Hi Mark, Yes the realm="default" parameter is missing from the response when accessing through WebTest. Below is the output :-
DEBUG (httpclient.wire.header) - >> "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98)[\r][\n]" DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.print(String) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[]) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[], int, int) DEBUG (httpclient.wire.header) - >> "Host: localhost:7001[\r][\n]" DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.print(String) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[]) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[], int, int) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.writeLine() DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[]) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.write(byte[], int, int) DEBUG (httpclient.wire.header) - >> "[\r][\n]" DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.flushRequestOutputStream() DEBUG (org.apache.commons.httpclient.HttpMethodBase) - enter HttpMethodBase.readResponse(HttpState, HttpConnection) DEBUG (org.apache.commons.httpclient.HttpMethodBase) - enter HttpMethodBase.readStatusLine(HttpState, HttpConnection) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.readLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (httpclient.wire.header) - << "HTTP/1.1 401 Unauthorized[\r][\n]" DEBUG (org.apache.commons.httpclient.HttpMethodBase) - enter HttpMethodBase.readResponseHeaders(HttpState,HttpConnection) DEBUG (org.apache.commons.httpclient.HttpConnection) - enter HttpConnection.getResponseInputStream() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HeaderParser.parseHeaders(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readLine(InputStream, String) DEBUG (org.apache.commons.httpclient.HttpParser) - enter HttpParser.readRawLine() DEBUG (httpclient.wire.header) - << "Cache-Control: no-cache="set-cookie"[\r][\n]" DEBUG (httpclient.wire.header) - << "Connection: close[\r][\n]" DEBUG (httpclient.wire.header) - << "Date: Thu, 09 Aug 2007 15:41:06 GMT[\r][\n]" DEBUG (httpclient.wire.header) - << "Content-Length: 1518[\r][\n]" DEBUG (httpclient.wire.header) - << "Content-Type: text/html[\r][\n]" DEBUG (httpclient.wire.header) - << "WWW-Authenticate: Negotiate[\r][\n]" DEBUG (httpclient.wire.header) - << "WWW-Authenticate: Basic[\r][\n]" DEBUG (httpclient.wire.header) - << "Set-Cookie: JSESSIONID=wCbhG71S8gvsVcYk6MFLHfqvkX5c20x9nLrLy6KkpvC2zQ2GH4yy!17766311 57; path=/[\r][\n]" DEBUG (httpclient.wire.header) - << "X-Powered-By: Servlet/2.4 JSP/2.0[\r][\n]" DEBUG (org.apache.commons.httpclient.HttpMethodBase) - enter HttpMethodBase.processResponseHeaders(HttpState, HttpConnection) Is this a problem you've encountered previously? Thanks, Ben Message: 3 Date: Wed, 8 Aug 2007 15:11:51 +0100 From: <[EMAIL PROTECTED]> To: <[email protected]> Subject: [Webtest] RE: Basic authentication ([EMAIL PROTECTED]) Reply-To: [email protected] Reply-To: <[EMAIL PROTECTED]> Hi Mark thanks for your response. Yes this was my initial guess at the problem after=20 examining the headers a couple of days ago and seeing only the 'Basic' token and no realm=3D"foo" parameter. So I changed the=20 <login-config> details to contain the default realm definition but=20 unfortunately received exactly the same error. Below is the request/response headers I saved using livehttpheader :- http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui/ workflow/pageflows/begin.do GET /ros.bops.presentation.ui/ros/bops/presentation/ui/workflow/pageflows/be gin.do HTTP/1.1 Host: localhost:7001 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=3D0.9,text/pl a= i n;q=3D0.8,image/png,*/*;q=3D0.5 Accept-Language: en-gb,en;q=3D0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=3D0.7,*;q=3D0.7 Keep-Alive: 300 Connection: keep-alive Cookie: JSESSIONID=3DdQpdG5KD1g22ytYt13tNq31fhWy8fTWrbTtpw3v5Tr2nCx1m4p4q!139797 4= 5 74; ADMINCONSOLESESSION=3DqjtwG5HZnyvY1w86JsPqxLJTxwpH8QztTG6FsmkKSNLHpRPSnj 4= 6 !-442889654 HTTP/1.x 401 Unauthorized Connection: close Date: Wed, 08 Aug 2007 13:53:54 GMT Content-Length: 1518 Content-Type: text/html WWW-Authenticate: Basic realm=3D"default" X-Powered-By: Servlet/2.4 JSP/2.0 ---------------------------------------------------------- Cheers, Ben -- __--__-- Message: 5 Date: Tue, 07 Aug 2007 13:07:18 +0200 From: Marc Guillemot <[EMAIL PROTECTED]> To: [email protected] Subject: Re: [Webtest] Basic authentication Reply-To: [email protected] Reply-To: Marc Guillemot <[EMAIL PROTECTED]> Hi Ben, looking quickly at the source of the AuthChallengeParser, it seems that it await more information in the challenge string than only "Basic". Does it occurs each time? I could imagine that the server sent a bad response and that WebTest directly failed where "normal" browsers retry. Can you sniff the Http traffic in a normal browser (for instance using the liveHttpHeader add-on for Firefox) to "see" what happens there? Marc. --=20 Blog: http://mguillem.wordpress.com [EMAIL PROTECTED] wrote: > I've been tasked with choosing an automated web testng tool for our >application and had WebTest recommended to me but haven't yet had any >success as we're using basic http authentication for logging in. > I have set up the correct username and password as attributes of the >invoke step but receive a MalformedChallengeException. :- =20 > INFO (com.canoo.webtest.ant.WebtestTask) - Starting webtest "myTest" > (D:\webtest\simple-test.xml:17: ) > INFO (com.canoo.webtest.ant.WebtestTask) - Canoo Webtest: R_1594. > INFO (com.canoo.webtest.engine.Configuration) - Creating result > directory: D:\webtest\webtest-results > INFO (com.canoo.webtest.engine.Configuration) - Surfing with browser >Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98) > INFO (com.canoo.webtest.steps.Step) - >>>> Start Step: steps (1/2) > INFO (com.canoo.webtest.steps.Step) - >>>> Start Step: invoke "Get the > page" (1/2) > INFO (com.canoo.webtest.steps.request.AbstractTargetAction) - -> > gotoTarget by URL: > _http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui /workflow/pageflows/begin.do_ >=20 > INFO (com.canoo.webtest.steps.request.TargetHelper) - getting response > for url: > _http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/ui /workflow/pageflows/begin.do_ >=20 > INFO (com.canoo.webtest.steps.request.TargetHelper) - Setting password > for username: Bops_admin > INFO (org.apache.commons.httpclient.auth.AuthChallengeProcessor) - > basic authentication scheme selected ERROR > (org.apache.commons.httpclient.HttpMethodDirector) - Invalid > challenge: Basic > org.apache.commons.httpclient.auth.MalformedChallengeException: Invalid > challenge: Basic > at > org.apache.commons.httpclient.auth.AuthChallengeParser.extractParams(Aut hChallengeParser.java:97) >=20 > at > org.apache.commons.httpclient.auth.RFC2617Scheme.processChallenge(RFC261 7Scheme.java:93) >=20 > at > org.apache.commons.httpclient.auth.BasicScheme.processChallenge(BasicSch eme.java:111) >=20 > at > org.apache.commons.httpclient.auth.AuthChallengeProcessor.processChallen ge(AuthChallengeProcessor.java:161) >=20 > at > org.apache.commons.httpclient.HttpMethodDirector.processWWWAuthChallenge (HttpMethodDirector.java:689) >=20 > at > org.apache.commons.httpclient.HttpMethodDirector.processAuthenticationRe sponse(HttpMethodDirector.java:663) >=20 > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMetho dDirector.java:192) >=20 > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:3 96) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:3 46) > at > com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConne ction.java:126) >=20 > at > com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection (WebClient.java:1424) >=20 > at > com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1 381) >=20 > at > com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:332) > at > com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:399) > at > com.canoo.webtest.steps.request.TargetHelper.getResponse(TargetHelper.ja va:69) >=20 > at > com.canoo.webtest.steps.request.AbstractTargetAction.getResponse(Abstrac tTargetAction.java:68) >=20 > at > com.canoo.webtest.steps.request.InvokePage.findTarget(InvokePage.java:13 4) > at > com.canoo.webtest.steps.request.AbstractTargetAction$1.call(AbstractTarg etAction.java:108) >=20 > at > com.canoo.webtest.steps.request.TargetHelper.protectedGoto(TargetHelper. java:88) >=20 > at > com.canoo.webtest.steps.request.AbstractTargetAction.gotoTarget(Abstract TargetAction.java:106) >=20 > at > com.canoo.webtest.steps.request.AbstractTargetAction.doExecute(AbstractT argetAction.java:78) >=20 > at com.canoo.webtest.steps.Step.execute(Step.java:104) > at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275) > at org.apache.tools.ant.Task.perform(Task.java:364) > at > com.canoo.webtest.ant.TestStepSequence.executeSteps(TestStepSequence.jav a:43) >=20 > at > com.canoo.webtest.ant.TestStepSequence.doExecute(TestStepSequence.java:3 1) > at com.canoo.webtest.steps.Step.execute(Step.java:104) > at org.apache.tools.ant.Task.perform(Task.java:364) > at com.canoo.webtest.ant.WebtestTask.execute(WebtestTask.java:164) > at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275) > at org.apache.tools.ant.Task.perform(Task.java:364) > at org.apache.tools.ant.Target.execute(Target.java:341) > at org.apache.tools.ant.Target.performTasks(Target.java:369) > at > org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216) > at org.apache.tools.ant.Project.executeTarget(Project.java:1185) > at > org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecut or.java:40) >=20 > at org.apache.tools.ant.Project.executeTargets(Project.java:1068) > at org.apache.tools.ant.Main.runBuild(Main.java:668) > at org.apache.tools.ant.Main.startAnt(Main.java:187) > at org.apache.tools.ant.launch.Launcher.run(Launcher.java:246) > at org.apache.tools.ant.launch.Launcher.main(Launcher.java:67) > INFO (com.gargoylesoftware.htmlunit.WebClient) - statusCode=3D[401] > contentType=3D[text/html] INFO > (com.gargoylesoftware.htmlunit.WebClient) - <!DOCTYPE HTML PUBLIC > "-//W3C//DTD HTML 4.0 Draft//EN"> > <HTML> > <HEAD> > <TITLE>Error 401--Unauthorized</TITLE> <META NAME=3D"GENERATOR" > CONTENT=3D"WebLogic Server"> </HEAD> <BODY bgcolor=3D"white"> <FONT > FACE=3DHelvetica><BR CLEAR=3Dall> <TABLE border=3D0 > cellspacing=3D5><TR><TD><BR CLEAR=3Dall> <FONT FACE=3D"Helvetica" > COLOR=3D"black" SIZE=3D"3"><H2>Error 401--Unauthorized</H2> > </FONT></TD></TR> </TABLE> <TABLE border=3D0 width=3D100% > cellpadding=3D10><TR><TD VALIGN=3Dtop WIDTH=3D100% > BGCOLOR=3Dwhite><FONT FACE=3D"Courier New"><FONT FACE=3D"Helvetica" > SIZE=3D"3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- >HTTP/1.1</i>:</H3> =20 </FONT><FONT FACE=3D"Helvetica" >SIZE=3D"3"><H4>10.4.2 401 Unauthorized</H4> > </FONT><P><FONT FACE=3D"Courier New">The request requires user > authentication. The response MUST include a WWW-Authenticate header > field (section 14.46) containing a challenge applicable to the requested > resource. The client MAY repeat the request with a suitable > Authorization header field (section 14.8). If the request already > included Authorization credentials, then the 401 response indicates that > authorization has been refused for those credentials. If the 401 > response contains the same challenge as the prior response, and the user > agent has already attempted authentication at least once, then the user > SHOULD be presented the entity that was given in the response, since >that entity MAY include relevant diagnostic information. HTTP access >authentication is explained in section 11.</FONT></P> =20 ></FONT></TD></TR> </TABLE> =20 </BODY> </HTML> =20 =20 I've used a >http header analyser to confirm the server response contains > the challenge header in the correct format. > Just wanted to check if anyone else had experienced a similar problem or > if there is another means for submitting the username & password. >Thanks, =20 Ben Nisbet =20 --__--__-- Message: 4 Date: Wed, 08 Aug 2007 16:33:46 +0200 From: Marc Guillemot <[EMAIL PROTECTED]> To: [email protected] Subject: Re: [Webtest] RE: Basic authentication ([EMAIL PROTECTED]) Reply-To: [email protected] Reply-To: Marc Guillemot <[EMAIL PROTECTED]> Hi Ben, with FF you have the header WWW-Authenticate: Basic realm="default" which seems correct. Can you look at the headers received using WebTest? (Look at #WebTest#/lib/log4j.properties to configure the log). Marc. [EMAIL PROTECTED] wrote: > > Hi Mark thanks for your response. > > Yes this was my initial guess at the problem after examining the > headers a couple of days ago and seeing only the 'Basic' token and no > realm="foo" parameter. So I changed the <login-config> details to > contain the default realm definition but unfortunately received > exactly the same error. Below is the request/response headers I saved > using livehttpheader :- > > http://localhost:7001/ros.bops.presentation.ui/ros/bops/presentation/u > i/ > workflow/pageflows/begin.do > > GET > /ros.bops.presentation.ui/ros/bops/presentation/ui/workflow/pageflows/ > be > gin.do HTTP/1.1 > Host: localhost:7001 > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; > rv:1.8.1.3) > Gecko/20070309 Firefox/2.0.0.3 > Accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/pl > ai > n;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-gb,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > Cookie: > JSESSIONID=dQpdG5KD1g22ytYt13tNq31fhWy8fTWrbTtpw3v5Tr2nCx1m4p4q!139797 > 45 > 74; > ADMINCONSOLESESSION=qjtwG5HZnyvY1w86JsPqxLJTxwpH8QztTG6FsmkKSNLHpRPSnj > 46 > !-442889654 > > HTTP/1.x 401 Unauthorized > Connection: close > Date: Wed, 08 Aug 2007 13:53:54 GMT > Content-Length: 1518 > Content-Type: text/html > WWW-Authenticate: Basic realm="default" > X-Powered-By: Servlet/2.4 JSP/2.0 > ---------------------------------------------------------- > > Cheers, > > Ben > > > > -- __--__-- > > Message: 5 > Date: Tue, 07 Aug 2007 13:07:18 +0200 > From: Marc Guillemot <[EMAIL PROTECTED]> > To: [email protected] > Subject: Re: [Webtest] Basic authentication > Reply-To: [email protected] > Reply-To: Marc Guillemot <[EMAIL PROTECTED]> > > Hi Ben, > > looking quickly at the source of the AuthChallengeParser, it seems > that it await more information in the challenge string than only "Basic". > > Does it occurs each time? I could imagine that the server sent a bad > response and that WebTest directly failed where "normal" browsers retry. > > Can you sniff the Http traffic in a normal browser (for instance using > the liveHttpHeader add-on for Firefox) to "see" what happens there? > > Marc. _______________________________________________ WebTest mailing list [email protected] http://lists.canoo.com/mailman/listinfo/webtest
