HTTP Basic Auth via URL in Firefox does not work?

testing selenium basic-authentication functional-testing
44,825

Solution 1

Contributing to Druska´s answer, you can do the same configuration using Selenium 2 API:

FirefoxProfile profile = new FirefoxProfile();
profile.setPreference("network.http.phishy-userpass-length", 255);
profile.setPreference("network.automatic-ntlm-auth.trusted-uris","yourDomain");
new FirefoxDriver(profile);

This approach is simpler and you do not have to ask every developer to change their Firefox configuration. I only tested with the Firefox driver.

UPDATE:

For some reason (maybe the ones explained at https://stackoverflow.com/a/14348701/256245), the above solution does not work with newer versions of Firefox. Here is what works for me now (tested with Firefox 19.0.2):

  1. Install AutoAuth Firefox plugin;
  2. Visit the site where the authentication is needed. Enter your username and password and make sure to choose to save the credentials;
  3. Save AutoAuth installation file at your hard drive: at the plugin page, right click at “Add to Firefox” and “Save link as”;

  4. Instantiate Firefox webdriver as following:

    FirefoxProfile firefoxProfile = new ProfilesIni().getProfile("default");
File pluginAutoAuth = new File("src/test/resources/autoauth-2.1-fx+fn.xpi");
firefoxProfile.addExtension(pluginAutoAuth);
return new FirefoxDriver(firefoxProfile);

Make sure to instantiate the pluginAutoAuth File with the correct path where you saved the plugin installation. If you do not feel comfortable using the default profile, you can use Firefox Profile Manager and create one specific to your tests.

Reference to this new solution: http://watirmelon.com/2012/06/27/automatic-firefox-authentication-when-using-selenium-webdriver-with-autoauth/

Solution 2

I have a solution for Firefox and Internet Explorer.

For Firefox, you need to go into about:config and create the integer network.http.phishy-userpass-length with a length of 255. This tells Firefox not to popup an authentication box if the username and password are less than 255 characters. You can now use http://user:[email protected] to authenticate.

For Internet Explorer, you must edit the registry. In the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE, create the DWORD values iexplore.exe and explorer.exe and make sure their values are 0.

I had to override NTLM authentication aswell. To NTLM authenticate using the HTTP basic authentication syntax in Firefox, simply specify the domains being used in the Firefox config string network.automatic-ntlm-auth.trusted-uris (accompanying the first config option). This will work in IE with the registy edit alone.

Solution 3

Add a slash after the context root:

Instead of: selenium.open("http://myusername:[email protected]/mypath");

use: selenium.open("http://myusername:[email protected]/mypath/");

It makes all the difference of the world adding the slash at the end of the context root. Without the slash, the popup opens, with the slash it gets authenticated as expected.

Note, that this is not a selenium bug or whatnot, but a firefox thing. You can use your command line as well to see for yourself:

 C:\Program Files\Mozilla Firefox>firefox http://myusername:[email protected]/mypath/

For me, it works even without settings the networks uris:

FirefoxProfile profile = new FirefoxProfile();
//profile.setPreference("network.automatic-ntlm-auth.trusted-uris", "mydomain.com");
//profile.setPreference("network.negotiate-auth.trusteduris", "mydomain.com");

WebDriver driver = new FirefoxDriver(profile);

driver.navigate().to("http://myusername:[email protected]/mypath/");


versions
Firefox 19.0,
selenium-java 2.31.0

Solution 4

If you are using the FireFox Driver ... You can create a FireFox profile and save the username/pass in password manager and use an add-on to auto login. Remember if you create a FireFox or Chrome driver in Selenium, by default it uses an anonymous profile. So none of your regular extensions/add-ons/etc will be used. So it's best ot create a profile that can be distributed and saved in source control.

1) In Windows, from the run/start menu type "firefox.exe -p" to bring up the Profile Manager and create a custom one and save it in a location with the rest of your code.

2) Don't ask at startup is checked

3) Download AutoAuth add-on https://addons.mozilla.org/en-US/firefox/addon/autoauth/

4) Visit the site that requires HTTP Basic Authentication and save the credentials

Next time you visit the site, AutoAuth will login you without the authentication required prompt showing up.

If you have NTLM, you can modify the configuration setting to include the host names: network.automatic-ntlm-auth.trusted-uris

Solution 5

You could try to manipulate the headers directly like this:

First when you start, you have to enable Selenium ti manipulate headers:

selenium.start("addCustomRequestHeader=true");

Then you have to use some basic encoding and header manipulation like this:

    String authHeader = "";
    try {
    BASE64Encoder coder = new BASE64Encoder();
    authHeader = coder.encode("developers:Str492ight".getBytes());
    }
    catch (Exception e)
    {
    e.printStackTrace();
    }
    setUpSelenium();
    startSelenium();
    selenium.addCustomRequestHeader("Authorization", "Basic " + authHeader);
    selenium.open("/");
    selenium.waitForPageToLoad("10000");

The space after Basic is necessary. This is how a basic HTTP authentication header looks like..

Further more you could use some Http Watchers to see if the request contains your auth request.

Either use Wireshark, or better is Fiddler or Charles Proxy.

Hope that helped. Gergely.

Share:
44,825
Peter
Author by

Peter

Updated on July 05, 2022

Comments

  • Peter
    Peter almost 2 years

    I know that normally you can login to sites that require HTTP basic authentication with Selenium by passing the username and password in the URL, e.g.:

    selenium.open("http://myusername:[email protected]/mypath");

    I've been running a Selenium test with Firefox 2 or 3 and there I still get the "Authentication Required" dialog window?

    Update: It seems not to be a Selenium problem but rather a Firefox issue. If I enter the URL manually within FF I'll get the authentication dialog, but if I enter the URL in Opera, my page is displayed without showing an authentication dialog.

  • Peter
    Peter almost 14 years
    Hi Gergely, thanks for the hint. I've tried it unfortunately the authorization window still pops up. I tried to capture the HTTP headers with Firebug and TamperData. With both on my initial request on the URL myusername:[email protected]/mypath I don't see any request. Only after entering the username/password in the auth window, the request is send and the HTTP header contains the Basic auth attribute.
  • Hannibal
    Hannibal almost 14 years
    Damn... I can only think of what is left is looking into the log of the server it self if it was received or rejected... I'm sorry i don't have any ideas left :(
  • nirvdrum
    nirvdrum almost 14 years
    Peter, You can only add request headers if you're using the Selenium server as a proxy. I've written an article up about this: mogotest.com/blog/2010/06/23/… Hopefully that helps you out.
  • nirvdrum
    nirvdrum over 13 years
    addCustomRequestHeader does not require proxy injection mode. It requires that the browser use Selenium server as proxy. This is the difference between "*iexploreproxy" and "*piexplore". If you decide to create your own launcher, you even could use the HTA launcher against the Selenium proxy in IE, for example. I highly recommend you avoid proxy injection.
  • Sebastien B.
    Sebastien B. over 13 years
    Thanks nirvdrum. I might give the addCustomRequestHeader another try then. Actually I got the idea from your blog but I was trying to implement it in Java. Being relatively new to Selenium, I got confused between proxy injection and using selenium rc as a proxy.
  • MacGyver
    MacGyver about 12 years
  • iGallina
    iGallina over 9 years
    How to specify more than one domain at the network.automatic-ntlm-auth.trusted-uris string ? ( xxx; xxx; ) ?
  • David Spence
    David Spence about 8 years
    Wish I could give you more upvotes for mentioning the that the ending slash is required... amazing. Was banging my head against a wall...
  • bhasker
    bhasker over 7 years
    Wow. i'm struggling from day. This is just solved my problem with one /. Thank you
  • Markus Schulte
    Markus Schulte over 7 years
    Helps me, too. Unbelievable. I am using chromedriver.
  • Evgeny Veretennikov
    Evgeny Veretennikov almost 7 years
    @DavidSpence you could award bounty, that's kind of "giving more upvotes" ;)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Running a single test in maven -> No tests were executed
How to play & pause video using Selenium?
Can JMeter be used to perform Functional testing?
Robot framework, how to check class
Using Selenium, xpath cannot find 'text' element
Opening a new tab in the same window session of the browser through Selenium WebDriver?
xpath - select element that contains text in CLASS name
How do I continuously run a single test case using Selenium?
Protractor test in IE
Selenium - Difference between WebDriver.findElement() and WebElement.findElement()