Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable basic auth tests with domainless custom authenticator #1371

Merged
merged 1 commit into from
Jul 27, 2016

Conversation

mconnew
Copy link
Member

@mconnew mconnew commented Jul 15, 2016

Fixes #1111

@mconnew mconnew force-pushed the Issue1111 branch 2 times, most recently from e4b9e4c to 79c1f08 Compare July 15, 2016 01:48
@roncain
Copy link
Contributor

roncain commented Jul 15, 2016

These tests are failing on *nix with the error:

MESSAGE:
Test Case: BasicAuthentication FAILED with the following errors: Basic echo test.Test variation:...\nBasicAuthentication_RoundTrips_Echo
Using address: 'https://wcfcoresrv2.cloudapp.net/WcfService4//BasicAuth.svc/https-basic'\nUnexpected exception was caught: System.ServiceModel.CommunicationException: An error occurred while sending the request. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.CurlException: SSL peer certificate or SSH remote key was not OK
at System.Net.Http.CurlHandler.ThrowIfCURLEError(CURLcode error)
 at System.Net.Http.CurlHandler.MultiAgent.FinishRequest(StrongToWeakReference`1 easyWrapper, CURLcode messageResult)\n --- End of inner exception stack trace ---

The SSL_Available ConditionalFact was used for all tests that failed with this kind of exception in the past, pending deeper investigation of what is required for automated installation scripts.

@@ -24,20 +27,18 @@ static Https_ClientCredentialTypeTests()
#if FULLXUNIT_NOTSUPPORTED
[Fact]
#else
[ConditionalFact(nameof(Root_Certificate_Installed), nameof(Basic_Authentication_Available))]
[ConditionalFact(nameof(Root_Certificate_Installed))]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you remove this ConditionalFact? Do we know Basic_Authentication_Available is true for all platforms, both self-host and IIS-host?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The the whole point of this change, it enables Basic authentication by using a custom authenticator on the server side so you don't need to use real credentials to test it. As there's no such thing as ambient credentials with Basic authentication, there's no need to have a test variant which uses a real domain.

@roncain
Copy link
Contributor

roncain commented Jul 15, 2016

@StephenBonikowsky is doing a massive sweep to "version-ize" the tests in PR #1366. I think it would be most efficient if we allowed his PR to be completed and then re-apply the changes in this PR. My own PeerTrust branch is also waiting for that PR to finish.

@mconnew
Copy link
Member Author

mconnew commented Jul 15, 2016

@iamjasonp, do you know why this test is getting this exception: System.Net.Http.CurlException: Peer certificate cannot be authenticated with given CA certificates

@iamjasonp
Copy link
Member

I wouldn't expect that to pass - root certs aren't installed on CI machines. I'm mildly surprised that Root_Certificate_Installed is evaluating to true.

@iamjasonp
Copy link
Member

Ah, I see - note that CA certificates being used by cURL does not use the x509 stores. So while Root_Certificate_Installed is evaluating to true (because certs are being installed fine in the .NET x509 cert stores), https calls won't work because they depend on the system cert store.

@iamjasonp
Copy link
Member

#1304 will help with getting these tests running in Helix/CI

@mconnew
Copy link
Member Author

mconnew commented Jul 26, 2016

@dotnet-bot test all outerloop

@mconnew
Copy link
Member Author

mconnew commented Jul 27, 2016

@dotnet-bot test all outerloop

@iamjasonp
Copy link
Member

If the default platforms (Windows_NT, Ubuntu14.04, CentOS7.1, OSX) pass, don't worry about the remaining outerloop CI failures for the new platforms we turned on in CI

@mconnew
Copy link
Member Author

mconnew commented Jul 27, 2016

Windows_NT Debug failure was unrelated so merging.

@mconnew mconnew merged commit fa9874f into dotnet:master Jul 27, 2016
@mconnew mconnew deleted the Issue1111 branch August 1, 2016 19:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants