ERP5TypeTestCase: rework default manager password generation

The default manager user (ERP5TypeTestCase) now have a random password generated at the beginning of test. The password is stored as a class attribute of the test case instance. Many tests have been updated to not generate manager user and use the existing one instead. When tests need to create users (for example users in the root acl_users), we try to give them a random password and to delete the users afterward. For functional tests, the approach is that ERP5TypeFunctionalTestCase sets cookies with manager username and password before running zelenium tests, so that in case tests want to log in again as manager, they can read the username and password from cookies. Another significant changes is that we no longer have the same user in ERP5/acl_users and /acl_users, some tests were logging in as the root user in ways that never seemed intentional. This also revealed (through test_manager_actions_on_portal from testERP5Core) that some tests were running with a user without all the expected permissions and the "Manager Components" actions was not visible for the default manager user. Fixing this also revealed that two actions ("Manage Components" and "Manage Callables") had the same priority, so the later was modified to use a different priority.

ERP5TypeTestCase: rework default manager password generation
The default manager user (ERP5TypeTestCase) now have a random password generated at the beginning of test. The password is stored as a class attribute of the test case instance. Many tests have been updated to not generate manager user and use the existing one instead. When tests need to create users (for example users in the root acl_users), we try to give them a random password and to delete the users afterward. For functional tests, the approach is that ERP5TypeFunctionalTestCase sets cookies with manager username and password before running zelenium tests, so that in case tests want to log in again as manager, they can read the username and password from cookies. Another significant changes is that we no longer have the same user in ERP5/acl_users and /acl_users, some tests were logging in as the root user in ways that never seemed intentional. This also revealed (through test_manager_actions_on_portal from testERP5Core) that some tests were running with a user without all the expected permissions and the "Manager Components" actions was not visible for the default manager user. Fixing this also revealed that two actions ("Manage Components" and "Manage Callables") had the same priority, so the later was modified to use a different priority.
445e8fa8 · Jérome Perrin · 9964c13d · 445e8fa8 · 9964c13d · 9964c13d
Commit 445e8fa8 authored May 27, 2024 by Jérome Perrin
52 changed files
--- a/bt5/erp5_advanced_ecommerce_test/PathTemplateItem/portal_tests/advanced_ecommerce_zuite/test000Initialisation.zpt
+++ b/bt5/erp5_advanced_ecommerce_test/PathTemplateItem/portal_tests/advanced_ecommerce_zuite/test000Initialisation.zpt
@@ -49,18 +49,6 @@ this selenium test is executed at first. so other tests are executed by anonymou
  <td></td>
 </tr>
-<tr>
-  <td>openAndWait</td>
-  <td>${base_url}/ERP5Site_createSuperUser</td>
-  <td></td>
-</tr>
-<tr>
-  <td>verifyTextPresent</td>
-  <td>Done</td>
-  <td></td>
-</tr>
 <tr>
  <td>openAndWait</td>
  <td>${base_url}/Base_validateRule</td>

--- a/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ERP5Site_createSuperUser.py
+++ b/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ERP5Site_createSuperUser.py
-acl_users = context.getPortalObject().acl_users
-if not acl_users.getUserById('super_user'):
-  acl_users.zodb_users.manage_addUser(
-      user_id='super_user',
-      login_name='super_user',
-      password='super_user',
-      confirm='super_user',
-  )
-  # BBB for PAS 1.9.0 we pass a response and undo the redirect
-  response = container.REQUEST.RESPONSE
-  acl_users.zodb_roles.manage_assignRoleToPrincipals(
-      'Manager',
-      ('super_user',),
-      RESPONSE=response)
-  response.setStatus(200)
-return 'Done'
--- a/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ERP5Site_createSuperUser.xml
+++ b/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ERP5Site_createSuperUser.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_bind_names</string> </key>
-            <value>
-              <object>
-                <klass>
-                  <global name="_reconstructor" module="copy_reg"/>
-                </klass>
-                <tuple>
-                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
-                  <global name="object" module="__builtin__"/>
-                  <none/>
-                </tuple>
-                <state>
-                  <dictionary>
-                    <item>
-                        <key> <string>_asgns</string> </key>
-                        <value>
-                          <dictionary>
-                            <item>
-                                <key> <string>name_container</string> </key>
-                                <value> <string>container</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_context</string> </key>
-                                <value> <string>context</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_m_self</string> </key>
-                                <value> <string>script</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_subpath</string> </key>
-                                <value> <string>traverse_subpath</string> </value>
-                            </item>
-                          </dictionary>
-                        </value>
-                    </item>
-                  </dictionary>
-                </state>
-              </object>
-            </value>
-        </item>
-        <item>
-            <key> <string>_params</string> </key>
-            <value> <string></string> </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>ERP5Site_createSuperUser</string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ZuiteAdvancedECommerce_CommonTemplate.zpt
+++ b/bt5/erp5_advanced_ecommerce_test/SkinTemplateItem/portal_skins/erp5_advanced_ecommerce_test/ZuiteAdvancedECommerce_CommonTemplate.zpt
@@ -13,10 +13,20 @@
       <td></td>
      </tr>
    </tal:block>
+    <tr>
+      <td>storeEval</td>
+      <td>selenium.getCookieByName("manager_username")</td>
+      <td>manager_username</td>
+    </tr>
+    <tr>
+      <td>storeEval</td>
+      <td>selenium.getCookieByName("manager_password")</td>
+      <td>manager_password</td>
+    </tr>
    <tal:block tal:define="submit_name python:'//input[@value=\'Login\']'">
      <tal:block metal:use-macro="python: context.Zuite_CommonTemplate.macros['login']">
-        <tal:block metal:fill-slot="username">super_user</tal:block>
+        <tal:block metal:fill-slot="username">${manager_username}</tal:block>
-        <tal:block metal:fill-slot="password">super_user</tal:block>
+        <tal:block metal:fill-slot="password">${manager_password}</tal:block>
      </tal:block>
    </tal:block>
    <tr>

--- a/bt5/erp5_advanced_invoicing/TestTemplateItem/portal_components/test.erp5.testAdvancedInvoicing.py
+++ b/bt5/erp5_advanced_invoicing/TestTemplateItem/portal_components/test.erp5.testAdvancedInvoicing.py
@@ -462,10 +462,7 @@ class TestAdvancedSaleInvoice(TestAdvancedInvoice):
    portal = self.getPortal()
    builder = portal.portal_deliveries.advanced_sale_invoice_transaction_builder
    delivery_movement_group_list = builder.getDeliveryMovementGroupList()
-    uf = self.getPortal().acl_users
+    self.login()
-    uf._doAddUser('admin', '', ['Manager'], [])
-    user = uf.getUserById('admin').__of__(uf)
-    newSecurityManager(None, user)
    for movement_group in delivery_movement_group_list:
      if movement_group.getPortalType() == 'Property Movement Group':
        # it contains 'start_date' and 'stop_date' only, so we remove
@@ -476,6 +473,7 @@ class TestAdvancedSaleInvoice(TestAdvancedInvoice):
          collect_order_group='delivery',
          int_index=len(delivery_movement_group_list)+1
          )
+        uf = portal.acl_users
        user = uf.getUserById('test_user').__of__(uf)
        newSecurityManager(None, user)

--- a/bt5/erp5_authentication_policy/TestTemplateItem/portal_components/test.erp5.testAuthenticationPolicy.py
+++ b/bt5/erp5_authentication_policy/TestTemplateItem/portal_components/test.erp5.testAuthenticationPolicy.py
@@ -43,10 +43,6 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
  """
  Test for erp5_authentication_policy business template.
  """
-  manager_username = 'zope'
-  manager_password = 'zope'
-  credential = '%s:%s' % (manager_username, manager_password)
  def getTitle(self):
    return "TestAuthenticationPolicy"
@@ -63,12 +59,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
            'erp5_authentication_policy',)
  def afterSetUp(self):
-    portal = self.getPortal()
+    portal = self.portal
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
    kw = dict(portal_type='ERP5 Login',
              reference='test')
    if portal.portal_catalog.getResultValue(**kw) is None:

--- a/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testAutoLogout.py
+++ b/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testAutoLogout.py
@@ -43,10 +43,6 @@ class TestAuoLogout(ERP5TypeTestCase):
  """
  Test for erp5_auto_logout business template.
  """
-  manager_username = 'zope'
-  manager_password = 'zope'
-  credential = '%s:%s' % (manager_username, manager_password)
  def getTitle(self):
    return "TestAuthenticationPolicy"
@@ -60,10 +56,6 @@ class TestAuoLogout(ERP5TypeTestCase):
  def afterSetUp(self):
    portal = self.getPortal()
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
    # setup short auto-logout period
    portal.portal_preferences.default_site_preference.setPreferredMaxUserInactivityDuration(5)
    portal.portal_preferences.default_site_preference.enable()

--- a/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testCachedSkinsTool.py
+++ b/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testCachedSkinsTool.py
@@ -26,12 +26,11 @@
 #
 ##############################################################################
-import unittest
 import transaction
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from Products.ERP5Type.tests.utils import createZODBPythonScript
-from AccessControl.SecurityManagement import newSecurityManager
 TESTED_SKIN_FOLDER_ID = 'custom'
@@ -57,12 +56,6 @@ class TestCachedSkinsTool(ERP5TypeTestCase):
    # Use None as skinname to keep using the default one.
    self.getSkinnableObject().changeSkin(skinname=None)
-  def login(self): # pylint:disable=arguments-differ
-    uf = self.portal.acl_users
-    uf._doAddUser('vincent', '', ['Manager'], [])
-    user = uf.getUserById('vincent').__of__(uf)
-    newSecurityManager(None, user)
  def getSkinnableObject(self):
    """
      Return the skinnable object (access to SkinsTool through cache).
@@ -137,7 +130,7 @@ class TestCachedSkinsTool(ERP5TypeTestCase):
    script_id = 'Base_getOwnerId'
    ob = self.portal.portal_activities
    orig = getattr(ob, script_id)()
-    self.assertEqual(orig, 'ERP5TypeTestCase')
+    self.assertEqual(orig, ob.getOwner().getId())
    try:
      script = createZODBPythonScript(tested_skin_folder, script_id, '',
          'return not %r' % orig)
@@ -149,6 +142,3 @@ class TestCachedSkinsTool(ERP5TypeTestCase):
      self.assertRaises(AttributeError, getattr(ob, script_id))
    finally:
      self.abort()
-if __name__ == '__main__':
-  unittest.main()
--- a/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Catalog.py
+++ b/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Catalog.py
@@ -4137,7 +4137,7 @@ VALUES
    """
    ret = self.publish(
        self.portal.portal_catalog.getPath(),
-        basic='ERP5TypeTestCase:')
+        basic='%s:%s' % (self.manager_username, self.manager_password))
    self.assertEqual(httplib.OK, ret.getStatus())
    # check if we did not just publish the result of `str(portal_catalog.__call__())`,
    # but a proper page

--- a/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Core.py
+++ b/bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Core.py
@@ -28,7 +28,6 @@
 ##############################################################################
 import collections
-import pprint
 import httplib
 import urlparse
 import base64
@@ -51,7 +50,6 @@ if 1: # BBB
  import Acquisition
  global_translation_service = None
  from zope.i18n.interfaces import ITranslationDomain, \
                                   IFallbackTranslationDomainFactory
  @zope.interface.implementer(ITranslationDomain)
@@ -107,18 +105,9 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
  run_all_test = 1
  quiet = 1
-  manager_username = 'rc'
-  manager_password = 'w'
  def getTitle(self):
    return "ERP5Core"
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
  def afterSetUp(self):
    self.login()
    self.portal_id = self.portal.getId()
@@ -216,9 +205,8 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
      for actions in actions_by_priority.values():
        if len(actions) > 1:
          self.assertFalse(actions) # no actions with same priority
-    msg = ("Actions do not match. Expected:\n%s\n\nGot:\n%s\n" %
+    self.maxDiff = None
-           (pprint.pformat(expected), pprint.pformat(got)))
+    self.assertEqual(got, expected)
-    self.assertEqual(expected, got, msg)
  def test_manager_actions_on_portal(self):
    # as manager:
@@ -227,6 +215,8 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
                            'id': 'bt_tool'},
                           {'title': 'Configure Categories',
                            'id': 'category_tool'},
+                           {'title': 'Manage Components',
+                            'id': 'component_tool'},
                           {'title': 'Manage Callables',
                            'id': 'callable_tool'},
                           {'title': 'Configure Portal Types',
@@ -534,8 +524,6 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
    organisation = self.portal.organisation_module.newContent()
    person = self.portal.person_module.newContent(
      default_career_subordination_value=organisation)
-    for obj in person, organisation:
-      obj.manage_addLocalRoles(self.manager_username, ['Assignor'])
    self.commit()
    self.assertEqual(0, organisation.getRelationCountForDeletion())
    self.tic()
@@ -633,7 +621,6 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
    # Login as the above user
    newSecurityManager(None, user)
    self.auth = '%s:%s' % (login_name, password)
-    self.commit()
    self.tic()
    _, api_netloc, _, _, _ = urlparse.urlsplit(self.portal.absolute_url())

--- a/bt5/erp5_crm/TestTemplateItem/portal_components/test.erp5.testEditorField.py
+++ b/bt5/erp5_crm/TestTemplateItem/portal_components/test.erp5.testEditorField.py
@@ -32,7 +32,6 @@
 from __future__ import print_function
 import unittest
-from AccessControl.SecurityManagement import newSecurityManager
 from Testing import ZopeTestCase
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from DocumentTemplate.html_quote import html_quote
@@ -48,18 +47,10 @@ class TestEditorField(ERP5TypeTestCase, ZopeTestCase.Functional):
    Please refer to the ERP5 developer howto for more explanation
      http://www.erp5.org/HowToDisplayOrEditHTML
  """
-  manager_username = 'zope'
-  manager_password = 'zope'
  def getTitle(self):
    return "EditorField"
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager', ], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
  def getBusinessTemplateList(self):
    """
    Return the list of required business templates.

--- a/bt5/erp5_discussion/TestTemplateItem/portal_components/test.erp5.testERP5Discussion.py
+++ b/bt5/erp5_discussion/TestTemplateItem/portal_components/test.erp5.testERP5Discussion.py
@@ -38,10 +38,6 @@ from erp5.component.test.testDms import makeFileUpload
 class TestERP5Discussion(ERP5TypeTestCase):
  """Test for erp5_discussion business template.
  """
-  manager_username = 'manager'
-  manager_password = 'pwd'
  def getTitle(self):
    return "Test ERP5 Discussion"
@@ -59,17 +55,6 @@ class TestERP5Discussion(ERP5TypeTestCase):
            'erp5_jquery',
            'erp5_discussion', )
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-  def afterSetUp(self):
-    self.login()
-    self.portal_id = self.portal.getId()
-    self.auth = '%s:%s' % (self.manager_username, self.manager_password)
  def beforeTearDown(self):
    self.abort()
    for module in (self.portal.discussion_thread_module,):

--- a/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testDms.py
+++ b/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testDms.py
@@ -48,15 +48,16 @@
 import unittest
 import time
 import StringIO
+import base64
 from subprocess import Popen, PIPE
 from unittest import expectedFailure
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from Products.ERP5Type.tests.utils import FileUpload
 from Products.ERP5Type.tests.utils import DummyLocalizer
+from Products.ERP5Type.Utils import bytes2str, str2bytes
 from Products.ERP5OOo.OOoUtils import OOoBuilder
 from AccessControl.SecurityManagement import newSecurityManager
-from AccessControl import getSecurityManager
 from erp5.component.document.Document import NotConvertedError
 from Products.ERP5Form.PreferenceTool import Priority
 from Products.ERP5Type.tests.utils import createZODBPythonScript
@@ -226,8 +227,8 @@ class TestDocument(TestDocumentMixin):
    return (width, height)
  def getURLSizeList(self, uri, **kw):
-    # __ac=RVJQNVR5cGVUZXN0Q2FzZTo%3D is encoded ERP5TypeTestCase with empty password
+    kw['__ac'] = bytes2str(base64.b64encode(str2bytes('%s:%s' % (self.manager_username, self.manager_password))))
-    url = '%s?%s&__ac=%s' %(uri, make_query(kw), 'RVJQNVR5cGVUZXN0Q2FzZTo%3D')
+    url = '%s?%s' % (uri, make_query(kw))
    format_=kw.get('format', 'jpeg')
    infile = urllib.urlopen(url)
    # save as file with proper incl. format filename (for some reasons PIL uses this info)
@@ -1186,7 +1187,7 @@ class TestDocument(TestDocumentMixin):
    self.tic()
    # login as another user
-    super(TestDocument, self).loginByUserName('user1')
+    self.loginByUserName('user1')
    document_4 = portal.document_module.newContent(
                   portal_type = 'Presentation',
                   description = 'owner different user contributing document',
@@ -1269,7 +1270,7 @@ class TestDocument(TestDocumentMixin):
    self.assertSameSet([], getAdvancedSearchStringResultList(**kw))
    # only my docs
-    super(TestDocument, self).loginByUserName('user1')
+    self.loginByUserName('user1')
    kw = {'searchabletext_any': 'owner'}
    # should return all documents matching a word no matter if we're owner or not
    self.assertSameSet([web_page_1, document_4], getAdvancedSearchStringResultList(**kw))
@@ -1705,7 +1706,7 @@ class TestDocument(TestDocumentMixin):
    self.tic()
    # login as first one
-    super(TestDocument, self).loginByUserName('contributor1')
+    self.loginByUserName('contributor1')
    doc = document_module.newContent(portal_type='File',
                                     title='Test1')
    self.tic()
@@ -1714,7 +1715,7 @@ class TestDocument(TestDocumentMixin):
                       doc.getContributorValueList())
    # login as second one
-    super(TestDocument, self).loginByUserName('contributor2')
+    self.loginByUserName('contributor2')
    doc.manage_setLocalRoles(person2.Person_getUserId(), ['Assignor',])
    doc.edit(title='Test2')
    self.tic()
@@ -1971,8 +1972,7 @@ document.write('<sc'+'ript type="text/javascript" src="http://somosite.bg/utb.ph
                                             response.getHeader('content-type')
          assert response.getStatus() == httplib.OK
-    # assume there is no password
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
-    credential = '%s:' % (getSecurityManager().getUser().getId(),)
    tested_list = []
    frame_list = range(pages_number)
    # assume that ZServer is configured with 4 Threads
@@ -2158,10 +2158,15 @@ return 1
      Test extensible content of some DMS types. As this is possible only on URL traversal use publish.
    """
    # Create a root level zope user
-    root_user_folder = self.getPortalObject().aq_parent.acl_users
+    root_user_folder = self.app.acl_users
-    if not root_user_folder.getUserById('zope_user'):
+    assert not root_user_folder.getUserById('zope_user')
-      root_user_folder._doAddUser('zope_user', '', ['Manager',], [])
+    zope_user_password = self.newPassword()
-      self.commit()
+    root_user_folder._doAddUser('zope_user', zope_user_password, ['Manager',], [])
+    def remove_user():
+      root_user_folder._doDelUsers(('zope_user', ))
+      self.tic()
+    self.addCleanup(remove_user)
    # Create document with good content
    document = self.portal.document_module.newContent(portal_type='Presentation')
    upload_file = makeFileUpload('TEST-en-003.odp')
@@ -2169,7 +2174,7 @@ return 1
    self.tic()
    self.assertEqual('converted', document.getExternalProcessingState())
    for object_url in ('img1.html', 'img2.html', 'text1.html', 'text2.html'):
-      for credential in ['ERP5TypeTestCase:', 'zope_user:']:
+      for credential in ['%s:%s' % (self.manager_username, self.manager_password), 'zope_user:%s' % zope_user_password]:
        response = self.publish('%s/%s' %(document.getPath(), object_url),
                                basic=credential)
        self.assertIn('200 OK', response.getOutput())
@@ -2372,8 +2377,8 @@ return 1
      Return original content on traversal.
    """
    def getURL(uri, **kw):
-      # __ac=RVJQNVR5cGVUZXN0Q2FzZTo%3D is encoded ERP5TypeTestCase with empty password
+      kw['__ac'] = bytes2str(base64.b64encode(str2bytes('%s:%s' % (self.manager_username, self.manager_password))))
-      url = '%s?%s&__ac=%s' %(uri, urllib.urlencode(kw), 'RVJQNVR5cGVUZXN0Q2FzZTo%3D')
+      url = '%s?%s' % (uri, make_query(kw))
      return urllib.urlopen(url)
    ooo_document = self.portal.document_module.newContent(portal_type='Presentation')
@@ -2961,6 +2966,7 @@ return 1
      [sub_document_value]
    )
 class TestDocumentWithSecurity(TestDocumentMixin):
  username = 'yusei'
@@ -2969,8 +2975,9 @@ class TestDocumentWithSecurity(TestDocumentMixin):
    return "DMS with security"
  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
+    # login as a user with only Auditor / Author roles
-    uf._doAddUser(self.username, '', ['Auditor', 'Author'], [])
+    uf = self.portal.acl_users
+    uf._doAddUser(self.username, self.newPassword(), ['Auditor', 'Author'], [])
    user = uf.getUserById(self.username).__of__(uf)
    newSecurityManager(None, user)
@@ -3030,7 +3037,6 @@ class TestDocumentWithSecurity(TestDocumentMixin):
    those properties are taken into account when the user
    views an image
    """
-    super(TestDocumentWithSecurity, self).login('yusei')
    preference_tool = self.portal.portal_preferences
    #get the thumbnail sizes defined by default on default site preference
    default_thumbnail_image_height = \

--- a/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testERP5WebWithDms.py
+++ b/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testERP5WebWithDms.py
@@ -39,10 +39,10 @@ from email.parser import Parser as EmailParser
 import transaction
 from AccessControl import Unauthorized
-from AccessControl.SecurityManagement import newSecurityManager
 from Testing import ZopeTestCase
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from Products.ERP5Type.tests.utils import FileUpload, createZODBPythonScript
+from Products.ERP5Type.Utils import bytes2str, str2bytes
 from erp5.component.document.Document import ConversionError
 from PIL import Image
@@ -117,19 +117,11 @@ class TestERP5WebWithDms(ERP5TypeTestCase, ZopeTestCase.Functional):
  """
  run_all_test = 1
  quiet = 0
-  manager_username = 'zope'
-  manager_password = 'zope'
  website_id = 'test'
  def getTitle(self):
    return "ERP5WebWithDms"
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
  def getBusinessTemplateList(self):
    """
    Return the list of required business templates.
@@ -551,7 +543,7 @@ class TestERP5WebWithDms(ERP5TypeTestCase, ZopeTestCase.Functional):
                                    reference=image_reference)
    image.publish()
    self.tic()
-    credential = 'ERP5TypeTestCase:'
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
    # testing TextDocument
    response = self.publish(website.absolute_url_path() + '/' +\
                            web_page_reference, credential)
@@ -705,8 +697,15 @@ return True
    request = portal.REQUEST
    request['PARENTS'] = [self.app]
-    self.getPortalObject().aq_parent.acl_users._doAddUser(
+    root_user_folder = self.app.acl_users
-      'zope_user', '', ['Manager',], [])
+    assert not root_user_folder.getUserById('zope_user')
+    zope_user_password = self.newPassword()
+    root_user_folder._doAddUser('zope_user', zope_user_password, ['Manager',], [])
+    def remove_user():
+      root_user_folder._doDelUsers(('zope_user', ))
+      self.tic()
+    self.addCleanup(remove_user)
    website = self.setupWebSite()
    web_section_portal_type = 'Web Section'
    website.newContent(portal_type=web_section_portal_type)
@@ -718,7 +717,10 @@ return True
                                          reference=document_reference,
                                          file=upload_file)
    self.tic()
-    credential_list = ['ERP5TypeTestCase:', 'zope_user:']
+    credential_list = [
+        '%s:%s' % (self.manager_username, self.manager_password),
+        'zope_user:%s' % zope_user_password
+    ]
    for credential in credential_list:
      # first, preview the draft in its physical location (in document module)
@@ -813,7 +815,7 @@ return True
                                    reference=image_reference)
    image.publish()
    self.tic()
-    credential = 'ERP5TypeTestCase:'
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
    # testing Image conversions, raw
@@ -1749,7 +1751,10 @@ return True
    )
    published_page.publish()
    self.tic()
-    auth_cookie = {'__ac': b64encode('ERP5TypeTestCase:')}
+    auth_cookie = {
+      '__ac': bytes2str(b64encode(str2bytes(
+        '%s:%s' % (self.manager_username, self.manager_password))))
+    }
    # ERP5 portal, not through Caching Policy Manager
    response = requests.get(

--- a/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testWebDavSupport.py
+++ b/bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testWebDavSupport.py
@@ -54,9 +54,6 @@ def makeFileUpload(name, as_name=None):
 class TestWebDavSupport(ERP5TypeTestCase):
  """Test for WEBDAV access.
  """
-  authentication = 'ERP5TypeTestCase:'
  def getTitle(self):
    return "Test WebDav Support"
@@ -72,7 +69,7 @@ class TestWebDavSupport(ERP5TypeTestCase):
            )
  def afterSetUp(self):
-    pass
+    self.authentication = '%s:%s' % (self.manager_username, self.manager_password)
  def clearModule(self, module):
    module.manage_delObjects(list(module.objectIds()))

--- a/bt5/erp5_external_account/TestTemplateItem/portal_components/test.erp5.testExternalAccount.py
+++ b/bt5/erp5_external_account/TestTemplateItem/portal_components/test.erp5.testExternalAccount.py
@@ -35,10 +35,6 @@ class TestExternalAccount(ERP5TypeTestCase):
  """
  Test for erp5_authentication_policy business template.
  """
-  manager_username = 'zope'
-  manager_password = 'zope'
-  credential = '%s:%s' % (manager_username, manager_password)
  def getTitle(self):
    return "TestExternalAccount"
@@ -54,10 +50,6 @@ class TestExternalAccount(ERP5TypeTestCase):
  def afterSetUp(self):
    portal = self.getPortal()
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
    # Setup auth policy
    preference = portal.portal_preferences.newContent(
                                             portal_type = 'System Preference',

--- a/bt5/erp5_km/TestTemplateItem/portal_components/test.erp5.testKM.py
+++ b/bt5/erp5_km/TestTemplateItem/portal_components/test.erp5.testKM.py
@@ -29,7 +29,6 @@
 import unittest
 from unittest import expectedFailure
-from AccessControl.SecurityManagement import newSecurityManager
 from Products.ERP5Type.Base import TempBase
 from erp5.component.test.testDms import makeFileUpload, TestDocumentMixin
@@ -43,9 +42,6 @@ class TestKMMixIn(TestDocumentMixin):
  """
    Mix in class for Knowledge Management system.
  """
-  manager_username = 'ivan'
-  manager_password = ''
  website_id = 'km_test'
  business_template_list = ['erp5_core_proxy_field_legacy',
                            'erp5_full_text_mroonga_catalog','erp5_base',
@@ -85,12 +81,6 @@ class TestKMMixIn(TestDocumentMixin):
    self.tic()
    return website
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('ivan', '', ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
-    user = uf.getUserById('ivan').__of__(uf)
-    newSecurityManager(None, user)
 class TestKM(TestKMMixIn):
  """

--- a/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testAnonymousRegisterAccount.zpt
+++ b/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testAnonymousRegisterAccount.zpt
@@ -196,27 +196,36 @@ or through an alarm to "accept" created Credential Request. -->
 	<td>login-logout-link</td>
 	<td></td>
 </tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_username")</td>
+	<td>manager_username</td>
+</tr>
 <tr>
 	<td>type</td>
 	<td>__ac_name</td>
-	<td>ERP5TypeTestCase</td>
+	<td>${manager_username}</td>
+</tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_password")</td>
+	<td>manager_password</td>
 </tr>
 <tr>
 	<td>type</td>
 	<td>__ac_password</td>
-	<td></td>
+	<td>${manager_password}</td>
 </tr>
 <tr>
-	<td>clickAndWait</td>
+    <td>clickAndWait</td>
-	<td>WebSite_login:method</td>
+    <td>WebSite_login:method</td>
-	<td></td>
+    <td></td>
 </tr>
 <tr>
-	<td>verifyTextPresent</td>
+    <td>verifyTextPresent</td>
-	<td>ERP5TypeTestCase</td>
+    <td>${manager_username}</td>
-	<td></td>
+    <td></td>
 </tr>
 <tal:block metal:use-macro="here/KMZuite_CommonTemplate/macros/deleteKMWebSite" />
 </tbody></table>

--- a/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testAnonymousRequestPasswordReset.zpt
+++ b/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testAnonymousRequestPasswordReset.zpt
@@ -64,25 +64,35 @@
 	<td>login-logout-link</td>
 	<td></td>
 </tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_username")</td>
+	<td>manager_username</td>
+</tr>
 <tr>
 	<td>type</td>
 	<td>__ac_name</td>
-	<td>ERP5TypeTestCase</td>
+	<td>${manager_username}</td>
+</tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_password")</td>
+	<td>manager_password</td>
 </tr>
 <tr>
 	<td>type</td>
 	<td>__ac_password</td>
-	<td></td>
+	<td>${manager_password}</td>
 </tr>
 <tr>
-	<td>clickAndWait</td>
+    <td>clickAndWait</td>
-	<td>WebSite_login:method</td>
+    <td>WebSite_login:method</td>
-	<td></td>
+    <td></td>
 </tr>
 <tr>
-	<td>verifyTextPresent</td>
+    <td>verifyTextPresent</td>
-	<td>ERP5TypeTestCase</td>
+    <td>${manager_username}</td>
-	<td></td>
+    <td></td>
 </tr>
 <span metal:use-macro="container/Zuite_CommonTemplate/macros/wait_for_activities"> Wait for activities</span>

--- a/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testDefaultPadAnonymousMode.zpt
+++ b/bt5/erp5_km_ui_test/PathTemplateItem/portal_tests/erp5_km_zuite/anonymous_user/testDefaultPadAnonymousMode.zpt
@@ -51,27 +51,36 @@
 	<td>login-logout-link</td>
 	<td></td>
 </tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_username")</td>
+	<td>manager_username</td>
+</tr>
 <tr>
 	<td>type</td>
 	<td>__ac_name</td>
-	<td>ERP5TypeTestCase</td>
+	<td>${manager_username}</td>
+</tr>
+<tr>
+	<td>storeEval</td>
+	<td>selenium.getCookieByName("manager_password")</td>
+	<td>manager_password</td>
 </tr>
 <tr>
 	<td>type</td>
 	<td>__ac_password</td>
-	<td></td>
+	<td>${manager_password}</td>
 </tr>
 <tr>
-	<td>clickAndWait</td>
+    <td>clickAndWait</td>
-	<td>WebSite_login:method</td>
+    <td>WebSite_login:method</td>
-	<td></td>
+    <td></td>
 </tr>
 <tr>
-	<td>verifyTextPresent</td>
+    <td>verifyTextPresent</td>
-	<td>ERP5TypeTestCase</td>
+    <td>${manager_username}</td>
-	<td></td>
+    <td></td>
 </tr>
 <tal:block metal:use-macro="here/KMZuite_CommonTemplate/macros/deleteKMWebSite" />
 </tbody></table>

--- a/bt5/erp5_rss_style/TestTemplateItem/portal_components/test.erp5.testRSS.py
+++ b/bt5/erp5_rss_style/TestTemplateItem/portal_components/test.erp5.testRSS.py
@@ -29,7 +29,6 @@ import time
 import unittest
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
-from AccessControl.SecurityManagement import newSecurityManager
 from xml.dom.minidom import parseString
@@ -57,16 +56,7 @@ class TestRSS(ERP5TypeTestCase):
    return ('erp5_base', 'erp5_rss_style')
  def afterSetUp(self):
-    self.portal = self.getPortal()
    self.makeDataObjects()
-    #self.login()
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
  def makeDataObjects(self, quiet=0, run=run_all_test):
    """
@@ -120,7 +110,7 @@ class TestRSS(ERP5TypeTestCase):
    item = channel.getElementsByTagName('item')[0] # the two person, because we have default sorting in form
    self.assertEqual(getSubnodeContent(item, 'title'), 'Two')
    self.assertEqual(getSubnodeContent(item, 'description'), 'Person Two')
-    self.assertEqual(getSubnodeContent(item, 'author'), 'seb')
+    self.assertEqual(getSubnodeContent(item, 'author'), self.manager_username)
    expected_link = '%s/view' %two.absolute_url()
    self.assertEqual(getSubnodeContent(item, 'link'), expected_link)
    self.assertEqual(len(item.getElementsByTagName('pubDate')), 1)
@@ -130,7 +120,7 @@ class TestRSS(ERP5TypeTestCase):
    item = channel.getElementsByTagName('item')[1] # the one person
    self.assertEqual(getSubnodeContent(item, 'title'), 'One')
    self.assertEqual(getSubnodeContent(item, 'description'), 'Person One')
-    self.assertEqual(getSubnodeContent(item, 'author'), 'seb')
+    self.assertEqual(getSubnodeContent(item, 'author'), self.manager_username)
    expected_link = '%s/view' %one.absolute_url()
    self.assertEqual(getSubnodeContent(item, 'link'), expected_link)
    self.assertEqual(len(item.getElementsByTagName('pubDate')), 1)
@@ -192,7 +182,7 @@ class TestRSS(ERP5TypeTestCase):
    item = channel.getElementsByTagName('item')[0] # the two person, because we have default sorting in form
    self.assertEqual(getSubnodeContent(item, 'title'), 'Two')
    self.assertEqual(getSubnodeContent(item, 'description'), 'Person Two')
-    self.assertEqual(getSubnodeContent(item, 'author'), 'seb')
+    self.assertEqual(getSubnodeContent(item, 'author'), self.manager_username)
    expected_link = two.absolute_url()
    self.assertEqual(getSubnodeContent(item, 'link'), expected_link)
    self.assertEqual(len(item.getElementsByTagName('pubDate')), 1)
@@ -202,7 +192,7 @@ class TestRSS(ERP5TypeTestCase):
    item = channel.getElementsByTagName('item')[1] # the one person
    self.assertEqual(getSubnodeContent(item, 'title'), 'One')
    self.assertEqual(getSubnodeContent(item, 'description'), 'Person One')
-    self.assertEqual(getSubnodeContent(item, 'author'), 'seb')
+    self.assertEqual(getSubnodeContent(item, 'author'), self.manager_username)
    expected_link = one.absolute_url()
    self.assertEqual(getSubnodeContent(item, 'link'), expected_link)
    self.assertEqual(len(item.getElementsByTagName('pubDate')), 1)

--- a/bt5/erp5_run_my_doc/SkinTemplateItem/portal_skins/erp5_run_my_doc/TestPage_getSeleniumTestInit.py
+++ b/bt5/erp5_run_my_doc/SkinTemplateItem/portal_skins/erp5_run_my_doc/TestPage_getSeleniumTestInit.py
@@ -6,23 +6,34 @@ if url is not None:
          <td>store</td>
          <td>%s</td>
          <td>base_url</td>
-        </tr>
+        </tr>""" % url
-""" % url
 else:
  html_init = """<span metal:use-macro="container/Zuite_CommonTemplate/macros/init" style="display: none;">init</span>"""
-html_init += """        <tr>
+user = request.get('user')
+if user:
+  html_init += """
+        <tr>
          <td>store</td>
-          <!-- ERP5TypeTestCase is the default for any UnitTest -->
+          <td>{user}</td>
-          <td>%s</td>
          <td>base_user</td>
-         </tr>
+        </tr>
-""" % request.get('user', "ERP5TypeTestCase")
+        <tr>
-html_init += """        <tr>
          <td>store</td>
-          <td>%s</td>
+          <td>{password}</td>
+          <td>base_password</td>
+        </tr>""".format(user=user, password=request['password'])
+else:
+  html_init += """
+        <tr>
+          <td>storeEval</td>
+          <td>selenium.getCookieByName("manager_username")</td>
+          <td>base_user</td>
+        </tr>
+        <tr>
+          <td>storeEval</td>
+          <td>selenium.getCookieByName("manager_password")</td>
          <td>base_password</td>
-         </tr>""" % request.get('password', "")
+        </tr>"""
 return html_init
--- a/bt5/erp5_run_my_doc/TestTemplateItem/portal_components/test.erp5.testRunMyDoc.py
+++ b/bt5/erp5_run_my_doc/TestTemplateItem/portal_components/test.erp5.testRunMyDoc.py
@@ -187,17 +187,17 @@ class TestRunMyDoc(ERP5TypeTestCase):
        </tr>
      </thead>
      <tbody>
-        <span metal:use-macro="container/Zuite_CommonTemplate/macros/init" style="display: none;">init</span>        <tr>
+        <span metal:use-macro="container/Zuite_CommonTemplate/macros/init" style="display: none;">init</span>
-          <td>store</td>
+        <tr>
-          <!-- ERP5TypeTestCase is the default for any UnitTest -->
+          <td>storeEval</td>
-          <td>%s</td>
+          <td>selenium.getCookieByName("manager_username")</td>
          <td>base_user</td>
-         </tr>
+        </tr>
        <tr>
-          <td>store</td>
+          <td>storeEval</td>
-          <td>%s</td>
+          <td>selenium.getCookieByName("manager_password")</td>
          <td>base_password</td>
-         </tr>
+        </tr>
        <span metal:use-macro="container/Zuite_viewTestMacroLibrary/macros/init_test_environment" style="display: none;">init</span><tr>
            <td>selectAndWait</td>
            <td>name=select_module</td>
@@ -225,8 +225,8 @@ class TestRunMyDoc(ERP5TypeTestCase):
    test_page = self.portal.test_page_module.newContent(title="TEST",
                                                        reference='TESTPAGEREFERENCE',
                                                        text_content=test_page_html)
-    self.assertEqual(test_page.TestPage_viewSeleniumTest(), expected_test_html %
+    self.assertEqual(
-                                 ("ERP5TypeTestCase", ""))
+      test_page.TestPage_viewSeleniumTest(), expected_test_html)
    self.tic()
    test_page.TestPage_runSeleniumTest()
@@ -237,9 +237,7 @@ class TestRunMyDoc(ERP5TypeTestCase):
    zptest = getattr(zuite, "TEST", None)
    self.assertNotEqual(zptest, None)
-    expected_html = expected_test_html % ("ERP5TypeTestCase", "")
+    self.assertEqual(zptest._text, expected_test_html.strip())
-    self.assertEqual(zptest._text, expected_html.strip())
    expected_test_html = u"""<html>
  <head>
@@ -256,20 +254,19 @@ class TestRunMyDoc(ERP5TypeTestCase):
      <tbody>
        <tr>
          <td>store</td>
-          <td>%s</td>
+          <td>http://toto.com</td>
          <td>base_url</td>
        </tr>
        <tr>
          <td>store</td>
-          <!-- ERP5TypeTestCase is the default for any UnitTest -->
+          <td>titi</td>
-          <td>%s</td>
          <td>base_user</td>
-         </tr>
+        </tr>
        <tr>
          <td>store</td>
-          <td>%s</td>
+          <td>toto</td>
          <td>base_password</td>
-         </tr>
+        </tr>
        <span metal:use-macro="container/Zuite_viewTestMacroLibrary/macros/init_test_environment" style="display: none;">init</span><tr>
            <td>selectAndWait</td>
            <td>name=select_module</td>
@@ -297,11 +294,11 @@ class TestRunMyDoc(ERP5TypeTestCase):
    # Mimic usage of TestPage_viewSeleniumTest?url=...
    self.portal.REQUEST['url'] = "http://toto.com"
-    self.portal.REQUEST['user'] = "toto"
+    self.portal.REQUEST['user'] = "titi"
    self.portal.REQUEST['password'] = "toto"
    self.assertEqual(test_page.TestPage_viewSeleniumTest(REQUEST=self.portal.REQUEST),
-                      expected_test_html % ("http://toto.com", "toto", "toto"))
+                      expected_test_html)
    self.tic()
    test_page.TestPage_runSeleniumTest()
@@ -311,6 +308,4 @@ class TestRunMyDoc(ERP5TypeTestCase):
    zptest = getattr(zuite, "TEST", None)
    self.assertNotEqual(zptest, None)
-    expected_html = expected_test_html % ("http://toto.com", "toto", "toto")
+    self.assertEqual(zptest._text, expected_test_html.strip())
-    self.assertEqual(zptest._text, expected_html.strip())
--- a/bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testAmount.py
+++ b/bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testAmount.py
@@ -30,7 +30,6 @@ import unittest
 import os
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
-from AccessControl.SecurityManagement import newSecurityManager
 from Products.ERP5Type.tests.Sequence import SequenceList
 class TestAmount(ERP5TypeTestCase):
@@ -59,29 +58,6 @@ class TestAmount(ERP5TypeTestCase):
    """
    return ('erp5_base', 'erp5_pdm', 'erp5_simulation', 'erp5_trade', 'erp5_apparel')
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('rc', '', ['Manager'], [])
-    user = uf.getUserById('rc').__of__(uf)
-    newSecurityManager(None, user)
-  def enableLightInstall(self):
-    """
-    You can override this.
-    Return if we should do a light install (1) or not (0)
-    """
-    return 1
-  def enableActivityTool(self):
-    """
-    You can override this.
-    Return if we should create (1) or not (0) an activity tool.
-    """
-    return 1
-  def afterSetUp(self, *args, **kw):
-    self.login()
  def stepCreateResource(self, sequence=None, sequence_list=None, **kw):
    """
      Create a resource

--- a/bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testResource.py
+++ b/bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testResource.py
@@ -30,7 +30,6 @@ import random, unittest
 from unittest import expectedFailure
 from Testing import ZopeTestCase
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
-from AccessControl.SecurityManagement import newSecurityManager
 from zLOG import LOG
 from Products.ERP5Type.tests.Sequence import SequenceList
 from DateTime import DateTime
@@ -70,12 +69,6 @@ class TestResource(ERP5TypeTestCase):
  def getTitle(self):
    return "Resource"
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('rc', '', ['Manager'], [])
-    user = uf.getUserById('rc').__of__(uf)
-    newSecurityManager(None, user)
  def setUpPreferences(self):
    #create apparel variation preferences
    portal_preferences = self.getPreferenceTool()

--- a/bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testListBox.py
+++ b/bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testListBox.py
@@ -32,7 +32,6 @@ from lxml import etree
 import textwrap
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
-from AccessControl.SecurityManagement import newSecurityManager
 from zLOG import LOG
 from Products.ERP5Type.tests.Sequence import SequenceList
 from Testing import ZopeTestCase
@@ -70,15 +69,6 @@ class TestListBox(ERP5TypeTestCase):
  def getTitle(self):
    return "ListBox"
-  def afterSetUp(self):
-    self.login()
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
  def stepCreateObjects(self, sequence = None, sequence_list = None, **kw):
    # Make sure that the status is clean.
    portal = self.getPortal()
@@ -766,7 +756,7 @@ class TestListBox(ERP5TypeTestCase):
    # access the form
    result = self.publish(
      '%s/FooModule_viewFooList' % portal.foo_module.absolute_url(relative=True),
-      'ERP5TypeTestCase:',
+      '%s:%s' % (self.manager_username, self.manager_password),
    )
    self.assertEqual(result.getStatus(), 500)
    body = result.getBody()
@@ -805,7 +795,7 @@ return context.objectValues()
    # access the form
    result = self.publish(
      '%s/FooModule_viewFooList' % portal.foo_module.absolute_url(relative=True),
-      'ERP5TypeTestCase:',
+      '%s:%s' % (self.manager_username, self.manager_password),
    )
    self.assertEqual(result.getStatus(), 500)
    self.assertIn('Error Type: TimeoutReachedError', result.getBody())

--- a/bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testPlanningBox.py
+++ b/bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testPlanningBox.py
@@ -27,7 +27,6 @@
 ##############################################################################
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
-from AccessControl.SecurityManagement import newSecurityManager
 from Products.ERP5Type.tests.Sequence import SequenceList
 from Products.ERP5Type.Globals import get_request
 from StringIO import StringIO
@@ -57,15 +56,6 @@ class TestPlanningBox(ERP5TypeTestCase):
  def getTitle(self):
    return "PlanningBox"
-  def afterSetUp(self):
-    self.login()
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
  def stepCreateObjects(self, sequence = None, sequence_list = None, **kw):
    # Make sure that the status is clean.
    portal = self.getPortal()

--- a/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_getHowToInfo.py
+++ b/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_getHowToInfo.py
@@ -128,7 +128,4 @@ return {'now': DateTime(),
        'functional_another_test_username' : 'functional_another_test_username',
        'functional_test_user_password' : 'secret',
        'functional_test_user_email': 'lucas@nexedi.com',
-        'manager_username': 'ERP5TypeTestCase',
-        'manager_password': '',
        }
--- a/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_viewTestMacroLibrary.zpt
+++ b/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_viewTestMacroLibrary.zpt
@@ -65,14 +65,24 @@
    <td colspan="3"><b>Login as manager</b></td>
  </tr>
  <span metal:use-macro="container/Zuite_viewTestMacroLibrary/macros/logout">Logout</span>
+  <tr>
+    <td>storeEval</td>
+    <td>selenium.getCookieByName("manager_username")</td>
+    <td>manager_username</td>
+  </tr>
+  <tr>
+    <td>storeEval</td>
+    <td>selenium.getCookieByName("manager_password")</td>
+    <td>manager_password</td>
+  </tr>
  <tal:block tal:define="
    login_form_url python: None;
    wait python: False;
    submit_name python:'//input[@value=\'Login\']';
  ">
    <tal:block metal:use-macro="python: context.Zuite_CommonTemplate.macros['login']">
-      <tal:block metal:fill-slot="username" tal:content="python: here.Zuite_getHowToInfo()['manager_username']"></tal:block>
+      <tal:block metal:fill-slot="username">${manager_username}</tal:block>
-      <tal:block metal:fill-slot="password" tal:content="python: here.Zuite_getHowToInfo()['manager_password']"></tal:block>
+      <tal:block metal:fill-slot="password">${manager_password}</tal:block>
    </tal:block>
  </tal:block>
  <tal:block metal:use-macro="here/Zuite_CommonTemplateForRenderjsUi/macros/wait_for_app_loaded" />

--- a/bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testERP5Web.py
+++ b/bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testERP5Web.py
@@ -129,10 +129,7 @@ class TestWebSectionTraversalHook(WebTraversalHookTestMixin, ERP5TypeTestCase):
 class TestERP5Web(ERP5TypeTestCase):
  """Test for erp5_web business template.
  """
-  manager_username = 'zope'
-  manager_password = 'zope'
  website_id = 'test'
-  credential = '%s:%s' % (manager_username, manager_password)
  def getTitle(self):
    return "ERP5Web"
@@ -148,17 +145,11 @@ class TestERP5Web(ERP5TypeTestCase):
            )
  def afterSetUp(self):
-    portal = self.getPortal()
+    self.credential = '%s:%s' % (self.manager_username, self.manager_password)
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username,
-                  self.manager_password,
-                  ['Manager'], [])
-    self.loginByUserName(self.manager_username)
    self.web_page_module = self.portal.getDefaultModule('Web Page Module')
    self.web_site_module = self.portal.getDefaultModule('Web Site Module')
-    portal.Localizer.manage_changeDefaultLang(language='en')
+    self.portal.Localizer.manage_changeDefaultLang(language='en')
    self.portal_id = self.portal.getId()
  def clearModule(self, module):
@@ -1394,7 +1385,7 @@ Hé Hé Hé!""", page.asText().strip())
    response = self.publish('/%s/%s/%s/%s/Base_editAndEditAsWeb' % \
                    (self.portal.getId(), website.getRelativeUrl(),
                     language, websection.getId()),
-                     basic='ERP5TypeTestCase:',
+                     basic='%s:%s' % (self.manager_username, self.manager_password),
                     request_method='POST',
                     stdin=StringIO(urlencode({
                       'form_id': 'WebSection_view',
@@ -1412,7 +1403,9 @@ Hé Hé Hé!""", page.asText().strip())
    self.tic()
-    response = self.publish(new_location, basic='ERP5TypeTestCase:',)
+    response = self.publish(
+        new_location,
+        basic='%s:%s' % (self.manager_username, self.manager_password),)
    self.assertEqual(HTTP_OK, response.getStatus())
    self.assertEqual('text/html; charset=utf-8',
                      response.getHeader('content-type'))
@@ -1450,7 +1443,7 @@ Hé Hé Hé!""", page.asText().strip())
    response = self.publish('/%s/%s/%s/Base_editAndEditAsWeb' % \
                    (self.portal.getId(), website.getRelativeUrl(),
                     language),
-                     basic='ERP5TypeTestCase:',
+                     basic='%s:%s' % (self.manager_username, self.manager_password),
                     request_method='POST',
                     stdin=StringIO(urlencode({
                       'form_id': 'WebSite_view',
@@ -1468,7 +1461,9 @@ Hé Hé Hé!""", page.asText().strip())
    self.tic()
-    response = self.publish(new_location, basic='ERP5TypeTestCase:',)
+    response = self.publish(
+        new_location,
+        basic='%s:%s' % (self.manager_username, self.manager_password),)
    self.assertEqual(HTTP_OK, response.getStatus())
    self.assertEqual('text/html; charset=utf-8',
                      response.getHeader('content-type'))

--- a/bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testOOoChart.py
+++ b/bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testOOoChart.py
@@ -47,7 +47,7 @@ class TestOOoChartMixin(ERP5TypeTestCase, ZopeTestCase.Functional):
  content_type = 'application/vnd.oasis.opendocument.graphics'
  def afterSetUp(self):
-    self.auth = 'ERP5TypeTestCase:'
+    self.auth = '%s:%s' % (self.manager_username, self.manager_password)
    portal = self.getPortal()
    container = portal.portal_skins.custom
    if self.form_id not in container.objectIds():

--- a/bt5/erp5_web_shacache/TestTemplateItem/portal_components/test.erp5.ShaCacheMixin.py
+++ b/bt5/erp5_web_shacache/TestTemplateItem/portal_components/test.erp5.ShaCacheMixin.py
@@ -31,6 +31,8 @@
 import base64
 import hashlib
 import random
+from Products.ERP5Type.Utils import bytes2str, str2bytes
 class ShaCacheMixin(object):
  """
@@ -48,7 +50,8 @@ class ShaCacheMixin(object):
    self.shacache.publish()
    self.header_dict = {
      'Content-Type': 'application/json',
-      'Authorization': 'Basic %s' % (base64.encodestring('ERP5TypeTestCase:').strip())
+      'Authorization': 'Basic ' + bytes2str(base64.b64encode(str2bytes(
+        '%s:%s' % (self.manager_username, self.manager_password))))
    }
    self.shacache_url = self.shacache.absolute_url()
    self.tic()

--- a/bt5/erp5_web_shadir/TestTemplateItem/portal_components/test.erp5.ShaDirMixin.py
+++ b/bt5/erp5_web_shadir/TestTemplateItem/portal_components/test.erp5.ShaDirMixin.py
@@ -33,6 +33,7 @@ import platform
 import random
 from base64 import b64encode
 from DateTime import DateTime
+from Products.ERP5Type.Utils import bytes2str, str2bytes
 class ShaDirMixin(object):
@@ -69,7 +70,8 @@ class ShaDirMixin(object):
    self.header_dict = {
      'Content-Type': 'application/json',
-      'Authorization': 'Basic ' + b64encode('ERP5TypeTestCase:'),
+      'Authorization': 'Basic ' + bytes2str(b64encode(str2bytes(
+        '%s:%s' % (self.manager_username, self.manager_password))))
    }
    module = self.portal.web_site_module

--- a/bt5/test_conflict_resolution/TestTemplateItem/portal_components/test.erp5.testConflictResolution.py
+++ b/bt5/test_conflict_resolution/TestTemplateItem/portal_components/test.erp5.testConflictResolution.py
@@ -90,7 +90,7 @@ class TestERP5(ERP5TypeTestCase):
    other_node = self.getOtherZopeNodeList()[0]
    self.other_node = self.portal.portal_web_services.connect(
      "http://%s%s" % (other_node, self.portal.getPath()),
-      'ERP5TypeTestCase', '', 'xml-rpc')
+      self.manager_username, self.manager_password, 'xml-rpc')
    self.login()
  def testZODBCookie(self):

--- a/product/CMFActivity/tests/testCMFActivity.py
+++ b/product/CMFActivity/tests/testCMFActivity.py
@@ -159,8 +159,7 @@ class TestCMFActivity(ERP5TypeTestCase, LogInterceptor):
  def login(self):
    uf = self.portal.acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
+    uf._doAddUser('seb', self.newPassword(), ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
    user = uf.getUserById('seb').__of__(uf)
    newSecurityManager(None, user)
@@ -715,7 +714,7 @@ class TestCMFActivity(ERP5TypeTestCase, LogInterceptor):
    organisation =  self.getOrganisation()
    # Add new user toto
    uf = self.portal.acl_users
-    uf._doAddUser('toto', '', ['Manager'], [])
+    uf._doAddUser('toto', self.newPassword(), ['Manager'], [])
    user = uf.getUserById('toto').__of__(uf)
    newSecurityManager(None, user)
    # Execute something as toto

--- a/product/ERP5/bootstrap/erp5_core/ActionTemplateItem/portal_types/portal_actions/callable_tool.xml
+++ b/product/ERP5/bootstrap/erp5_core/ActionTemplateItem/portal_types/portal_actions/callable_tool.xml
@@ -42,7 +42,7 @@
        </item>
        <item>
            <key> <string>priority</string> </key>
-            <value> <float>3.0</float> </value>
+            <value> <float>3.5</float> </value>
        </item>
        <item>
            <key> <string>title</string> </key>

--- a/product/ERP5/tests/testERP5Callable.py
+++ b/product/ERP5/tests/testERP5Callable.py
@@ -26,7 +26,6 @@
 #
 ##############################################################################
-import unittest
 import sys
 import traceback
@@ -71,7 +70,7 @@ class TestERP5PythonScript(ERP5TypeTestCase):
  def test_manage_addPythonScriptThroughZMI(self):
    resp = self.publish(
      '/{}/portal_skins/manage_addProduct/ERP5/addPythonScriptThroughZMIForm'.format(self.portal.getId()),
-      basic='ERP5TypeTestCase:',
+      basic='%s:%s' % (self.manager_username, self.manager_password),
      handle_errors=False,
    )
    self.assertIn('ERP5 Python Scripts', resp.getBody())

--- a/product/ERP5/tests/testInvalidationBug.py
+++ b/product/ERP5/tests/testInvalidationBug.py
@@ -115,8 +115,11 @@ class TestInvalidationBug(ERP5TypeTestCase):
    ## make sure activity tool's OOBTree for family mapping is loaded before the test
    _ = activity_tool.getCurrentNodeFamilyIdSet()
    ## url to create some content using another zope
-    new_content_url = "http://ERP5TypeTestCase:@%s%s/Folder_create" % (
+    new_content_url = "http://%s:%s@%s%s/Folder_create" % (
-      node_list[0], self.portal.organisation_module.getPath())
+        self.manager_username,
+        self.manager_password,
+        node_list[0],
+        self.portal.organisation_module.getPath())
    ## prepare freeze/unfreeze of ZEO storage
    zeo_connection = storage._connection
    socket_map = zeo_connection._map

--- a/product/ERP5/tests/testInventoryAPI.py
+++ b/product/ERP5/tests/testInventoryAPI.py
@@ -144,13 +144,6 @@ class InventoryAPITestCase(ERP5TypeTestCase):
    self.tic()
-  def login(self, quiet=0, run=1):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('alex', '', ['Manager', 'Assignee', 'Assignor',
-                               'Associate', 'Auditor', 'Author'], [])
-    user = uf.getUserById('alex').__of__(uf)
-    newSecurityManager(None, user)
  def createCategories(self):
    """Create the categories for our test. """
    # create categories

--- a/product/ERP5/tests/testXHTML.py
+++ b/product/ERP5/tests/testXHTML.py
@@ -439,18 +439,7 @@ class TestXHTML(TestXHTMLMixin):
    )
  def afterSetUp(self):
-    self.portal = self.getPortal()
+    default_site_preference = self.portal.portal_preferences.default_site_preference
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    self.loginByUserName('seb')
-    addUserToDeveloperRole('seb') # required to create content in portal_components
-    self.enableDefaultSitePreference()
-  def enableDefaultSitePreference(self):
-    portal_preferences = getToolByName(self.portal, 'portal_preferences')
-    default_site_preference = portal_preferences.default_site_preference
    if self.portal.portal_workflow.isTransitionPossible(default_site_preference, 'enable'):
      default_site_preference.enable()

--- a/product/ERP5OOo/tests/TestFormPrintoutMixin.py
+++ b/product/ERP5OOo/tests/TestFormPrintoutMixin.py
@@ -40,12 +40,6 @@ class TestFormPrintoutMixin(ERP5TypeTestCase):
  def getBusinessTemplateList(self):
    return ('erp5_base', 'erp5_ui_test', 'erp5_odt_style')
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('zope', '', ['Manager'], [])
-    user = uf.getUserById('zope').__of__(uf)
-    newSecurityManager(None, user)
  def _validate(self, odf_file_data):
    error_list = self.validator.validate(odf_file_data)
    if error_list:

--- a/product/ERP5OOo/tests/testIngestion.py
+++ b/product/ERP5OOo/tests/testIngestion.py
@@ -37,7 +37,7 @@ from lxml import etree
 from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl import Unauthorized
 from DateTime import DateTime
-from Products.ERP5Type.Utils import convertToUpperCase
+from Products.ERP5Type.Utils import bytes2str, convertToUpperCase, str2bytes
 from Products.ERP5Type.tests.ERP5TypeTestCase import (
  ERP5TypeTestCase, _getConversionServerUrlList)
 from Products.CMFCore.WorkflowCore import WorkflowException
@@ -2057,7 +2057,7 @@ return result
                                        'disable_cookie_login__': 1,
                                        }), headers={
       'Authorization': 'Basic %s' %
-         base64.b64encode('ERP5TypeTestCase:')
+         bytes2str(base64.b64encode(str2bytes('%s:%s' % (self.manager_username, self.manager_password))))
      })
    # disable_cookie_login__ is required to force zope to raise Unauthorized (401)
    # then HTTPDigestAuthHandler can perform HTTP Authentication

--- a/product/ERP5OOo/tests/testOOoBatchMode.py
+++ b/product/ERP5OOo/tests/testOOoBatchMode.py
@@ -33,21 +33,6 @@ from AccessControl.SecurityManagement import newSecurityManager
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 class TestOoodResponse(ERP5TypeTestCase):
-  manager_username = 'rie'
-  manager_password = 'rie'
-  quiet = 1
-  run_all_test = 1
-  def getTitle(self):
-    return "TestOOoBatchMode"
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
  def getBusinessTemplateList(self):
    return ('erp5_base',)

--- a/product/ERP5OOo/tests/testOOoDynamicStyle.py
+++ b/product/ERP5OOo/tests/testOOoDynamicStyle.py
@@ -39,8 +39,6 @@ from Products.ERP5OOo.OOoUtils import OOoBuilder
 class TestOooDynamicStyle(ERP5TypeTestCase):
-  manager_username = 'tatuya'
-  manager_password = 'tatuya'
  content_type_writer = 'application/vnd.oasis.opendocument.text'
  content = "<office:document-content xmlns:draw='urn:oasis:names:tc:opendocument:xmlns:drawing:1.0' xmlns:office='urn:oasis:names:tc:opendocument:xmlns:office:1.0' xmlns:text='urn:oasis:names:tc:opendocument:xmlns:text:1.0' xmlns:ooo='http://openoffice.org/2004/office' xmlns:number='urn:oasis:names:tc:opendocument:xmlns:datastyle:1.0' xmlns:dc='http://purl.org/dc/elements/1.1/' xmlns:meta='urn:oasis:names:tc:opendocument:xmlns:meta:1.0' xmlns:table='urn:oasis:names:tc:opendocument:xmlns:table:1.0' xmlns:dr3d='urn:oasis:names:tc:opendocument:xmlns:dr3d:1.0' xmlns:fo='urn:oasis:names:tc:opendocument:xmlns:xsl-fo-compatible:1.0' xmlns:style='urn:oasis:names:tc:opendocument:xmlns:style:1.0' xmlns:xforms='http://www.w3.org/2002/xforms' xmlns:form='urn:oasis:names:tc:opendocument:xmlns:form:1.0' xmlns:script='urn:oasis:names:tc:opendocument:xmlns:script:1.0' xmlns:ooow='http://openoffice.org/2004/writer' xmlns:svg='urn:oasis:names:tc:opendocument:xmlns:svg-compatible:1.0' xmlns:chart='urn:oasis:names:tc:opendocument:xmlns:chart:1.0' xmlns:dom='http://www.w3.org/2001/xml-events' xmlns:xlink='http://www.w3.org/1999/xlink' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:oooc='http://openoffice.org/2004/calc' xmlns:math='http://www.w3.org/1998/Math/MathML' xmlns:tal='http://xml.zope.org/namespaces/tal' office:version='1.2'><office:scripts /><office:font-face-decls /><office:automatic-styles /><office:body><office:text /></office:body></office:document-content>"

--- a/product/ERP5OOo/tests/testOOoImport.py
+++ b/product/ERP5OOo/tests/testOOoImport.py
@@ -399,7 +399,7 @@ class TestOOoImport(TestOOoImportMixin):
    user_name = 'author'
    user_folder = self.portal.acl_users
-    user_folder._doAddUser(user_name, '', ['Author', 'Member'], [])
+    user_folder._doAddUser(user_name, self.newPassword(), ['Author', 'Member'], [])
    user = user_folder.getUserById(user_name).__of__(user_folder)
    newSecurityManager(None, user)

--- a/product/ERP5OOo/tests/testOOoStyle.py
+++ b/product/ERP5OOo/tests/testOOoStyle.py
@@ -62,7 +62,7 @@ class TestOOoStyle(ERP5TypeTestCase, ZopeTestCase.Functional):
      gender.newContent(id='male')
      self.portal.portal_caches.clearAllCache()
-    self.auth = 'ERP5TypeTestCase:'
+    self.auth = '%s:%s' % (self.manager_username, self.manager_password)
    person_module = self.portal.person_module
    if person_module._getOb('pers', None) is None:
      person_module.newContent(id='pers', portal_type='Person')

--- a/product/ERP5Security/tests/testERP5Security.py
+++ b/product/ERP5Security/tests/testERP5Security.py
@@ -1584,7 +1584,7 @@ class _TestKeyAuthenticationMixIn(object):
    self.assertEqual(response.getStatus(), 200)
    response = self.publish(
      base_url + '/' + web_page.getReference(),
-      basic='ERP5TypeTestCase:',
+      basic='%s:%s' % (self.manager_username, self.manager_password),
    )
    self.assertEqual(response.getStatus(), 200)
@@ -1603,7 +1603,7 @@ class TestOwnerRole(UserManagementTestCase):
      role_list = ['Member', 'Assignee', 'Assignor', 'Author', 'Auditor',
          'Associate']
    uf = self.portal.acl_users
-    uf._doAddUser(login, '', role_list, [])
+    uf._doAddUser(login, self.newPassword(), role_list, [])
  def test_owner_local_role_on_clone(self):
    # check that tested stuff is ok

--- a/product/ERP5Type/tests/ERP5TypeFunctionalTestCase.py
+++ b/product/ERP5Type/tests/ERP5TypeFunctionalTestCase.py
@@ -197,14 +197,9 @@ class FunctionalTestRunner:
  # There is no test that can take more than 6 hours
  timeout = 6.0 * 3600
-  def __init__(self, host, port, testcase):
+  def __init__(self, testcase):
-    self.instance_home = os.environ['INSTANCE_HOME']
-    # Such information should be automatically loaded
-    self.user = 'ERP5TypeTestCase'
-    self.password = ''
    self.testcase = testcase
-    profile_dir = os.path.join(self.instance_home, 'profile')
+    self.instance_home = os.environ['INSTANCE_HOME']
  def getStatus(self):
    transaction.begin()
@@ -326,10 +321,10 @@ class FunctionalTestRunner:
      EC.presence_of_element_located((By.ID, 'name')),
    )
    login_field.clear()
-    login_field.send_keys(self.user)
+    login_field.send_keys(self.testcase.manager_username)
    password_field = browser.find_element_by_id('password')
    password_field.clear()
-    password_field.send_keys(self.password)
+    password_field.send_keys(self.testcase.manager_password)
    login_form_url = browser.current_url
    # Note: password_field.submit() (and in general, x.submit(), even if x is
    # an <input type="submit"...>) does not work: it seems to submit only
@@ -341,6 +336,10 @@ class FunctionalTestRunner:
    WebDriverWait(browser, 10).until(EC.url_changes(login_form_url))
    WebDriverWait(browser, 10).until(EC.presence_of_element_located((By.TAG_NAME, 'body')))
+    # set the username and password in cookies, if test needs to log in again.
+    browser.add_cookie({'name': 'manager_username', 'value': self.testcase.manager_username})
+    browser.add_cookie({'name': 'manager_password', 'value': self.testcase.manager_password})
    browser.get(self._getTestURL())
    WebDriverWait(browser, 10).until(EC.presence_of_element_located((
       By.XPATH, '//iframe[@id="testSuiteFrame"]'
@@ -444,8 +443,7 @@ class ERP5TypeFunctionalTestCase(ERP5TypeTestCase):
    # non-recursive results clean of portal_tests/ or portal_tests/``run_only``
    self.portal.portal_tests.TestTool_cleanUpTestResults(self.run_only or None)
    self.tic()
-    host, port = self.startHTTPServer()
+    self.runner = FunctionalTestRunner(self)
-    self.runner = FunctionalTestRunner(host, port, self)
  def setSystemPreference(self):
    self.portal.Zuite_setPreference(

--- a/product/ERP5Type/tests/ERP5TypeLiveTestCase.py
+++ b/product/ERP5Type/tests/ERP5TypeLiveTestCase.py
@@ -151,12 +151,6 @@ class ERP5TypeLiveTestCase(ERP5TypeTestCaseMixin):
    def _setup(self):
        '''Change some site properties in order to be ready for live test
        '''
-        # force a random password for ERP5TypeTestCase user by removing
-        # any existing one
-        try:
-          self.portal.acl_users.zodb_users.removeUser('ERP5TypeTestCase')
-        except (AttributeError, KeyError):
-          pass
        # Disabling portal_activities is required in order to avoid
        # conflict with other threads doing tic in the same time
        self.login()

--- a/product/ERP5Type/tests/ERP5TypeTestCase.py
+++ b/product/ERP5Type/tests/ERP5TypeTestCase.py
@@ -218,6 +218,9 @@ class ERP5TypeTestCaseRequestConnection(object):
 class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.Functional):
    """Mixin class for ERP5 based tests.
    """
+    manager_username = 'ERP5TypeTestCase'
+    manager_password = None  # will be generated at setup
    def __init__(self, *args, **kw):
      super(ERP5TypeTestCaseMixin, self).__init__(*args, **kw)
      self.sequence_string_registry = {}
@@ -239,19 +242,40 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
      """
      return str(self.__class__)
-    def addERP5TypeTestCaseUser(self, password=None, user_folder=None):
+    def setUpManagerUser(self, quiet=False):
-      if password is None:
+      """Adds default manager user with all roles.
-        password = self.newPassword()
+      """
-      if user_folder is None:
+      self._setUpManagerPassword()
-        user_folder = self.portal.acl_users
+      uf = self.portal.acl_users
-      user_folder._doAddUser('ERP5TypeTestCase', password, ['Manager', 'Member', 'Assignee',
+      user = uf.getUser(self.manager_username)
+      if user is not None:
+        uf.zodb_users.removeUser(self.manager_username)
+      self._addUserWithAllRoles(
+        user_folder=uf,
+        username=self.manager_username,
+        password=self.manager_password,
+      )
+      if not quiet:
+        ZopeTestCase._print(
+          'Added %s user with password %s ...\n' % (
+            self.manager_username, self.manager_password))
+    def _setUpManagerPassword(self):
+      if self.manager_password is None:
+        ERP5TypeTestCaseMixin.manager_password = self.newPassword()
+    def _addUserWithAllRoles(self, user_folder, username, password):
+      """Adds a user with all roles.
+      """
+      assert user_folder._doAddUser(username, password, ['Manager', 'Member', 'Assignee',
                    'Assignor', 'Author', 'Auditor', 'Associate'], [])
    def newPassword(self):
      """ Generate a password """
      return ''.join(random.SystemRandom().sample(string.ascii_letters + string.digits, 20))
-    def login(self, user_name='ERP5TypeTestCase', quiet=0):
+    def login(self, user_name=None, quiet=0):
      """
      Most of the time, we need to login before doing anything
@@ -259,28 +283,18 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
      reality. If you want to login by user_name, use loginByUserName()
      instead.
      """
-      try:
+      if user_name is None:
-        PortalTestCase.login(self, user_name)
+        user_name = self.manager_username
-      except AttributeError:
+      return PortalTestCase.login(self, user_name)
-        if user_name == 'ERP5TypeTestCase':
-          self.addERP5TypeTestCaseUser()
-          return PortalTestCase.login(self, user_name)
-        else:
-          raise
-    def loginByUserName(self, user_name='ERP5TypeTestCase', quiet=0):
+    def loginByUserName(self, user_name=None, quiet=0):
      """
      Most of the time, we need to login before doing anything
      """
      uf = self.portal.acl_users
+      if user_name is None:
+        user_name = self.manager_username
      user = uf.getUser(user_name)
-      if user is None:
-        if user_name == 'ERP5TypeTestCase':
-          self.addERP5TypeTestCaseUser(password='', user_folder=uf)
-          user = uf.getUser(user_name)
-        else:
-          raise RuntimeError("Could not find username '%s'" % user_name)
      if not hasattr(user, 'aq_base'):
        user = user.__of__(uf)
      newSecurityManager(None, user)
@@ -348,7 +362,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
          self.REQUEST.other.pop(key, None)
    def _setupUser(self):
-      '''Creates the default user.'''
+      '''Creates the default member user (for PortalTestCase).'''
      uf = self.portal.acl_users
      # do nothing if the user already exists
      if not uf.getUserById(user_name):
@@ -537,7 +551,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
    def createSimpleUser(self, title, reference, function):
      """
        Helper function to create a Simple ERP5 User.
-        User password is the reference.
+        Default password is the reference.
      """
      user = self.createUser(reference, person_kw=dict(title=title))
      assignment = self.createUserAssignment(user, assignment_kw=dict(function=function))
@@ -546,7 +560,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
    def createUser(self, reference, password=None, person_kw=None):
      """
        Create an ERP5 User.
-        Default password is the reference.
+        User password is the reference.
        person_kw is passed as additional arguments when creating the person
      """
      if password is None:
@@ -904,9 +918,6 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
 class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
    __original_ZMySQLDA_connect = None
-    def addERP5TypeTestCaseUser(self, password=None, **kw):
-      return super(ERP5TypeCommandLineTestCase, self).addERP5TypeTestCaseUser(password='', **kw)
    def getPortalName(self):
      """
        Return the name of a portal for this test case.
@@ -1009,6 +1020,7 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
      light_install = self.enableLightInstall()
      create_activities = self.enableActivityTool()
      hot_reindexing = self.enableHotReindexing()
+      self._setUpManagerPassword()
      self.setUpERP5Site(business_template_list=template_list,
                         light_install=light_install,
                         create_activities=create_activities,
@@ -1238,17 +1250,20 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
            self._getBTPathAndIdList(business_template_list)
          try:
            _start = time.time()
-            # Add user and log in
+            # Add user at the root and log in
-            if not quiet:
-              ZopeTestCase._print('Adding ERP5TypeTestCase user ...\n')
            uf = app.acl_users
-            self.addERP5TypeTestCaseUser(user_folder=uf)
+            root_username = 'ERP5TypeTestCase.root'
-            user = uf.getUserById('ERP5TypeTestCase').__of__(uf)
+            self._addUserWithAllRoles(
+              user_folder=uf,
+              username=root_username,
+              password=self.manager_password,
+            )
+            user = uf.getUserById(root_username).__of__(uf)
            newSecurityManager(None, user)
            # bt5s contain ZODB Components which can be only installed if the
            # user has Developer Role
-            addUserToDeveloperRole('ERP5TypeTestCase')
+            addUserToDeveloperRole(root_username)
            # Add ERP5 Site
            reindex = 1
@@ -1292,10 +1307,12 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
            self._recreateCatalog()
            self._updateConversionServerConfiguration()
            self._updateMemcachedConfiguration()
-            # Create a Manager user at the Portal level
+            # Create a Manager user at the Portal level.
-            uf = self.getPortal().acl_users
+            self.setUpManagerUser(quiet=quiet)
-            self.addERP5TypeTestCaseUser()
+            uf = self.portal.acl_users
-            user = uf.getUserById('ERP5TypeTestCase').__of__(uf)
+            user = uf.getUserById(self.manager_username).__of__(uf)
+            newSecurityManager(None, user)
+            addUserToDeveloperRole(self.manager_username)
            self._callSetUpOnce()
            self._reindexSite()

--- a/product/ERP5Type/tests/testDynamicClassGeneration.py
+++ b/product/ERP5Type/tests/testDynamicClassGeneration.py
@@ -1564,7 +1564,7 @@ class TestZodbModuleComponent(SecurityTestCase):
    uf = self.portal.acl_users
    if not uf.getUserById('ERP5TypeTestCase_NonDeveloper'):
      uf._doAddUser('ERP5TypeTestCase_NonDeveloper',
-                    '', ['Manager', 'Member', 'Assignee',
+                    self.newPassword(), ['Manager', 'Member', 'Assignee',
                         'Assignor', 'Author', 'Auditor', 'Associate'], [])
    reference = self._generateReference('TestValidateInvalidateComponent')
@@ -2694,8 +2694,10 @@ def foobar(self, a, b="portal_type"):
    external_method.manage_setGuard({'guard_roles': 'Member'})
    self.assertEqual(self.portal.TestPythonScript(a='portal_ids'), 'Id Tool')
-    self.assertEqual(self.publish(base + '/portal_types/TestExternalMethod?'
+    self.assertEqual(self.publish(
-      'a=Types Tool&b=type_class', 'ERP5TypeTestCase:').getBody(), 'TypesTool')
+      base + '/portal_types/TestExternalMethod?a=Types Tool&b=type_class',
+      '%s:%s' % (self.manager_username, self.manager_password)
+    ).getBody(), b'TypesTool')
    sm = getSecurityManager()
    try:
@@ -3125,7 +3127,7 @@ InitializeClass(%(class_name)s)
    self.tic()
    response = self.publish(
      '%s/manage_addProduct/ERP5/manage_addToolForm' % self.portal.getPath(),
-      'ERP5TypeTestCase:')
+      '%s:%s' % (self.manager_username, self.manager_password))
    self.assertEqual(response.getStatus(), 200)
    self.assertNotIn('ERP5 Test Hook After Load Tool', response.getBody())
@@ -3137,7 +3139,7 @@ InitializeClass(%(class_name)s)
    self.assertEqual(component.getTextContentWarningMessageList(), [])
    response = self.publish(
      '%s/manage_addProduct/ERP5/manage_addToolForm' % self.portal.getPath(),
-      'ERP5TypeTestCase:')
+      '%s:%s' % (self.manager_username, self.manager_password))
    self.assertEqual(response.getStatus(), 200)
    self.assertIn('ERP5 Test Hook After Load Tool', response.getBody())

--- a/product/ZMySQLDA/tests/testDeferredConnection.py
+++ b/product/ZMySQLDA/tests/testDeferredConnection.py
@@ -69,15 +69,6 @@ class TestDeferredConnection(ERP5TypeTestCase):
  def getTitle(self):
    return "Deferred Connection"
-  def afterSetUp(self):
-    self.login()
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('vincent', '', ['Manager'], [])
-    user = uf.getUserById('vincent').__of__(uf)
-    newSecurityManager(None, user)
  def monkeypatchConnection(self, connection):
    """
      Apply monkey patch on db and reset connection state to "unconnected".