Testing HTTP Basic Authentication

I'm using the new 2.0 HTTP Basic Authentication module mentioned in the announcement, and having trouble figuring out how to write a functional tests that will do both positive and negative tests.

The framework documentation has the following snippet:

<<BEGIN SNIPPET>> In your integration tests, you can do something like this:

  def test_access_granted_from_xml     get(       "/notes/1.xml", nil,       :authorization => ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password)     )

    assert_equal 200, status   end <<END SNIPPET>>

Looking at the code for the test_process implementation of get, the parameters are: action, parameters = nil, session = nil, flash = nil.

That :authorization hash would actually be part of the session, not the headers. I looked around and couldn't figure out how to set headers in a test context.

I'd like to add tests to make sure that those sections that require authentication are guarded and that entering the wrong account/ password fails.

Any suggestions?

Here is the testing code:

class Admin::EventsControllerTest < Test::Unit::TestCase fixtures :categories

def setup @controller = Admin::EventsController.new @request = ActionController:: TestRequest.new @response = ActionController::TestResponse.new end

def login_as_admin @request.env[‘HTTP_AUTHORIZATION’] = ActionController::HttpAuthentication::Basic.encode_credentials (“admin”, “password”) end

def test_all_pages_for_admin_is_protected [:index, :edit, :show, :create, :update, :destroy].each do |actione| get actione assert_response :unauthorized

end

end

def test_index_page_loads_upon_successful_login login_as_admin

get :index, :id => categories(:all).id

assert_response :success
assert_template 'index'

assert assigns(:events)

end end

Ahh, that makes sense.

The key part being:

  @request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials("admin", "password")

Thanks!