My fellow colleagues were asking me on tips to bypass the apache/http authentication. They badly want that hack in place since there is no compromise for the apache authentication to be removed from the QA code base.
I digged old code bases and backups and dust it off. finally I decided to write the hack code based on the webdriver. Basically I derived this from other blogs and groups.
Here is what It looked like.
import org.openqa.selenium.WebDriverBackedSelenium;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxProfile;
public class demo {
public static void main(String[] args) throws InterruptedException {
String url = "http://user:pass@demo.mydomain.com/";
String email ="tester@test.com";
String pwd = "password";
FirefoxProfile profile = new FirefoxProfile();
profile.setPreference("network.http.phishy-userpass-length", 255);
profile.setAcceptUntrustedCertificates(true);
profile.setPreference("network.automatic-ntlm-auth.trusteduris", "demo.mydomain.com");
FirefoxDriver driver = new FirefoxDriver(profile);
WebDriverBackedSelenium selenium = new WebDriverBackedSelenium(driver, "");
selenium.open(url);
selenium.click("link=Log In");
selenium.type("cust_email", email);
selenium.type("cust_pass", pwd);
selenium.click("//input[@value='Log In']");
}
}
As you can see from the code, its a hack for the firefox using the profile settings. you can use this code to access any site based on the apache authentication using the firefox.
I digged old code bases and backups and dust it off. finally I decided to write the hack code based on the webdriver. Basically I derived this from other blogs and groups.
Here is what It looked like.
import org.openqa.selenium.WebDriverBackedSelenium;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxProfile;
public class demo {
public static void main(String[] args) throws InterruptedException {
String url = "http://user:pass@demo.mydomain.com/";
String email ="tester@test.com";
String pwd = "password";
FirefoxProfile profile = new FirefoxProfile();
profile.setPreference("network.http.phishy-userpass-length", 255);
profile.setAcceptUntrustedCertificates(true);
profile.setPreference("network.automatic-ntlm-auth.trusteduris", "demo.mydomain.com");
FirefoxDriver driver = new FirefoxDriver(profile);
WebDriverBackedSelenium selenium = new WebDriverBackedSelenium(driver, "");
selenium.open(url);
selenium.click("link=Log In");
selenium.type("cust_email", email);
selenium.type("cust_pass", pwd);
selenium.click("//input[@value='Log In']");
}
}
As you can see from the code, its a hack for the firefox using the profile settings. you can use this code to access any site based on the apache authentication using the firefox.
Are you talking about HTTP authentication popup window that shows up? The code posted only shows logging in to web form. I assume the FF profile maps the HTTP popup login to the web form, or simply bypasses that so that it does not ask for login via popup dialog window?
ReplyDelete