Testing HTTP Basic Authentication

I'm using the new 2.0 HTTP Basic Authentication module mentioned in
the announcement, and having trouble figuring out how to write a
functional tests that will do both positive and negative tests.

The framework documentation has the following snippet:

<<BEGIN SNIPPET>>
In your integration tests, you can do something like this:

  def test_access_granted_from_xml
    get(
      "/notes/1.xml", nil,
      :authorization =>
ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name,
users(:dhh).password)
    )

    assert_equal 200, status
  end
<<END SNIPPET>>

Looking at the code for the test_process implementation of get, the
parameters are: action, parameters = nil, session = nil, flash = nil.

That :authorization hash would actually be part of the session, not
the headers. I looked around and couldn't figure out how to set
headers in a test context.

I'd like to add tests to make sure that those sections that require
authentication are guarded and that entering the wrong account/
password fails.

Any suggestions?

Here is the testing code:

class Admin::EventsControllerTest < Test::Unit::TestCase
fixtures :categories

def setup
@controller = Admin::EventsController.new
@request = ActionController::
TestRequest.new
@response = ActionController::TestResponse.new
end

def login_as_admin
@request.env[‘HTTP_AUTHORIZATION’] = ActionController::HttpAuthentication::Basic.encode_credentials
(“admin”, “password”)
end

def test_all_pages_for_admin_is_protected
[:index, :edit, :show, :create, :update, :destroy].each do |actione|
get actione
assert_response :unauthorized

end

end

def test_index_page_loads_upon_successful_login
login_as_admin

get :index, :id => categories(:all).id

assert_response :success
assert_template 'index'

assert assigns(:events)

end
end

Ahh, that makes sense.

The key part being:

  @request.env['HTTP_AUTHORIZATION'] =
ActionController::HttpAuthentication::Basic.encode_credentials("admin",
"password")

Thanks!