Ticket #2454 (closed defect: fixed)
Need regression tests for authentication, particularly with non-ascii user names and passwords
| Reported by: | chrisz | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 2.1rc1 |
| Component: | TurboGears | Version: | trunk |
| Severity: | normal | Keywords: | tests |
| Cc: |
Description
When #2438, #2452 and #2453 are fixed, we should also add regression tests for authentication with non-ascii user names and passwords.
Unfortunately, I cannot even get the standard functional tests passing, probably because of changes in webob, weberrors and webtest. We need to get this fixed first.
For instance, test_authentication.test_forced_login is failing for me with
>> assert resp.location.startswith('http://localhost/login')
because resp.location is missing the http://localhost part.
I also get an error because the 'authkt' cookie has double quotes around "INVALID".
And after fixing all of these, I still am still getting strage errors such as
AssertionError: Content-Length is different from actual app_iter length (301!=260)
"Content-Length is different from actual app_iter length (%r!=%r)"
>> % (self.content_length, len('401 Unauthorized\nThis server could not verify that you are authorized to\r\naccess t
he document you requested. Either you supplied the\nwrong credentials (e.g., bad password), or your browser\r\ndoes n
ot understand how to supply the credentials required.\n\n\n\n'))
Attachments
-
001_webob_0_9_8_content_length.diff
(876 bytes) -
added by Clicky 15 months ago.
Change History
comment:1 Changed 15 months ago by Clicky
The Content-Length assertion was added in recent WebOb? versions (0.9.8+). It causes Pylons to fail when an HTTP error is raised by the underlying application (or a middleware in between, such as repoze), because Pylons overwrites some of the headers (in particular, Content-Length) using obsolete values.
The attached patch (for Pylons 0.9.7) fixed it for me. What it does is remove "content-length" from the headers which will be sent in the response since WebOb? can compute it automatically using the actual content's length.
I don't know if there's a better way to fix this (I don't know much about TurboGears/Pylons? inner workings). I guess the problem should probably be reported upstream.
comment:2 Changed 15 months ago by percious
- Status changed from new to closed
- Resolution set to fixed
- Milestone changed from 2.1 to 2.1rc1
comment:3 Changed 15 months ago by chrisz
Please always report where and how things have been fixed if you close tickets. In this case, it seems you made the fix in repoze.who_testutil, but this means we should also require the new version of repoze.who_testutil in tg and tgdevtools (I'll take care of that now).
