Hi Mark thanks for your response.
Yes this was my initial guess at the problem after examining the headers a couple of days ago and seeing only the 'Basic' token and no realm="foo" parameter. So I changed the <login-config> details to contain the default realm definition but unfortunately received exactly the same error. Below is the request/response headers I saved using livehttpheader :- http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui/ workflow/pageflows/begin.do GET /ros.bops.presentation.ui/ros/bops/presentation/ui/workflow/pageflows/be gin.do HTTP/1.1 Host: localhost:7001 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plai n;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: JSESSIONID=dQpdG5KD1g22ytYt13tNq31fhWy8fTWrbTtpw3v5Tr2nCx1m4p4q!13979745 74; ADMINCONSOLESESSION=qjtwG5HZnyvY1w86JsPqxLJTxwpH8QztTG6FsmkKSNLHpRPSnj46 !-442889654 HTTP/1.x 401 Unauthorized Connection: close Date: Wed, 08 Aug 2007 13:53:54 GMT Content-Length: 1518 Content-Type: text/html WWW-Authenticate: Basic realm="default" X-Powered-By: Servlet/2.4 JSP/2.0 ---------------------------------------------------------- Cheers, Ben --__--__-- Message: 5 Date: Tue, 07 Aug 2007 13:07:18 +0200 From: Marc Guillemot <[EMAIL PROTECTED]> To: [email protected] Subject: Re: [Webtest] Basic authentication Reply-To: [email protected] Reply-To: Marc Guillemot <[EMAIL PROTECTED]> Hi Ben, looking quickly at the source of the AuthChallengeParser, it seems that it await more information in the challenge string than only "Basic". Does it occurs each time? I could imagine that the server sent a bad response and that WebTest directly failed where "normal" browsers retry. Can you sniff the Http traffic in a normal browser (for instance using the liveHttpHeader add-on for Firefox) to "see" what happens there? Marc. -- Blog: http://mguillem.wordpress.com [EMAIL PROTECTED] wrote: > I've been tasked with choosing an automated web testng tool for our > application and had WebTest > recommended to me but haven't yet had any success as we're using basic > http authentication for logging in. > I have set up the correct username and password as attributes of the > invoke step but receive a MalformedChallengeException. :- > > INFO (com.canoo.webtest.ant.WebtestTask) - Starting webtest "myTest" > (D:\webtest\simple-test.xml:17: ) > INFO (com.canoo.webtest.ant.WebtestTask) - Canoo Webtest: R_1594. > INFO (com.canoo.webtest.engine.Configuration) - Creating result > directory: D:\webtest\webtest-results > INFO (com.canoo.webtest.engine.Configuration) - Surfing with browser > Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98) > INFO (com.canoo.webtest.steps.Step) - >>>> Start Step: steps (1/2) > INFO (com.canoo.webtest.steps.Step) - >>>> Start Step: invoke "Get the > page" (1/2) > INFO (com.canoo.webtest.steps.request.AbstractTargetAction) - -> > gotoTarget by URL: > _http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui /workflow/pageflows/begin.do_ > > INFO (com.canoo.webtest.steps.request.TargetHelper) - getting response > for url: > _http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui /workflow/pageflows/begin.do_ > > INFO (com.canoo.webtest.steps.request.TargetHelper) - Setting password > for username: Bops_admin > INFO (org.apache.commons.httpclient.auth.AuthChallengeProcessor) - > basic authentication scheme selected > ERROR (org.apache.commons.httpclient.HttpMethodDirector) - Invalid > challenge: Basic > org.apache.commons.httpclient.auth.MalformedChallengeException: Invalid > challenge: Basic > at > org.apache.commons.httpclient.auth.AuthChallengeParser.extractParams(Aut hChallengeParser.java:97) > > at > org.apache.commons.httpclient.auth.RFC2617Scheme.processChallenge(RFC261 7Scheme.java:93) > > at > org.apache.commons.httpclient.auth.BasicScheme.processChallenge(BasicSch eme.java:111) > > at > org.apache.commons.httpclient.auth.AuthChallengeProcessor.processChallen ge(AuthChallengeProcessor.java:161) > > at > org.apache.commons.httpclient.HttpMethodDirector.processWWWAuthChallenge (HttpMethodDirector.java:689) > > at > org.apache.commons.httpclient.HttpMethodDirector.processAuthenticationRe sponse(HttpMethodDirector.java:663) > > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMetho dDirector.java:192) > > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:3 96) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:3 46) > at > com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConne ction.java:126) > > at > com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection (WebClient.java:1424) > > at > com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1 381) > > at > com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:332) > at > com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:399) > at > com.canoo.webtest.steps.request.TargetHelper.getResponse(TargetHelper.ja va:69) > > at > com.canoo.webtest.steps.request.AbstractTargetAction.getResponse(Abstrac tTargetAction.java:68) > > at > com.canoo.webtest.steps.request.InvokePage.findTarget(InvokePage.java:13 4) > at > com.canoo.webtest.steps.request.AbstractTargetAction$1.call(AbstractTarg etAction.java:108) > > at > com.canoo.webtest.steps.request.TargetHelper.protectedGoto(TargetHelper. java:88) > > at > com.canoo.webtest.steps.request.AbstractTargetAction.gotoTarget(Abstract TargetAction.java:106) > > at > com.canoo.webtest.steps.request.AbstractTargetAction.doExecute(AbstractT argetAction.java:78) > > at com.canoo.webtest.steps.Step.execute(Step.java:104) > at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275) > at org.apache.tools.ant.Task.perform(Task.java:364) > at > com.canoo.webtest.ant.TestStepSequence.executeSteps(TestStepSequence.jav a:43) > > at > com.canoo.webtest.ant.TestStepSequence.doExecute(TestStepSequence.java:3 1) > at com.canoo.webtest.steps.Step.execute(Step.java:104) > at org.apache.tools.ant.Task.perform(Task.java:364) > at com.canoo.webtest.ant.WebtestTask.execute(WebtestTask.java:164) > at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275) > at org.apache.tools.ant.Task.perform(Task.java:364) > at org.apache.tools.ant.Target.execute(Target.java:341) > at org.apache.tools.ant.Target.performTasks(Target.java:369) > at > org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216) > at org.apache.tools.ant.Project.executeTarget(Project.java:1185) > at > org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecut or.java:40) > > at org.apache.tools.ant.Project.executeTargets(Project.java:1068) > at org.apache.tools.ant.Main.runBuild(Main.java:668) > at org.apache.tools.ant.Main.startAnt(Main.java:187) > at org.apache.tools.ant.launch.Launcher.run(Launcher.java:246) > at org.apache.tools.ant.launch.Launcher.main(Launcher.java:67) > INFO (com.gargoylesoftware.htmlunit.WebClient) - statusCode=[401] > contentType=[text/html] > INFO (com.gargoylesoftware.htmlunit.WebClient) - <!DOCTYPE HTML PUBLIC > "-//W3C//DTD HTML 4.0 Draft//EN"> > <HTML> > <HEAD> > <TITLE>Error 401--Unauthorized</TITLE> > <META NAME="GENERATOR" CONTENT="WebLogic Server"> > </HEAD> > <BODY bgcolor="white"> > <FONT FACE=Helvetica><BR CLEAR=all> > <TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all> > <FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error > 401--Unauthorized</H2> > </FONT></TD></TR> > </TABLE> > <TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% > BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" > SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- > HTTP/1.1</i>:</H3> > > </FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.4.2 401 Unauthorized</H4> > </FONT><P><FONT FACE="Courier New">The request requires user > authentication. The response MUST include a WWW-Authenticate header > field (section 14.46) containing a challenge applicable to the requested > resource. The client MAY repeat the request with a suitable > Authorization header field (section 14.8). If the request already > included Authorization credentials, then the 401 response indicates that > authorization has been refused for those credentials. If the 401 > response contains the same challenge as the prior response, and the user > agent has already attempted authentication at least once, then the user > SHOULD be presented the entity that was given in the response, since > that entity MAY include relevant diagnostic information. HTTP access > authentication is explained in section 11.</FONT></P> > > </FONT></TD></TR> > </TABLE> > > </BODY> > </HTML> > > > I've used a http header analyser to confirm the server response contains > the challenge header in the correct format. > Just wanted to check if anyone else had experienced a similar problem or > if there is another means for submitting the > username & password. Thanks, > > Ben Nisbet > _______________________________________________ WebTest mailing list [email protected] http://lists.canoo.com/mailman/listinfo/webtest
