[Checkins] SVN: Products.PluggableAuthService/trunk/Products/PluggableAuthService/ Revert part of the last change and added test for multiple auth header support in the HTTPBasicAuthHelper instead.
Hanno Schlichting
hannosch at hannosch.eu
Tue May 12 05:57:03 EDT 2009
Log message for revision 99868:
Revert part of the last change and added test for multiple auth header support in the HTTPBasicAuthHelper instead.
Changed:
U Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt
U Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py
U Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py
-=-
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt 2009-05-12 09:21:37 UTC (rev 99867)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/doc/HISTORY.txt 2009-05-12 09:57:03 UTC (rev 99868)
@@ -1,9 +1,15 @@
PluggableAuthService historic changes
=====================================
-- Changed HTTPBasicAuthHelper to not rely on two obscure features of the
+PluggableAuthService 1.7dev
+---------------------------
+
+- Added test for multiple auth header support in the HTTPBasicAuthHelper.
+
+- Changed HTTPBasicAuthHelper to not rely on one obscure feature of the
HTTPResponse.
+
PluggableAuthService 1.4 (2006-08-28)
-------------------------------------
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py 2009-05-12 09:21:37 UTC (rev 99867)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/HTTPBasicAuthHelper.py 2009-05-12 09:57:03 UTC (rev 99868)
@@ -97,9 +97,10 @@
"""
realm = response.realm
if realm:
- response.setHeader('WWW-Authenticate',
+ response.addHeader('WWW-Authenticate',
'basic realm="%s"' % realm)
m = "<strong>You are not authorized to access this resource.</strong>"
+
response.setBody(m, is_error=1)
response.setStatus(401)
return 1
Modified: Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py
===================================================================
--- Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py 2009-05-12 09:21:37 UTC (rev 99867)
+++ Products.PluggableAuthService/trunk/Products/PluggableAuthService/plugins/tests/test_HTTPBasicAuthHelper.py 2009-05-12 09:57:03 UTC (rev 99868)
@@ -57,6 +57,13 @@
self.headers[name] = value
+ def addHeader(self, name, value):
+ previous = self.headers.get(name)
+ if previous:
+ self.headers[name] = [previous, value]
+ else:
+ self.headers[name] = value
+
def setBody(self, body, is_error=0):
self.body = body
@@ -105,7 +112,23 @@
self.failUnless(response.headers['WWW-Authenticate'],
'basic realm="unit test"')
+ def test_multi_challenge( self ):
+ # It is possible for HTTP headers to contain multiple auth headers
+ helper = self._makeOne()
+ request = FauxHTTPRequest()
+ response = FauxHTTPResponse()
+ self.failIf( response._unauthorized_called )
+ helper.challenge(request, response)
+
+ response.realm = 'second realm'
+ helper.challenge(request, response)
+
+ self.failUnless(response.status, 401)
+ self.failUnless(response.headers['WWW-Authenticate'],
+ ['basic realm="unit test"', 'basic realm="second realm"'])
+
+
def test_resetCredentials( self ):
helper = self._makeOne()
More information about the Checkins
mailing list