Starting out with Cucumber and webrat and seem to be hitting a problem
with a resource protected with http basic auth.
i.e.
The following feature..
Feature: Manage Pages
In order to add a reference pages
As a administrator
I want to create a page
Scenario: Add a page
Given I am logged in
And I am on the new page page
Then I should see "New page"
When I fill in "page_title" with "Demo Page"
And I fill in "page_summary" with "A short trip to the
loo"
And I fill in "page_body" with "A very long long long
story"
And I press "Create"
Then I should see "Show Page: Demo Page"
with the step "Given I am logged in" defined as..
Given /^I am logged in$/ do
basic_auth(''username'', ''apassword'')
end
All the steps work and a record is created, but the last step fails
with a "HTTP Basic: Access denied"
test.log has a
Processing PagesController#show (for 127.0.0.1 at 2008-11-19 22:52:23)
[GET]
Session ID:
BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo
SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk
LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064
Parameters: {"action"=>"show",
"id"=>"1-demo-page",
"controller"=>"admin/pages"}
Filter chain halted as [:authenticate] rendered_or_redirected.
Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) | DB:
0.00000 (0%) | 401 Unauthorized [http://www.example.com/admin/pages/1-
demo-page]
The :authenticate it refers to is a pretty standard..
def authenticate
authenticate_or_request_with_http_basic("no peeping") do |
username, password|
username == ''username'' && password ==
''apassword''
end
end
I''m assuming it''s possibly an implementation problem with
webrat?!?!
Given that the steps to fill out the form and press the create button
work fine (HTTP_AUTHORIZATION is passed in the heads for each action),
but sadly not for the redirect that follows the creation of a record.
Any ideas how I should proceed?
with thanks
Kevin
On Thu, Nov 20, 2008 at 11:32 AM, kwe <kwevans at gmail.com> wrote:> Starting out with Cucumber and webrat and seem to be hitting a problem > with a resource protected with http basic auth. > > i.e. > > The following feature.. > > Feature: Manage Pages > In order to add a reference pages > As a administrator > I want to create a page > > Scenario: Add a page > Given I am logged in > And I am on the new page page > Then I should see "New page" > When I fill in "page_title" with "Demo Page" > And I fill in "page_summary" with "A short trip to the loo" > And I fill in "page_body" with "A very long long long story" > And I press "Create" > Then I should see "Show Page: Demo Page" > > with the step "Given I am logged in" defined as.. > > Given /^I am logged in$/ do > basic_auth(''username'', ''apassword'') > end > > All the steps work and a record is created, but the last step fails > with a "HTTP Basic: Access denied" > > test.log has a > > Processing PagesController#show (for 127.0.0.1 at 2008-11-19 22:52:23) > [GET] > Session ID: > BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo > SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk > LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064 > Parameters: {"action"=>"show", "id"=>"1-demo-page", > "controller"=>"admin/pages"} > Filter chain halted as [:authenticate] rendered_or_redirected. > Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) | DB: > 0.00000 (0%) | 401 Unauthorized [http://www.example.com/admin/pages/1- > demo-page] > > The :authenticate it refers to is a pretty standard.. > > def authenticate > authenticate_or_request_with_http_basic("no peeping") do | > username, password| > username == ''username'' && password == ''apassword'' > end > end > > I''m assuming it''s possibly an implementation problem with webrat?!?!I added basic auth support to webrat a few weeks back, and Bryan pulled it in: http://github.com/brynary/webrat/commit/17cf56eb5e9f3872b842a43a3181caca4f005a28 Are you using this? Aslak> Given that the steps to fill out the form and press the create button > work fine (HTTP_AUTHORIZATION is passed in the heads for each action), > but sadly not for the redirect that follows the creation of a record. > > Any ideas how I should proceed? > > with thanks > Kevin > _______________________________________________ > rspec-users mailing list > rspec-users at rubyforge.org > http://rubyforge.org/mailman/listinfo/rspec-users >
Yes, using latest webrat and cucumber, basic_auth is working for the initial steps, just not for the redirect that follows a successful ''page'' creation i.e. redirect_to(admin_page_path(@page)) In a Rails sense. On Nov 20, 11:11?am, "aslak hellesoy" <aslak.helle... at gmail.com> wrote:> On Thu, Nov 20, 2008 at 11:32 AM, kwe <kwev... at gmail.com> wrote: > > Starting out with Cucumber and webrat and seem to be hitting a problem > > with a resource protected with http basic auth. > > > i.e. > > > The following feature.. > > > Feature: Manage Pages > > ?In order to add a reference pages > > ?As a administrator > > ?I want to create a page > > > ? ? ? ?Scenario: Add a page > > ? ? ? ? ? ? ? ?Given I am logged in > > ? ? ? ? ?And I am on the new page page > > ? ? ? ? ? ? ? ?Then I should see "New page" > > ? ? ? ? ? ? ? ?When I fill in "page_title" with "Demo Page" > > ? ? ? ? ? ? ? ?And I fill in "page_summary" with "A short trip to the loo" > > ? ? ? ? ? ? ? ?And I fill in "page_body" with "A very long long long story" > > ? ? ? ? ? ? ? ?And I press "Create" > > ? ? ? ? ? ? ? ?Then I should see "Show Page: Demo Page" > > > with the step "Given I am logged in" defined as.. > > > Given /^I am logged in$/ do > > ? ? ? ?basic_auth(''username'', ''apassword'') > > end > > > All the steps work and a record is created, but the last step fails > > with a "HTTP Basic: Access denied" > > > test.log has a > > > Processing PagesController#show (for 127.0.0.1 at 2008-11-19 22:52:23) > > [GET] > > ?Session ID: > > BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo > > SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk > > LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064 > > ?Parameters: {"action"=>"show", "id"=>"1-demo-page", > > "controller"=>"admin/pages"} > > Filter chain halted as [:authenticate] rendered_or_redirected. > > Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) | DB: > > 0.00000 (0%) | 401 Unauthorized [http://www.example.com/admin/pages/1- > > demo-page] > > > The :authenticate it refers to is a pretty standard.. > > > ?def authenticate > > ? ? authenticate_or_request_with_http_basic("no peeping") do | > > username, password| > > ? ? ? username == ''username'' && password == ''apassword'' > > ? ? end > > ?end > > > I''m assuming it''s possibly an implementation problem with webrat?!?! > > I added basic auth support to webrat a few weeks back, and Bryan pulled it in:http://github.com/brynary/webrat/commit/17cf56eb5e9f3872b842a43a3181c... > > Are you using this? > > Aslak > > > Given that the steps to fill out the form and press the create button > > work fine (HTTP_AUTHORIZATION is passed in the heads for each action), > > but sadly not for the redirect that follows the creation of a record. > > > Any ideas how I should proceed? > > > with thanks > > Kevin > > _______________________________________________ > > rspec-users mailing list > > rspec-us... at rubyforge.org > >http://rubyforge.org/mailman/listinfo/rspec-users > > _______________________________________________ > rspec-users mailing list > rspec-us... at rubyforge.orghttp://rubyforge.org/mailman/listinfo/rspec-users
On Thu, Nov 20, 2008 at 2:52 PM, kwe <kwevans at gmail.com> wrote:> Yes, using latest webrat and cucumber, basic_auth is working for the > initial steps, just not for the redirect that follows a successful > ''page'' creation i.e. > > redirect_to(admin_page_path(@page)) > > In a Rails sense. >Sorry - should have read your mail more closely. Then it might be a bug. Aslak> > On Nov 20, 11:11 am, "aslak hellesoy" <aslak.helle... at gmail.com> > wrote: >> On Thu, Nov 20, 2008 at 11:32 AM, kwe <kwev... at gmail.com> wrote: >> > Starting out with Cucumber and webrat and seem to be hitting a problem >> > with a resource protected with http basic auth. >> >> > i.e. >> >> > The following feature.. >> >> > Feature: Manage Pages >> > In order to add a reference pages >> > As a administrator >> > I want to create a page >> >> > Scenario: Add a page >> > Given I am logged in >> > And I am on the new page page >> > Then I should see "New page" >> > When I fill in "page_title" with "Demo Page" >> > And I fill in "page_summary" with "A short trip to the loo" >> > And I fill in "page_body" with "A very long long long story" >> > And I press "Create" >> > Then I should see "Show Page: Demo Page" >> >> > with the step "Given I am logged in" defined as.. >> >> > Given /^I am logged in$/ do >> > basic_auth(''username'', ''apassword'') >> > end >> >> > All the steps work and a record is created, but the last step fails >> > with a "HTTP Basic: Access denied" >> >> > test.log has a >> >> > Processing PagesController#show (for 127.0.0.1 at 2008-11-19 22:52:23) >> > [GET] >> > Session ID: >> > BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo >> > SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk >> > LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064 >> > Parameters: {"action"=>"show", "id"=>"1-demo-page", >> > "controller"=>"admin/pages"} >> > Filter chain halted as [:authenticate] rendered_or_redirected. >> > Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) | DB: >> > 0.00000 (0%) | 401 Unauthorized [http://www.example.com/admin/pages/1- >> > demo-page] >> >> > The :authenticate it refers to is a pretty standard.. >> >> > def authenticate >> > authenticate_or_request_with_http_basic("no peeping") do | >> > username, password| >> > username == ''username'' && password == ''apassword'' >> > end >> > end >> >> > I''m assuming it''s possibly an implementation problem with webrat?!?! >> >> I added basic auth support to webrat a few weeks back, and Bryan pulled it in:http://github.com/brynary/webrat/commit/17cf56eb5e9f3872b842a43a3181c... >> >> Are you using this? >> >> Aslak >> >> > Given that the steps to fill out the form and press the create button >> > work fine (HTTP_AUTHORIZATION is passed in the heads for each action), >> > but sadly not for the redirect that follows the creation of a record. >> >> > Any ideas how I should proceed? >> >> > with thanks >> > Kevin >> > _______________________________________________ >> > rspec-users mailing list >> > rspec-us... at rubyforge.org >> >http://rubyforge.org/mailman/listinfo/rspec-users >> >> _______________________________________________ >> rspec-users mailing list >> rspec-us... at rubyforge.orghttp://rubyforge.org/mailman/listinfo/rspec-users > _______________________________________________ > rspec-users mailing list > rspec-users at rubyforge.org > http://rubyforge.org/mailman/listinfo/rspec-users >
Don''t know if this is related, but webrat 0.3.4 introduced a bug with redirecting which I reported at http://webrat.lighthouseapp.com/projects/10503/tickets/67 Wonder if your problem happens with webrat 0.2? 2008/11/20 aslak hellesoy <aslak.hellesoy at gmail.com>:> On Thu, Nov 20, 2008 at 2:52 PM, kwe <kwevans at gmail.com> wrote: >> Yes, using latest webrat and cucumber, basic_auth is working for the >> initial steps, just not for the redirect that follows a successful >> ''page'' creation i.e. >> >> redirect_to(admin_page_path(@page)) >> >> In a Rails sense. >> > > Sorry - should have read your mail more closely. Then it might be a bug. > > Aslak > >> >> On Nov 20, 11:11 am, "aslak hellesoy" <aslak.helle... at gmail.com> >> wrote: >>> On Thu, Nov 20, 2008 at 11:32 AM, kwe <kwev... at gmail.com> wrote: >>> > Starting out with Cucumber and webrat and seem to be hitting a problem >>> > with a resource protected with http basic auth. >>> >>> > i.e. >>> >>> > The following feature.. >>> >>> > Feature: Manage Pages >>> > In order to add a reference pages >>> > As a administrator >>> > I want to create a page >>> >>> > Scenario: Add a page >>> > Given I am logged in >>> > And I am on the new page page >>> > Then I should see "New page" >>> > When I fill in "page_title" with "Demo Page" >>> > And I fill in "page_summary" with "A short trip to the loo" >>> > And I fill in "page_body" with "A very long long long story" >>> > And I press "Create" >>> > Then I should see "Show Page: Demo Page" >>> >>> > with the step "Given I am logged in" defined as.. >>> >>> > Given /^I am logged in$/ do >>> > basic_auth(''username'', ''apassword'') >>> > end >>> >>> > All the steps work and a record is created, but the last step fails >>> > with a "HTTP Basic: Access denied" >>> >>> > test.log has a >>> >>> > Processing PagesController#show (for 127.0.0.1 at 2008-11-19 22:52:23) >>> > [GET] >>> > Session ID: >>> > BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo >>> > SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk >>> > LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064 >>> > Parameters: {"action"=>"show", "id"=>"1-demo-page", >>> > "controller"=>"admin/pages"} >>> > Filter chain halted as [:authenticate] rendered_or_redirected. >>> > Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) | DB: >>> > 0.00000 (0%) | 401 Unauthorized [http://www.example.com/admin/pages/1- >>> > demo-page] >>> >>> > The :authenticate it refers to is a pretty standard.. >>> >>> > def authenticate >>> > authenticate_or_request_with_http_basic("no peeping") do | >>> > username, password| >>> > username == ''username'' && password == ''apassword'' >>> > end >>> > end >>> >>> > I''m assuming it''s possibly an implementation problem with webrat?!?! >>> >>> I added basic auth support to webrat a few weeks back, and Bryan pulled it in:http://github.com/brynary/webrat/commit/17cf56eb5e9f3872b842a43a3181c... >>> >>> Are you using this? >>> >>> Aslak >>> >>> > Given that the steps to fill out the form and press the create button >>> > work fine (HTTP_AUTHORIZATION is passed in the heads for each action), >>> > but sadly not for the redirect that follows the creation of a record. >>> >>> > Any ideas how I should proceed? >>> >>> > with thanks >>> > Kevin >>> > _______________________________________________ >>> > rspec-users mailing list >>> > rspec-us... at rubyforge.org >>> >http://rubyforge.org/mailman/listinfo/rspec-users >>> >>> _______________________________________________ >>> rspec-users mailing list >>> rspec-us... at rubyforge.orghttp://rubyforge.org/mailman/listinfo/rspec-users >> _______________________________________________ >> rspec-users mailing list >> rspec-users at rubyforge.org >> http://rubyforge.org/mailman/listinfo/rspec-users >> > _______________________________________________ > rspec-users mailing list > rspec-users at rubyforge.org > http://rubyforge.org/mailman/listinfo/rspec-users >
Yes. I''ve actually had to patch webrat (behind a firewall,
unfortunately)
to deal with this. Havn''t had a chance to actually extract from the
firewall.
It''s not actually Webrat''s fault, at least from what
I''ve managed to
uncover. The problem lies within the Rails integration tests; specifically
that follow_redirect (which webrat uses for posts, puts and deletes)
doesn''t
have a mechanism for passing on headers for the followup redirects.
webrat makes POST to /foos, sends http headers # uses rails
post_via_redirect method
controller responds with redirect to /foos/1
rails integration tests follows redirects # with follow_redirect! while
redirect?
If /foos/1 happens to require basic auth, things go boom, because
follow_redirect! has no mechanism for sending your own headers.
I ended up patching webrat to avoid the post_via_redirect rails methods, and
had to implement a version of follow_redirects that takes headers as an
argument. So, instead of using the rails post_via_redirect, I do something
like this:
# rails_session.rb
def post(url, data, headers = nil)
@integration_session.post(remove_protocol(url), data, headers)
@integration_session.follow_all_redirects_with_headers!(headers)
end
# session.rb
def follow_all_redirects_with_headers!(h)
follow_redirect_with_headers!(h) while redirect?
end
def follow_redirect_with_headers!(h)
# largely copied from within rails source...
raise "not a redirect!" unless redirect?
h[''HTTP_REFERER''] = current_url if current_url
get(interpret_url(headers[''location''].first, {}, h)
status
end
I''ll try and get this outside the firewall and into a github fork.
I''m not
convinced this was the best way to deal with the problem, but it''s
worked
for me so far.
On Thu, Nov 20, 2008 at 8:52 AM, kwe <kwevans at gmail.com> wrote:
> Yes, using latest webrat and cucumber, basic_auth is working for the
> initial steps, just not for the redirect that follows a successful
> ''page'' creation i.e.
>
> redirect_to(admin_page_path(@page))
>
> In a Rails sense.
>
>
> On Nov 20, 11:11 am, "aslak hellesoy" <aslak.helle... at
gmail.com>
> wrote:
> > On Thu, Nov 20, 2008 at 11:32 AM, kwe <kwev... at gmail.com>
wrote:
> > > Starting out with Cucumber and webrat and seem to be hitting a
problem
> > > with a resource protected with http basic auth.
> >
> > > i.e.
> >
> > > The following feature..
> >
> > > Feature: Manage Pages
> > > In order to add a reference pages
> > > As a administrator
> > > I want to create a page
> >
> > > Scenario: Add a page
> > > Given I am logged in
> > > And I am on the new page page
> > > Then I should see "New page"
> > > When I fill in "page_title" with
"Demo Page"
> > > And I fill in "page_summary" with
"A short trip to the
> loo"
> > > And I fill in "page_body" with "A
very long long long
> story"
> > > And I press "Create"
> > > Then I should see "Show Page: Demo Page"
> >
> > > with the step "Given I am logged in" defined as..
> >
> > > Given /^I am logged in$/ do
> > > basic_auth(''username'',
''apassword'')
> > > end
> >
> > > All the steps work and a record is created, but the last step
fails
> > > with a "HTTP Basic: Access denied"
> >
> > > test.log has a
> >
> > > Processing PagesController#show (for 127.0.0.1 at 2008-11-19
22:52:23)
> > > [GET]
> > > Session ID:
> > > BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo
> > > SGFzaHsGOgtub3RpY2UiI1BhZ2Ugd2FzIHN1Y2Nlc3NmdWxseSBjcmVhdGVk
> > > LgY6CkB1c2VkewY7BkY=--fb242e74f0776d7728d62c6224c763ed60ad7064
> > > Parameters: {"action"=>"show",
"id"=>"1-demo-page",
> > > "controller"=>"admin/pages"}
> > > Filter chain halted as [:authenticate] rendered_or_redirected.
> > > Completed in 0.00095 (1053 reqs/sec) | Rendering: 0.00081 (85%) |
DB:
> > > 0.00000 (0%) | 401 Unauthorized
[http://www.example.com/admin/pages/1-
> > > demo-page]
> >
> > > The :authenticate it refers to is a pretty standard..
> >
> > > def authenticate
> > > authenticate_or_request_with_http_basic("no
peeping") do |
> > > username, password|
> > > username == ''username'' &&
password == ''apassword''
> > > end
> > > end
> >
> > > I''m assuming it''s possibly an implementation
problem with webrat?!?!
> >
> > I added basic auth support to webrat a few weeks back, and Bryan
pulled
> it in:
> http://github.com/brynary/webrat/commit/17cf56eb5e9f3872b842a43a3181c...
> >
> > Are you using this?
> >
> > Aslak
> >
> > > Given that the steps to fill out the form and press the create
button
> > > work fine (HTTP_AUTHORIZATION is passed in the heads for each
action),
> > > but sadly not for the redirect that follows the creation of a
record.
> >
> > > Any ideas how I should proceed?
> >
> > > with thanks
> > > Kevin
> > > _______________________________________________
> > > rspec-users mailing list
> > > rspec-us... at rubyforge.org
> > >http://rubyforge.org/mailman/listinfo/rspec-users
> >
> > _______________________________________________
> > rspec-users mailing list
> > rspec-us... at rubyforge.orghttp://
> rubyforge.org/mailman/listinfo/rspec-users
> _______________________________________________
> rspec-users mailing list
> rspec-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/rspec-users
>
--
// anything worth taking seriously is worth making fun of
// http://blog.devcaffeine.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://rubyforge.org/pipermail/rspec-users/attachments/20081120/3e63d230/attachment.html>
On Thu, Nov 20, 2008 at 10:15 AM, Chris Flipse <cflipse at gmail.com> wrote:> I ended up patching webrat to avoid the post_via_redirect rails methods, and > had to implement a version of follow_redirects that takes headers as an > argument.I''ve refactored the way that redirects are handled in Rails away from the <action>_with_redirect style in my webrat fork (http://github.com/joshknowles/webrat) which may make your work easier. -- Josh Knowles phone: 509-979-1593 email: joshknowles at gmail.com web: http://joshknowles.com
Thanks. I had _some_ similar bits already in place, but yours is much better put together for deciding when to redirect. I''ve got a patch up at http://github.com/flip/webrat/commit/4131b8da2fec44398fb170f4d88edc36ad9c9cac that should do the trick for the redirects. On Thu, Nov 20, 2008 at 10:28 AM, Josh Knowles <joshknowles at gmail.com>wrote:> On Thu, Nov 20, 2008 at 10:15 AM, Chris Flipse <cflipse at gmail.com> wrote: > > I ended up patching webrat to avoid the post_via_redirect rails methods, > and > > had to implement a version of follow_redirects that takes headers as an > > argument. > > I''ve refactored the way that redirects are handled in Rails away from > the <action>_with_redirect style in my webrat fork > (http://github.com/joshknowles/webrat) which may make your work > easier. > > > -- > Josh Knowles > phone: 509-979-1593 > email: joshknowles at gmail.com > web: http://joshknowles.com > _______________________________________________ > rspec-users mailing list > rspec-users at rubyforge.org > http://rubyforge.org/mailman/listinfo/rspec-users >-- // anything worth taking seriously is worth making fun of // http://blog.devcaffeine.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://rubyforge.org/pipermail/rspec-users/attachments/20081121/a25562fd/attachment-0001.html>