I understand that Watir and Selenium have issues with NTLM auth when trying to login to web pages for testing. My research indicated that there are two normal work around. 1. add the credentials into the URL 2. use an auto auth plugin/extension. I currently don't have the option of using an extension in my environment, though I'm working on that. So, I'm left with passing credentials.
The problem I have is as follows.
Chrome:
In Chrome I pass the credentials manually (as in I type it into the browser directly) as http://password:user#example.com/ and it opens the page, but does not populate the popup. If I try to manually pass it as http://example.com?username=usr&password=password, it populates the auth pop up but does not proceed.
If I try to automate with ruby using the following code all I get is unknown user name and password. I have confrimed that the usr and pwd are correct.
browser.goto("http://example.com?login=usr&password=password")
browser.goto("http://password:usr#example.com/")
IE
IE behaves a bit differently.
In IE I pass the credentials manually as http://password:user#example.com/ and it returns an error that it can't find the page. If I try to manually pass it as http://example.com?username=usr&password=password, it logs in correctly.
If I try to automate with ruby using the following code the first example throws an page can't be found error. The second example opens the page, but does not populate the popup. I have confirmed that the usr and pwd are correct.
browser.goto("http://example.com?login=usr&password=password")
browser.goto("http://password:usr#example.com/")
What am I doing wrong?
My environment is Windows 7 Pro, IE 11 and Chrome 60.
Found an article that indicates MS removed auth in URL. So it makes sense that pwd:usr# doesn't work. Article ID: 834489
Ok, I have found the answer. After discussing it with my company's senior architect, there is no way to access an NTLM Windows authentication form by design. It's literally designed so that it can't be automated that way as a security measure.
The one workaround that he did suggest as a way to deal with the authentication issue is to use something like C# (our standard) and open the browser with the assumption that the user is already logged in. This will completely bypass the authorization pop up rendering the issue null. I'm unclear exactly how to do this, but I hope this provides a useful direction for others.
Related
I'm developing an app where automation is the main component. It setups by showing the QR code in front of the camera and then everything is set up automatically. I wonder if it's possible to get a "code" by passing the credentials with a POST request or something similar without the user needing to interact. Let's assume the user gave consent already on a computer.
There is a method to Get access on behalf of a user:
Please refer this document for further information: https://learn.microsoft.com/en-us/graph/auth-v2-user
They say its a quickstart but idk lol
Any way I have attempted to connect to the google api with Ruby for an entire week and eventually said I am going to see if its easier with python, turns out it is not.
I have added my redirect URI in the Oauth Credential. I have tried using a web applications type, a desktop app, and a tv or limited input device.
All of them return errors.
Error 400: redirect uri mismatch
Error 400: Invalid Request
Couldnt Log you in, The browser you are using doesnt support javascript, please try signing in in a browser with javascript enabled.
It keeps trying to use a localhost uri even when its set to my authorized one in the json credentials....
Is there anyone who can help me just get a basic example connection to the API working I am starting to lose hope that it is even realistic to try and build on an API as chaotic as this has been in my research so far. Everywhere you go you see devs wasting 5 days on something that should take an hour.
Edits BELOW !!!!
This has been so confusing I had to just go to trying to make a basic api call and eliminate all of the chaos brought in by these deprecated dependencies.
I have moved to just trying to get data back using post man and this tutorial >> https://medium.com/kinandcartacreated/google-authentication-with-postman-12943b63e76a
I have successfully been able to generate an Auth token using ONLY an OAuth2.0 Credential that is of TYPE 'Web Application'
However when trying to hit this endpoint....
GET https://admin.googleapis.com/admin/directory/v1/customer/MY-CUSTOMER-ID/devices/mobile?projection=FULL
I get the following error...
I know that in the end I will need to have a service account for this application configured properly, however given the wild goose chase that this has been I have been putting it off to keep the experiment controlled.
I will be working hard on trying to demystify this service account authorization for the next 4 hours atleast...
I had some difficulty getting the "quickstart" going as well.
There are a few things that should be taken into account that, in fact, aren't clearly documented.
After setting up the credentials in the respective page in Google Console as indicated in the documentation, you should download the json file and save it to the same directory as the script.
Take note that the quickstart has its own local server that it starts up when you run it. You can set the port in this line in the script. For example:
creds = flow.run_local_server(port=3000)
Then when you configure your credentials in the project, you would set the redirect URI to http://localhost:3000/
It does require some patience, because as noted, it does sometimes take several hours until the credentials settings in the Console take effect!
https://developers.google.com/sheets/api/quickstart/python
Same as CptCook, in my case the port defined in the quickstart is set to '0', which causes the redirect_uri error.
Removing and using the default resolved the issue.
Literally, I do not know what module is to get values from http, https.
I'm trying to bring tracking numbers from kind of BANC, UPS, FedEx...
My purpose is this reference specific values from other site and bring back to Netsuite.
1 What modules do I use for that?
2 If there is a login session, is it possible to access using suitescript?
your answer will be great help to me.
Accessing that information is usually done via API with credentials rather than a login session. For that you normally use N/https.
I'm writing an app that's supposed to run with MVC5 and using parse as a backend.
I'm using the new Identity feature of the MVC5 to login an user. I also tried to use this solution but I couldn't make it work.
What is happening is that when I login with the user A and then login with the user B in a different session (a incognito windows or a new browser) whenever I try to insert something related with a ParseUser object using the first user that was logged in I get an exception: UserCannotBeAlteredWithoutSessionError.
I'm not sure if I'm doing the implementation in a wrong way, or if it is a limitation of the Parse (I think it was designed to run using one user per device).
If you have a workaround for this situation please help me.
There is a good answer which may help: Parse Database Authorization - Security For User Objects.
So, it's a kind of Parse SDK limitation, when you can work with only one user per device (as ParseUser is cached locally). The only workaround that I can see is to perform SignOut/Login explicitly, when you need to do something from other user's context. There is no way to have two users work simultaneously from the same device.
I've had Windows Authentication setup on an area of our website for some time now, and it has worked flawlessly so far.
Recently, the login prompt stopped appearing and went straight to "Page cannot be displayed" for some reason.
While connected to our network, the page works fine.
Outside our network, users are supposed to receive a login prompt but they now do not, instead receiving the "page cannot be displayed" error.
Why would this suddenly occur, and how is it fixed? I have tried removing the virtual directory and re-adding it but nothing seems to work.
The strange thing is this is only happening in IE - Google Chrome works fine (I receive the login prompt).
Is there a setting or something inside of IIS that disables this login prompt or something? It is strange it is an IE specific issue as well - there were no changes to the state of IE from one day when it was working to the next where it wasn't.
Anyone have ideas on what might be causing this?
Thanks
Oddly enough, I'd wonder why you were getting the login prompt before now.
If you're logged in to Windows and the site you're browsing to uses Windows Auth, IE will automatically try to pass the logged in user's credentials to the site (this all depends on your domain configuration/trust setup...something may have changed with those settings at the domain level that changed the behavior of your IE).
Chrome/Firefox/Safari don't have this functionality, which is why you're still getting a login prompt.
There is a checkbox in internet options->advanced tab to enable/disable Windows Authentication, but you said that there were no changes. Either way it is something to check.
It sounds like you are hitting a security setting in IE.
IE stops windows authentication information from being sent to sites that you do not trust.
You could try adding the site to your list of trusted sites.
You can start by taking a network trace both Internally and Externally, reproduce the issue and see if the request actually reaches the web server. Also, check the IIS logfile for the "Page Cannot Be Displayed" response.
Let me know if that helps or if you have more questions.
Regards,
Vivek.
You need to take a network capture (www.fiddlercap.com) to get any real help with this.
IE supports the "Negotiate" protocol in addition to NTLM; Chrome and other browsers typically only support NTLM.