• 原文出處：http://www.dobervich.com/2011/03/28/symfony2-blog-application-tutorial-part-v-2-testing-secure-pages/
• 原文作者：Dustin Dobervich
• 授權許可：創作共用協議
• 翻譯人員：FireHare
• 校對人員：FireHare
• 適用版本：Symfony 2
• 文章狀態：已校對

I just wanted to write a quick post illustrating how to use the http basic authentication mechanism to test secured pages. Since the testing framework does not support sessions at the moment, it is not possible to write tests using the form login mechanism. Because of this, we have to use http basic authentication to test our secure pages.
我只想快速寫一篇文章說明如何使用HTTP基本認證機制來測試安全頁面。因為測試框架目前不支持會話，因此不可以使用表單登錄機制來編寫測試。有鑒于此，我們不得不使用HTTP基本認證來測試我們的安全頁面。

First, we must make changes to the application’s test environment. The config_test.yml file located in the app/config directory is where we put all of our test environment specific configuration. We need to override the security configuration we set up in the previous tutorial to use the http basic authentication mechanism. Open up the config_test.yml file and add the following.
首先，我們必須修改應用程序的測試環境。我們將我們測試環境的相關配置全部放入了位于app/config目錄中的config_test.yml文件中。我們需要覆寫在先前教程中設置的安全配置，以便使用HTTP基本認證機制。打開config_test.yml文件，并添加下列語句：

##?Security?Configuration?

security:?

????encoders:?

????????Symfony\Component\Security\Core\User\User:?plaintext?

?

????providers:?

????????main:?

????????????users:?

????????????????john.doe:?{?password:?admin,?roles:?ROLE_ADMIN?}?

?

????firewalls:?

????????main:?

????????????pattern:????/.*?

????????????http_basic:?true?

????????????logout:?????true?

????????????security:?true?

????????????anonymous:?true?

Here we have declared that we want to use http_basic authentication in the test environment firewall. We have also told symfony that we want to use a plaintext password encoder for our user. This allows us to specify the user’s password in plain text. Under the providers entry we have declared an in-memory user with a username of john.doe, a password of admin and having the role ROLE_ADMIN. We will supply these credentials in our request using server parameters.
在這里，我們在測試環境的防火墻中聲明我們想使用http_basic認證。我們還告訴Symfony2我們想為我們的用戶使用純文本密碼編碼器。這樣可以讓我們用純文本指定用戶的密碼。在提供器條目下，我們聲明了一個用戶名是john.doe的in-memory用戶，密碼是admin，并且擁有ROLE_ADMIN角色。我們將在我們的請求里使用服務器參數來提供這些參數。

Now open up the AdminControllerTest.php file located in the src/Company/BlogBundle/Tests/Controller folder. Here is the code for the test.
現在打開位于src/Company/BlogBundle/Tests/Controller文件夾中的AdminControllerTest.php文件，以下是測試代碼。

namespace?Company\BlogBundle\Tests\Controller;?

??

use?Symfony\Bundle\FrameworkBundle\Test\WebTestCase;?

??

class?AdminControllerTest?extends?WebTestCase?

{?

????public?function?testIndex()?

????{?

????????$client?=?$this->createClient();?

????????$client->followRedirects(true);?

??

????????//?request?the?index?action?with?invalid?credentials?

????????$crawler?=?$client->request('GET',?'/admin/',?array(),?array(),?

????????????array('PHP_AUTH_USER'?=>?'john.doe',?'PHP_AUTH_PW'?=>?'wrong_pass'));?

??

????????$this->assertEquals(200,?$client->getResponse()->getStatusCode());?

??

????????//?we?should?be?redirected?to?the?login?page?

????????$this->assertTrue($crawler->filter('title:contains("Login")')->count()?>?0);?

??

????????//?request?the?index?action?with?valid?credentials?

????????$crawler?=?$client->request('GET',?'/admin/',?array(),?array(),?

????????????array('PHP_AUTH_USER'?=>?'john.doe',?'PHP_AUTH_PW'?=>?'admin'));?

??

????????$this->assertEquals(200,?$client->getResponse()->getStatusCode());?

??

????????//?check?the?title?of?the?page?matches?the?admin?home?page?

????????$this->assertTrue($crawler->filter('title:contains("Admin?|?Home")')->count()?>?0);?

??

????????//?check?that?the?logout?link?exists?

????????$this->assertTrue($crawler->filter('a:contains("Logout")')->count()?>?0);?

????}?

}?

The code is fairly straightforward. You should be able to follow along with the comments and know what is going on. Two special server parameters are used to pass the user’s credentials to the application PHP_AUTH_USER and PHP_AUTH_PW.
代碼非常簡單。您應該能夠根據注解明白是怎么回事。兩個特定的服務器參數（PHP_AUTH_USER和PHP_AUTH_PW）用于將用戶的證書發送到應用程序。

You should now be setup to test all of your secured pages. I am still not sure what I will be posting about next. I have been out of town, so I have not had time to even think about it. I am hesitant to do a Form tutorial because of the proposed changes. I was thinking about maybe going over the container and writing a custom service. Let me know what you guys want. Until next time…
您現在應該做好測試您所有安全頁面的設置。我一直不確定我下一篇文章要寫什么。我不在家，所以我沒有時間考慮這個。我很猶豫是改主意寫一篇表單教程，還是按原計劃寫寫容器和自定義服務？讓我知道您需要什么。直到下一次...

總結

以上是生活随笔為你收集整理的Symfony2博客应用程序教程：第四部分（续）－测试安全页的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。