[Zope-CMF] how can I fake authentication in a unit test case
Dmitry Litovchenko
Dmitry Litovchenko <deadq@bkzebra.com>
Mon, 28 Oct 2002 09:19:32 +0200
If you are doing your tests using the web, for example querying
your zope server from external program, you can include authentication
header asking to become certain testuser, you may create plenty of
these with different roles.
==============================================
RFC 2617 HTTP Authentication June 1999
To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 [7]
encoded string in the credentials.
basic-credentials = base64-user-pass
base64-user-pass = <base64 [4] encoding of user-pass,
except not limited to 76 char/line>
user-pass = userid ":" password
userid = *<TEXT excluding ":">
password = *TEXT
Userids might be case sensitive.
If the user agent wishes to send the userid "Aladdin" and password
"open sesame", it would use the following header field:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
==============================================
That worked for me while accessing secure site via XML RPC, I just
added "Authorization" header in XML request and become admin or normal
user.
--
Dmitry
> Hi there,
> in a complex environment with a bunch of groups , rules and folders I
> would like to programmatically test that every combination of
> user/role/document is properly handled permission wise.
> To do this I would like to have a unit test with a testusers that tries
> to handle documents according to his roles.
> Now my question:
> how can a testuser authenticate itself in a unit test?
> Or is there some other way to achieve this goal?
> thanks for your tips
> Robert