Monday, June 7, 2010

Login problems using zope.testbrowser.browser


Recently, while writing some automated scripts for the ZMI with zope.testbrowser, I ran into some problems.

Here was my first try straight out of the pypi page of zope.testbrowser:


from zope.testbrowser.browser import Browser
br = Browser()
br.addHeader('Authorization', 'Basic %s:%s' % (zmi_user, zmi_passwd))
url = 'http://%s:%s/manage_main' % (zmi_host, zmi_port)
br.open(url)

Contrary to expectations, this resulted in

mechanize._response.HTTPError: HTTP Error 500: Internal Server Error

Looking at the server error log was more puzzling.

Traceback (innermost last):
Module ZPublisher.Publish, line 106, in publish
Module ZPublisher.BaseRequest, line 452, in traverse
Module Products.PluggableAuthService.PluggableAuthService, line 234, in validate
Module Products.PluggableAuthService.PluggableAuthService, line 627, in _extractUserIds
Module Products.PluggableAuthService.PluggableAuthService, line 123, in extractCredentials
Module ZPublisher.HTTPRequest, line 1343, in _authUserPW
ValueError: need more than 1 value to unpack

Suspecting that this may be due to a Zope/zope.testbrowser version mismatch as this server was running Zope 2.9.8, I then tried the same with a brand new Plone 4 instance. It still failed but the traceback gave me a clue

Traceback (innermost last):
Module ZPublisher.Publish, line 116, in publish
Module ZPublisher.BaseRequest, line 593, in traverse
Module Products.PluggableAuthService.PluggableAuthService, line 232, in validate
Module Products.PluggableAuthService.PluggableAuthService, line 558, in _extractUserIds
Module Products.PluggableAuthService.plugins.HTTPBasicAuthHelper, line 76, in extractCredentials
Module ZPublisher.HTTPRequest, line 1519, in _authUserPW
Module base64, line 321, in decodestring
Error: Incorrect padding

I tried the obvious

import base64
br.addHeader('Authorization', base64.encodestring('Basic %s:%s' % (zmi_user, zmi_passwd)))

but was now left with

mechanize._response.HTTPError: HTTP Error 401: Unauthorized

After poking some more at ZPublisher.HTTPRequest.py I came up with the winning

br.addHeader('Authorization', 'Basic %s' % base64.encodestring('%s:%s' % (zmi_user, zmi_passwd)))

1 comment: