• 原文出處：http://www.dobervich.com/2011/03/28/symfony2-blog-application-tutorial-part-v-2-testing-secure-pages/
• 原文作者：Dustin Dobervich
• 授權(quán)許可：創(chuàng)作共用協(xié)議
• 翻譯人員：FireHare
• 校對(duì)人員：FireHare
• 適用版本：Symfony 2
• 文章?tīng)顟B(tài)：已校對(duì)

I just wanted to write a quick post illustrating how to use the http basic authentication mechanism to test secured pages. Since the testing framework does not support sessions at the moment, it is not possible to write tests using the form login mechanism. Because of this, we have to use http basic authentication to test our secure pages.
我只想快速寫(xiě)一篇文章說(shuō)明如何使用HTTP基本認(rèn)證機(jī)制來(lái)測(cè)試安全頁(yè)面。因?yàn)闇y(cè)試框架目前不支持會(huì)話(huà)，因此不可以使用表單登錄機(jī)制來(lái)編寫(xiě)測(cè)試。有鑒于此，我們不得不使用HTTP基本認(rèn)證來(lái)測(cè)試我們的安全頁(yè)面。

First, we must make changes to the application’s test environment. The config_test.yml file located in the app/config directory is where we put all of our test environment specific configuration. We need to override the security configuration we set up in the previous tutorial to use the http basic authentication mechanism. Open up the config_test.yml file and add the following.
首先，我們必須修改應(yīng)用程序的測(cè)試環(huán)境。我們將我們測(cè)試環(huán)境的相關(guān)配置全部放入了位于app/config目錄中的config_test.yml文件中。我們需要覆寫(xiě)在先前教程中設(shè)置的安全配置，以便使用HTTP基本認(rèn)證機(jī)制。打開(kāi)config_test.yml文件，并添加下列語(yǔ)句：

##?Security?Configuration?

security:?

????encoders:?

????????Symfony\Component\Security\Core\User\User:?plaintext?

?

????providers:?

????????main:?

????????????users:?

????????????????john.doe:?{?password:?admin,?roles:?ROLE_ADMIN?}?

?

????firewalls:?

????????main:?

????????????pattern:????/.*?

????????????http_basic:?true?

????????????logout:?????true?

????????????security:?true?

????????????anonymous:?true?

Here we have declared that we want to use http_basic authentication in the test environment firewall. We have also told symfony that we want to use a plaintext password encoder for our user. This allows us to specify the user’s password in plain text. Under the providers entry we have declared an in-memory user with a username of john.doe, a password of admin and having the role ROLE_ADMIN. We will supply these credentials in our request using server parameters.
在這里，我們?cè)跍y(cè)試環(huán)境的防火墻中聲明我們想使用http_basic認(rèn)證。我們還告訴Symfony2我們想為我們的用戶(hù)使用純文本密碼編碼器。這樣可以讓我們用純文本指定用戶(hù)的密碼。在提供器條目下，我們聲明了一個(gè)用戶(hù)名是john.doe的in-memory用戶(hù)，密碼是admin，并且擁有ROLE_ADMIN角色。我們將在我們的請(qǐng)求里使用服務(wù)器參數(shù)來(lái)提供這些參數(shù)。

Now open up the AdminControllerTest.php file located in the src/Company/BlogBundle/Tests/Controller folder. Here is the code for the test.
現(xiàn)在打開(kāi)位于src/Company/BlogBundle/Tests/Controller文件夾中的AdminControllerTest.php文件，以下是測(cè)試代碼。

namespace?Company\BlogBundle\Tests\Controller;?

??

use?Symfony\Bundle\FrameworkBundle\Test\WebTestCase;?

??

class?AdminControllerTest?extends?WebTestCase?

{?

????public?function?testIndex()?

????{?

????????$client?=?$this->createClient();?

????????$client->followRedirects(true);?

??

????????//?request?the?index?action?with?invalid?credentials?

????????$crawler?=?$client->request('GET',?'/admin/',?array(),?array(),?

????????????array('PHP_AUTH_USER'?=>?'john.doe',?'PHP_AUTH_PW'?=>?'wrong_pass'));?

??

????????$this->assertEquals(200,?$client->getResponse()->getStatusCode());?

??

????????//?we?should?be?redirected?to?the?login?page?

????????$this->assertTrue($crawler->filter('title:contains("Login")')->count()?>?0);?

??

????????//?request?the?index?action?with?valid?credentials?

????????$crawler?=?$client->request('GET',?'/admin/',?array(),?array(),?

????????????array('PHP_AUTH_USER'?=>?'john.doe',?'PHP_AUTH_PW'?=>?'admin'));?

??

????????$this->assertEquals(200,?$client->getResponse()->getStatusCode());?

??

????????//?check?the?title?of?the?page?matches?the?admin?home?page?

????????$this->assertTrue($crawler->filter('title:contains("Admin?|?Home")')->count()?>?0);?

??

????????//?check?that?the?logout?link?exists?

????????$this->assertTrue($crawler->filter('a:contains("Logout")')->count()?>?0);?

????}?

}?

The code is fairly straightforward. You should be able to follow along with the comments and know what is going on. Two special server parameters are used to pass the user’s credentials to the application PHP_AUTH_USER and PHP_AUTH_PW.
代碼非常簡(jiǎn)單。您應(yīng)該能夠根據(jù)注解明白是怎么回事。兩個(gè)特定的服務(wù)器參數(shù)（PHP_AUTH_USER和PHP_AUTH_PW）用于將用戶(hù)的證書(shū)發(fā)送到應(yīng)用程序。

You should now be setup to test all of your secured pages. I am still not sure what I will be posting about next. I have been out of town, so I have not had time to even think about it. I am hesitant to do a Form tutorial because of the proposed changes. I was thinking about maybe going over the container and writing a custom service. Let me know what you guys want. Until next time…
您現(xiàn)在應(yīng)該做好測(cè)試您所有安全頁(yè)面的設(shè)置。我一直不確定我下一篇文章要寫(xiě)什么。我不在家，所以我沒(méi)有時(shí)間考慮這個(gè)。我很猶豫是改主意寫(xiě)一篇表單教程，還是按原計(jì)劃寫(xiě)寫(xiě)容器和自定義服務(wù)？讓我知道您需要什么。直到下一次...

總結(jié)

以上是生活随笔為你收集整理的Symfony2博客应用程序教程：第四部分（续）－测试安全页的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。