TestBox with BASICAUTH

Communities
1

Hi there,

How do I include basic auth details in my test suites?

That is - I have basicauth enabled for an application (temporarily - until I work out how to implement cbSecurity, properly - but when I attempt to run my unit tests - I get a 401 Unauthorised error.

Thanks.

2

I don’t know exactly (I’m rather new to the forums here), but I think it’s related to the test suites using an Application.cfc that does not create and load the ColdBox bootstrap, so it wouldn’t load the config files.

It looks like the test suite Application.cfc is creating a virtual app instead (request.coldBoxVirtualApp). Perhaps configurations can be loaded in with the startup() function or the constructor? I’m just guessing here, sorry if this leads you in the wrong direction.

3

Hi @JayTennant

I have worked out why it wasn’t working for me, while I was reply to your reply…

FYI: BASIC AUTH is NOT a CFML “thing”.
It doesn’t have anything at all to do with your ACF or Lucee Sever.

It is a Web Server thing…
In that you can tell Apache httpd / IIS / etc - to have a username/password requirement to access a directory.

It’s a “pre” requirement - before you even get to run any CFML.

When you try to access a endpoint in a directory that has BASIC AUTH, you get a pop-up, asking you for a username and password.

In order to get your page without interacting with the pop-up, you can add the username and password into the URL your calling

And initially at the time of writing this question, initially - Adding a username and password to the URL was not working for me. I assumed there might be some sort of CommandBox or TestBox “thing” at play that (I was missing) and was stopping my URL requests from working.

Turns out… I just had the URL wrong, all along.

This what you need in your URL for BASIC AUTH to work:
http://<username>:<password>@<hostname>/path

The above works perfectly - without error, unlike what I was trying, which was:
http://localhost/username:password@localhost/tests/runner.cfm

Note: the additional localhost at the beginning of the url!

Nonetheless, thanks for the reply - all sorted now!

2 Likes
4

Ah, cool, glad it’s sorted out. I had not realized the importance of the part where you said cbSecurity was not implemented yet and that you’ve enabled basicauth. For me, I have used cbSecurity’s BasicAuthUserService as a simple way to authenticate hardcoded user credentials in the config files before implementing the database, and I think I conflated the terms. :upside_down_face:

Thanks for the follow-up and explanation, I understand the system a bit more now!