发表新帖
发表新帖

Testing web service with SoapUI and Windows authentication

后端 未结
关注
5 1022
青春惊慌失措
青春惊慌失措 2020-12-02 07:14

Is it possible to include the Windows domain credentials to test my web service with SOAP UI?

I found a properties page but the IIS just responses with \"wrong cred

相关标签:
5条回答
  • 执笔经年
    2020-12-02 07:19

    The accepted solution will work in most scenarios. If, however, the service uses delegation to access resources on other servers, you will run into a double-hop issue with the NTLM authentication the Burp proxy uses. The proxy will successfully authenticate to the service, but subsequent calls made by the service to other resources using delegation will fail.

    The issue is described well in this article:

    http://blogs.msdn.com/b/besidethepoint/archive/2010/05/09/double-hop-authentication-why-ntlm-fails-and-kerberos-works.aspx

    The easiest workaround I found for this was to use Fiddler as a proxy. On Fiddler's Rules menu, select 'Automatically Authenticate.' Then update your SoapUI preferences to use fiddler as a proxy (the default location is localhost:8888). Now your calls will be wrapped in a credential that can be delegated.

    If you use LoadUI to execute your SoapUI test cases, the SoapUI test runner will use your SoapUI proxy settings, and your calls will continue to work.

    0 讨论(0)
  • 有刺的猬
    2020-12-02 07:19

    Current release SoapUI 4.5.1 doesn't work with windows authentication, but nightly build version runs again well.

    Download nightly build version

    0 讨论(0)
  • 情话喂你
    2020-12-02 07:20

    SoapUI doesn't seem to work directly with NTLM authentication, but you can use a proxy such as Burp Suite to do the auth for you.

    1. Download Burp Suite from http://portswigger.net/burp/ and crank it up.
    2. On Burp's "Proxy : Intercept" tab, click the button to turn intercept off.
    3. On Burp's "Proxy : Options" tab, make sure it's set to an unused port, the default is 8081
    4. On Burp's "Options" tab, tick "do www authentication" and add a setting for the server you wish to hit. Also tick "prompt for credentials on authentication failure"
    5. Switch to Burp's "Proxy : History" tab so you can see requests going through.
    6. In SoapUI, choose File > Preferences, then select "Proxy Settings". Enter Host "localhost" and port "8081".
    7. Use SoapUI as normal. It will send requests through Burp Proxy, which will do the NTLM authentication for you.
    0 讨论(0)
  • 孤独总比滥情好
    2020-12-02 07:21

    I think SoapUI might only support NT authentication for the WSDL.

    you can see some detail of how it is implemented here:

    • http://www.soapui.org/xref/com/eviware/soapui/impl/wsdl/support/wsdl/UrlWsdlLoader.html

    (BTW, this google search doesn't look promising for you!)

    0 讨论(0)
  • 伪装坚强ぢ
    2020-12-02 07:42

    soapUI 4.5 just added support for NTLMv2 which negates the need for Burp Suite.

    0 讨论(0)
 看不清?
提交回复
热议问题