Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Basic authentication tests fail in CI when using IIS-hosted services #1111

Closed
roncain opened this issue May 3, 2016 · 4 comments
Closed
Assignees
Labels
infrastructure Issues related to the build, packaging, testing or related areas. test bug Test issues that need fixing.
Milestone

Comments

@roncain
Copy link
Contributor

roncain commented May 3, 2016

The Basic authentication tests fail on CI runs against IIS-hosted WCF services but pass in self-hosted. Likely cause is that Basic Authentication is not enabled for the CI web sites in IIS.
These are the 2 failing tests:

Https_ClientCredentialTypeTests.BasicAuthenticationInvalidPwd_throw_MessageSecurityException 
Https_ClientCredentialTypeTests.BasicAuthentication_RoundTrips_Echo

Failure looks like this:

Https_ClientCredentialTypeTests.BasicAuthenticationInvalidPwd_throw_MessageSecurityException [FAIL]
        Assert.Throws() Failure
        Expected: typeof(System.ServiceModel.Security.MessageSecurityException)
        Actual:   typeof(System.ServiceModel.CommunicationException): The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
        Stack Trace:
           D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannel.cs(764,0): at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
           D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannelProxy.cs(371,0): at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(MethodCall methodCall, ProxyOperationRuntime operation)
           D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannelProxy.cs(136,0): at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(MethodInfo targetMethod, Object[] args)
           --- End of stack trace from previous location where exception was thrown ---
              at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
              at System.Reflection.DispatchProxyGenerator.Invoke(Object[] args)
              at generatedProxy_2.Echo(String )
           D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\tests\Scenarios\Security\TransportSecurity\Https\ClientCredentialTypeTests.cs(82,0): at Https_ClientCredentialTypeTests.<>c.<BasicAuthenticationInvalidPwd_throw_MessageSecurityException>b__4_0()
     Https_ClientCredentialTypeTests.BasicAuthentication_RoundTrips_Echo [FAIL]
        Test Case: BasicAuthentication FAILED with the following errors: Basic echo test.
  Test variation:...
  BasicAuthentication_RoundTrips_Echo
  Using address: 'https://wcfcoresrv2.cloudapp.net/WcfService15//BasicAuth.svc//https-basic'
        Unexpected exception was caught: System.ServiceModel.CommunicationException: The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
           at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) in D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannel.cs:line 764
           at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(MethodCall methodCall, ProxyOperationRuntime operation) in D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannelProxy.cs:line 371
           at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(MethodInfo targetMethod, Object[] args) in D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\src\System\ServiceModel\Channels\ServiceChannelProxy.cs:line 136
        --- End of stack trace from previous location where exception was thrown ---
           at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
           at System.Reflection.DispatchProxyGenerator.Invoke(Object[] args)
           at generatedProxy_2.Echo(String )
           at Https_ClientCredentialTypeTests.BasicAuthentication_RoundTrips_Echo() in D:\j\workspace\outerloop_win---1452b487\src\System.Private.ServiceModel\tests\Scenarios\Security\TransportSecurity\Https\ClientCredentialTypeTests.cs:line 40

@roncain roncain added infrastructure Issues related to the build, packaging, testing or related areas. bug This is a product bug. labels May 3, 2016
@zhenlan
Copy link
Member

zhenlan commented May 3, 2016

@roncain will add new ConditionalFact for Digest
@hongdai will come up a complete proposal of how we need to break down current IIS hosted test service.

@zhenlan zhenlan added this to the 2016.05 milestone May 3, 2016
@zhenlan zhenlan modified the milestones: 2016.05, 2016.06 May 17, 2016
@zhenlan
Copy link
Member

zhenlan commented Jun 9, 2016

@hongdai @roncain It's my understanding this is a test bug instead of a product bug. Please chime in if this is not the case.

@zhenlan zhenlan added test bug Test issues that need fixing. and removed bug This is a product bug. labels Jun 9, 2016
@roncain
Copy link
Contributor Author

roncain commented Jun 9, 2016

@zhenlan and @hongdai -- yes, this is probably only a test bug. Right now, the ConditionalFact for Basic_Authentication_Available is true only for self-host, so this is skipped in CI runs using IIS. I believe we are waiting for Hong to tell me how to write a ConditionalFact that will allow it to work against IIS now that the security folder PR is in. Example: does the Util service need and endpoint to query? Is it true only on Windows? etc.

Edit: Digest_Authentication_Available ConditionalFact is also overly simple and just tests for localhost. Before I can provide a smarter ConditionalFact for it, I need to know from Hong how to determine when Digest can be used. A query to the Util service?

@hongdai
Copy link
Contributor

hongdai commented Jun 24, 2016

Matt and I have just discussed it. Create a local account on service for basic auth imposes a security risk. Instead we can have a test similar to Digest no domain.

Reassign the bug to Matt. Matt will implement a basic auth test without the need of a local user account created in the IIS hosted test server machine.

@hongdai hongdai assigned mconnew and unassigned hongdai Jun 24, 2016
@zhenlan zhenlan modified the milestones: 2016.07, 2016.06 Jul 12, 2016
mconnew added a commit that referenced this issue Jul 27, 2016
Enable basic auth tests with domainless custom authenticator
Fixes #1111
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
infrastructure Issues related to the build, packaging, testing or related areas. test bug Test issues that need fixing.
Projects
None yet
Development

No branches or pull requests

5 participants