Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Ticket #2454 (closed defect: fixed)

Opened 9 years ago

Last modified 9 years ago

Need regression tests for authentication, particularly with non-ascii user names and passwords

Reported by: chrisz Owned by:
Priority: normal Milestone: 2.1rc1
Component: TurboGears Version: trunk
Severity: normal Keywords: tests


When #2438, #2452 and #2453 are fixed, we should also add regression tests for authentication with non-ascii user names and passwords.

Unfortunately, I cannot even get the standard functional tests passing, probably because of changes in webob, weberrors and webtest. We need to get this fixed first.

For instance, test_authentication.test_forced_login is failing for me with

>>  assert resp.location.startswith('http://localhost/login')

because resp.location is missing the http://localhost part.

I also get an error because the 'authkt' cookie has double quotes around "INVALID".

And after fixing all of these, I still am still getting strage errors such as

AssertionError: Content-Length is different from actual app_iter length (301!=260)
    "Content-Length is different from actual app_iter length (%r!=%r)"
>>  % (self.content_length, len('401 Unauthorized\nThis server could not verify that you are authorized to\r\naccess t
he document you requested.  Either you supplied the\nwrong credentials (e.g., bad password), or your browser\r\ndoes n
ot understand how to supply the credentials required.\n\n\n\n'))


001_webob_0_9_8_content_length.diff Download (876 bytes) - added by Clicky 9 years ago.

Change History

Changed 9 years ago by Clicky

comment:1 Changed 9 years ago by Clicky

The Content-Length assertion was added in recent WebOb? versions (0.9.8+). It causes Pylons to fail when an HTTP error is raised by the underlying application (or a middleware in between, such as repoze), because Pylons overwrites some of the headers (in particular, Content-Length) using obsolete values.

The attached patch (for Pylons 0.9.7) fixed it for me. What it does is remove "content-length" from the headers which will be sent in the response since WebOb? can compute it automatically using the actual content's length.

I don't know if there's a better way to fix this (I don't know much about TurboGears/Pylons? inner workings). I guess the problem should probably be reported upstream.

comment:2 Changed 9 years ago by percious

  • Status changed from new to closed
  • Resolution set to fixed
  • Milestone changed from 2.1 to 2.1rc1

comment:3 Changed 9 years ago by chrisz

Please always report where and how things have been fixed if you close tickets. In this case, it seems you made the fix in repoze.who_testutil, but this means we should also require the new version of repoze.who_testutil in tg and tgdevtools (I'll take care of that now).

comment:4 Changed 9 years ago by chrisz

Seems WebTest? 1.2.3 was also necessary.

Note: See TracTickets for help on using tickets.