessage())
			.expectError(AccessDeniedException.class)
			.verify();
	}

	@Test
	@WithMockUser(roles = "ADMIN")
	public void messagesWhenAdminThenOk() {
		StepVerifier.create(this.messages.findMessage())
			.expectNext("Hello World!")
			.verifyComplete();
	}
}
```

Kotlin

```
@RunWith(SpringRunner::class)
@ContextConfiguration(classes = [HelloWebfluxMethodApplication::class])
class HelloWorldMessageServiceTests {
    @Autowired
    lateinit var messages: HelloWorldMessageService

    @Test
    fun messagesWhenNotAuthenticatedThenDenied() {
        StepVerifier.create(messages.findMessage())
            .expectError(AccessDeniedException::class.java)
            .verify()
    }

    @Test
    @WithMockUser
    fun messagesWhenUserThenDenied() {
        StepVerifier.create(messages.findMessage())
            .expectError(AccessDeniedException::class.java)
            .verify()
    }

    @Test
    @WithMockUser(roles = ["ADMIN"])
    fun messagesWhenAdminThenOk() {
        StepVerifier.create(messages.findMessage())
            .expectNext("Hello World!")
            .verifyComplete()
    }
}
```

[Testing](index.html)[Testing Web Security](web/index.html)