the only apache API we have access to is $r->note_digest_auth_failure, which has the job of setting a proper WWW-Authenticate header. the current tests only really test this by accident, relying on LWP's Digest implementation to handle the header appropriately.
right, that's exactly the purpose of this test: test $r->note_digest_auth_failure, no more and no less. So no accidents here.
but see, you're doing lots more and a bit less. the test specifically tests for two things: that a known bad user/pass (and none at all) gets 401 and that a known user/pass gets 200.
in the first case you're not testing $r->note_digest_auth_failure at all - the 401 is simply the result of the handler return value, and removing $r->note_digest_auth_failure would have the same effect.
now, the second case is testing $r->note_digest_auth_failure but indirectly - you're not looking at what $r->note_digest_auth_failure does, but rather assuming that LWP is handling the overall challenge/response dialogue correctly. now, we rely on LWP all the time, so that's not really the issue I'm trying to argue. I'm only saying that if you look internally at what $r->note_digest_auth_failure is doing you're not testing that code specifically, you're only testing the effects of it. contrast this with the recent C-L tests, where we pull out the C-L header specifically since it's the behavior of $r->set_content_length (and other things) we're interested in.
yeah, ok, this is all a bit academic - there's nothing really wrong with the tests as they stand. I'm just trying to illustrate a point, really :)
Understood. Well, that the test is not doing what I thought it does. Since I didn't look at the internals of $r->note_digest_auth_failure. So you're correct.
Feel free to improve it, as long as $r->note_digest_auth_failure is tested.
I would alter it as I've suggested, ripping out the bulk of your weekend labors :)
Be my guest. +1 to remove all the code that isn't helping to test $r->note_digest_auth_failure.
-- __________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
