diff --git a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
index 7cd6d301213039db0f886b65e32084982fa96188..2d04672f69d87d7b24bc7641eb50565e87a794f5 100644
--- a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
+++ b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
@@ -28,10 +28,52 @@ trait BasicAuthTestTrait {
    *   The retrieved HTML string, also available as $this->getRawContent().
    */
   protected function basicAuthGet($path, $username, $password, array $options = []) {
-    // Set up Curl to use basic authentication with the test user's credentials.
-    $headers = ['Authorization: Basic ' . base64_encode("$username:$password")];
+    return $this->drupalGet($path, $options, $this->getBasicAuthHeaders($username, $password));
+  }
+
+  /**
+   * Executes a form submission using basic authentication.
+   *
+   * @param string $path
+   *   Location of the post form.
+   * @param array $edit
+   *   Field data in an associative array.
+   * @param string $submit
+   *   Value of the submit button whose click is to be emulated.
+   * @param string $username
+   *   The username to use for basic authentication.
+   * @param string $password
+   *   The password to use for basic authentication.
+   * @param array $options
+   *   Options to be forwarded to the url generator.
+   * @param string $form_html_id
+   *   (optional) HTML ID of the form to be submitted.
+   * @param string $extra_post
+   *   (optional) A string of additional data to append to the POST submission.
+   *
+   * @return string
+   *   The retrieved HTML string.
+   *
+   * @see \Drupal\simpletest\WebTestBase::drupalPostForm()
+   */
+  protected function basicAuthPostForm($path, $edit, $submit, $username, $password, array $options = array(), $form_html_id = NULL, $extra_post = NULL) {
+    return $this->drupalPostForm($path, $edit, $submit, $options, $this->getBasicAuthHeaders($username, $password), $form_html_id, $extra_post);
+  }
 
-    return $this->drupalGet($path, $options, $headers);
+  /**
+   * Returns HTTP headers that can be used for basic authentication in Curl.
+   *
+   * @param string $username
+   *   The username to use for basic authentication.
+   * @param string $password
+   *   The password to use for basic authentication.
+   *
+   * @return array
+   *   An array of raw request headers as used by curl_setopt().
+   */
+  protected function getBasicAuthHeaders($username, $password) {
+    // Set up Curl to use basic authentication with the test user's credentials.
+    return ['Authorization: Basic ' . base64_encode("$username:$password")];
   }
 
 }
diff --git a/core/modules/simpletest/src/WebTestBase.php b/core/modules/simpletest/src/WebTestBase.php
index 99cb227e6c6d7b5d0df4174f85c4a47e3875e577..8e224c11bfbc4ce1fd84c41ec1379668a3fb12b2 100644
--- a/core/modules/simpletest/src/WebTestBase.php
+++ b/core/modules/simpletest/src/WebTestBase.php
@@ -1369,7 +1369,7 @@ protected function isInChildSite() {
    *   An array containing additional HTTP request headers, each formatted as
    *   "name: value".
    *
-   * @return
+   * @return string
    *   The retrieved HTML string, also available as $this->getRawContent()
    */
   protected function drupalGet($path, array $options = array(), array $headers = array()) {
diff --git a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
index 121bc3450d30c95f41afde2d11e9df7f04f026f1..1a67266809c012ab74c072179c8a82c418756343 100644
--- a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
+++ b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
@@ -78,4 +78,36 @@ public function testSessionFromBasicAuthenticationDoesNotLeak() {
     $this->assertResponse(401, 'A subsequent request to the same route without basic authentication is not authorized.');
   }
 
+  /**
+   * Tests if a session can be initiated through basic authentication.
+   */
+  public function testBasicAuthSession() {
+    // Set a session value on a request through basic auth.
+    $test_value = 'alpaca';
+    $response = $this->basicAuthGet('session-test/set-session/' . $test_value, $this->user->getUsername(), $this->user->pass_raw);
+    $this->assertSessionData($response, $test_value);
+    $this->assertResponse(200, 'The request to set a session value was successful.');
+
+    // Test that on a subsequent request the session value is still present.
+    $response = $this->basicAuthGet('session-test/get-session', $this->user->getUsername(), $this->user->pass_raw);
+    $this->assertSessionData($response, $test_value);
+    $this->assertResponse(200, 'The request to get a session value was successful.');
+  }
+
+  /**
+   * Checks the session data returned by the session test routes.
+   *
+   * @param string $response
+   *   A response object containing the session values and the user ID.
+   * @param string $expected
+   *   The expected session value.
+   */
+  protected function assertSessionData($response, $expected) {
+    $response = json_decode($response, TRUE);
+    $this->assertEqual(['test_value' => $expected], $response['session'], 'The session data matches the expected value.');
+
+    // Check that we are logged in as the correct user.
+    $this->assertEqual($this->user->id(), $response['user'], 'The correct user is logged in.');
+  }
+
 }
diff --git a/core/modules/system/tests/modules/session_test/session_test.routing.yml b/core/modules/system/tests/modules/session_test/session_test.routing.yml
index 0cedf4f9bfe097114e714ff7a93d5f379219ea14..b2ef74f8b948ffe2d71deb3b36ae2c926f237ee1 100644
--- a/core/modules/system/tests/modules/session_test/session_test.routing.yml
+++ b/core/modules/system/tests/modules/session_test/session_test.routing.yml
@@ -107,3 +107,15 @@ session_test.get_session_no_auth:
     _controller: '\Drupal\session_test\Controller\SessionTestController::getSession'
   requirements:
     _access: 'TRUE'
+
+session_test.set_session:
+  path: '/session-test/set-session/{test_value}'
+  defaults:
+    _title: 'Set a session value using basic authentication'
+    _controller: '\Drupal\session_test\Controller\SessionTestController::setSession'
+  options:
+    _auth: ['basic_auth']
+    converters:
+      test_value: '\s+'
+  requirements:
+    _permission: 'administer site configuration'
diff --git a/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php b/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
index 41fe7edc8dbd115026444314044b2002cf912ecb..b17d9a0684cc25e090b898710ef788d2ef5505f3 100644
--- a/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
+++ b/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
@@ -175,4 +175,21 @@ public function getSession(Request $request) {
     return new JsonResponse(['session' => $request->getSession()->all(), 'user' => $this->currentUser()->id()]);
   }
 
+  /**
+   * Sets a test value on the session.
+   *
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The request object.
+   * @param string $test_value
+   *   A value to set on the session.
+   *
+   * @return \Symfony\Component\HttpFoundation\JsonResponse
+   *   A response object containing the session values and the user ID.
+   */
+  public function setSession(Request $request, $test_value) {
+    $session = $request->getSession();
+    $session->set('test_value', $test_value);
+    return new JsonResponse(['session' => $session->all(), 'user' => $this->currentUser()->id()]);
+  }
+
 }