HTTP Basic Auth via URL in Firefox does not work?

Question

I know that normally you can login to sites that require HTTP basic authentication with Selenium by passing the username and password in the URL, e.g.:

sele         


        

Answer 1

Contributing to Druska´s answer, you can do the same configuration using Selenium 2 API:

FirefoxProfile profile = new FirefoxProfile();
profile.setPreference("network.http.phishy-userpass-length", 255);
profile.setPreference("network.automatic-ntlm-auth.trusted-uris","yourDomain");
new FirefoxDriver(profile);

This approach is simpler and you do not have to ask every developer to change their Firefox configuration. I only tested with the Firefox driver.

UPDATE:

For some reason (maybe the ones explained at https://stackoverflow.com/a/14348701/256245), the above solution does not work with newer versions of Firefox. Here is what works for me now (tested with Firefox 19.0.2):

1. Install AutoAuth Firefox plugin;
2. Visit the site where the authentication is needed. Enter your username and password and make sure to choose to save the credentials;
3. Save AutoAuth installation file at your hard drive: at the plugin page, right click at “Add to Firefox” and “Save link as”;

4. Instantiate Firefox webdriver as following:

   FirefoxProfile firefoxProfile = new ProfilesIni().getProfile("default");
   File pluginAutoAuth = new File("src/test/resources/autoauth-2.1-fx+fn.xpi");
   firefoxProfile.addExtension(pluginAutoAuth);
   return new FirefoxDriver(firefoxProfile);
   

Make sure to instantiate the pluginAutoAuth File with the correct path where you saved the plugin installation. If you do not feel comfortable using the default profile, you can use Firefox Profile Manager and create one specific to your tests.

Reference to this new solution: http://watirmelon.com/2012/06/27/automatic-firefox-authentication-when-using-selenium-webdriver-with-autoauth/

Answer 2

Well, you can make you use of the Sikuli script to handle this Firefox Authentication popup in Windows as well as in Linux environment.

• Download and Setup Sikuli in Windows/Linux(Need to install dependencies)
• Use the following Sikuli Script to handle popup: where Authentilcat1.png is the popup image and it will handle 100 popups

for i in range (100): while exists(Pattern("Authentlcatl.png").similar(0.99)): print("Found Authentication Popup") wait(2) type("admin" + Key.TAB) type("admin" + Key.ENTER)

• Use the following code to trigger and terminate the Sikuli script from Java code:

To Trigger the Sikuli Script:

String[] lincmd = { "bash", "-c", "sudo java -jar Sikuli-X/Sikuli-IDE/sikuli-script.jar Sikuli-X/Sikuli-IDE/new1.sikuli/" };

java.lang.Runtime.getRuntime().exec(lincmd);

To Terminate the Sikuli Script:

String[] lincmd = { "bash", "-c", "sudo kill $(ps aux | grep '[s]ikuli' | awk '{print $2}')" };

java.lang.Runtime.getRuntime().exec(lincmd);

• After triggering the Sikuli script from Java code,Sikuli script will run as another process separately,so finally in the Java code terminating the Sikuli script.

• So whenever the popup appears in the screen,Sikuli script will handle.

Answer 3

If you are using the FireFox Driver ... You can create a FireFox profile and save the username/pass in password manager and use an add-on to auto login. Remember if you create a FireFox or Chrome driver in Selenium, by default it uses an anonymous profile. So none of your regular extensions/add-ons/etc will be used. So it's best ot create a profile that can be distributed and saved in source control.

1) In Windows, from the run/start menu type "firefox.exe -p" to bring up the Profile Manager and create a custom one and save it in a location with the rest of your code.

2) Don't ask at startup is checked

3) Download AutoAuth add-on https://addons.mozilla.org/en-US/firefox/addon/autoauth/

4) Visit the site that requires HTTP Basic Authentication and save the credentials

Next time you visit the site, AutoAuth will login you without the authentication required prompt showing up.

If you have NTLM, you can modify the configuration setting to include the host names: network.automatic-ntlm-auth.trusted-uris

Answer 4

Firefox 17 'username:password' (RFC1738) processing is disallowed by default in Firefox (it had worked earlier). However, I've found that it can be re-enabled by:

FirefoxProfile profile = new FirefoxProfile();
profile.setPreference("network.negotiate-auth.trusteduris", hostname);
driver = new FirefoxDriver(profile);
driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
selenium = new WebDriverBackedSelenium(driver, "http:// + username + ":"
    + password + "@"
    + hostname + ":" + port + baseUrl);

Works on Selenium 2.28.0, Firefox 17; used for DigestAuth login.

Answer 5

I have a solution for Firefox and Internet Explorer.

For Firefox, you need to go into about:config and create the integer network.http.phishy-userpass-length with a length of 255. This tells Firefox not to popup an authentication box if the username and password are less than 255 characters. You can now use http://user:pass@domain.com to authenticate.

For Internet Explorer, you must edit the registry. In the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE, create the DWORD values iexplore.exe and explorer.exe and make sure their values are 0.

I had to override NTLM authentication aswell. To NTLM authenticate using the HTTP basic authentication syntax in Firefox, simply specify the domains being used in the Firefox config string network.automatic-ntlm-auth.trusted-uris (accompanying the first config option). This will work in IE with the registy edit alone.

Answer 6

As mentioned, the addCustomRequestHeader solution can only work with proxy injection mode. But when I tried to implement it, I got into other issues related to that proxy injection mode.

It's not clear to me if proxy injection even work at all when using the Java client. Anytime I would call open(), I got a weird error stating: "this.onXhrStateChange.bind is not a function". The only solution I found implied that you need to add an extra parameter with the value 'true' to the open() method but the Java client API only accepts a single parameter.

So I had to settle for the browser config solutions explained above which I don't really feel comfortable with since they depend on the vendor's willingness to support them.

Porting your tests to Selenium 2 (still alpha as of now) might be a better prospect but in my case it won't be possible until Selenium Grid supports Selenium 2.

Hope that can help anyone, Sebastien