diff --git a/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php b/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php
index 7c40096..0e155d7 100644
--- a/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php
+++ b/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php
@@ -22,6 +22,20 @@ class AuthTest extends RESTTestBase {
   public static $modules = array('basic_auth', 'hal', 'rest', 'entity_test');
 
   /**
+   * An entity corresponding to the testing resource.
+   *
+   * @var \Drupal\entity\Entity
+   */
+  protected $entity;
+
+  /**
+   * A testing user account.
+   *
+   * @var \Drupal\user\Entity\User
+   */
+  protected $account;
+
+  /**
    * {@inheritdoc}
    */
   public static function getInfo() {
@@ -32,10 +46,9 @@ public static function getInfo() {
     );
   }
 
-  /**
-   * Tests reading from an authenticated resource.
-   */
-  public function testRead() {
+  public function setUp() {
+    parent::setUp();
+
     $entity_type = 'entity_test';
 
     // Enable a test resource through GET method and basic HTTP authentication.
@@ -44,9 +57,10 @@ public function testRead() {
     // Create an entity programmatically.
     $entity = $this->entityCreate($entity_type);
     $entity->save();
+    $this->entity = $entity;
 
     // Try to read the resource as an anonymous user, which should not work.
-    $response = $this->httpRequest('entity/' . $entity_type . '/' . $entity->id(), 'GET', NULL, $this->defaultMimeType);
+    $this->httpRequest('entity/' . $entity_type . '/' . $entity->id(), 'GET', NULL, $this->defaultMimeType);
     $this->assertResponse('401', 'HTTP response code is 401 when the request is not authenticated and the user is anonymous.');
     $this->assertText('A fatal error occurred: No authentication credentials provided.');
 
@@ -55,18 +69,32 @@ public function testRead() {
     // with session cookies.
     $permissions = $this->entityPermissions($entity_type, 'view');
     $permissions[] = 'restful get entity:' . $entity_type;
-    $account = $this->drupalCreateUser($permissions);
-    $this->drupalLogin($account);
+    $this->account = $this->drupalCreateUser($permissions);
+  }
+
+  /**
+   * Tests that disabled auth results in 401 response.
+   */
+  public function testDisabledAuth() {
+    $this->drupalLogin($this->account);
 
     // Try to read the resource with session cookie authentication, which is
     // not enabled and should not work.
-    $response = $this->httpRequest('entity/' . $entity_type . '/' . $entity->id(), 'GET', NULL, $this->defaultMimeType);
+    $this->httpRequest('entity/' . $this->entity->entityType() . '/' . $this->entity->id(), 'GET', NULL, $this->defaultMimeType);
     $this->assertResponse('401', 'HTTP response code is 401 when the request is authenticated but not authorized.');
 
-    // Now read it with the Basic authentication which is enabled and should
-    // work.
-    $response = $this->basicAuthGet('entity/' . $entity_type . '/' . $entity->id(), $account->getUsername(), $account->pass_raw);
-    $this->assertResponse('200', 'HTTP response code is 200 for successfuly authorized requests.');
+    $this->curlClose();
+  }
+
+  /**
+   * Test that enabled auth results in a 200 response.
+   */
+  public function testEnabledAuth() {
+    // Try to read the resource with Basic authentication, which is enabled and
+    // should work.
+    $this->basicAuthGet('entity/' . $this->entity->entityType() . '/' . $this->entity->id(), $this->account->getUsername(), $this->account->pass_raw);
+    $this->assertResponse('200', 'HTTP response code is 200 for successfully authorized requests.');
+
     $this->curlClose();
   }