Basic Authentication and Selenium

Quick one today just to get the ball rolling – but not an unimportant one as I see this get asked a fair bit.

Let’s say you’re working on a web app that is secured with basic authentication, not that there’s anything wrong that with. Let’s say you’re also working with developers who are clearly happy enough to let the browser handle the authentication of the session. How do you get over that hurdle in your selenium script?

Selenium can, of course, interact with javascript alerts but there is absolutely no way to interact with a native browser pop-up, so you won’t be able to detect any kind of element to drive it via your script. You could use a funky proxy server in your script to inject headers to handle the basic authentication but that sounds quite bloated to just be able to log into a damned page.

The alternative? Stick the credentials into the overall URI.

(As an aside before  I jump into any code examples, most of the will be done with NodeJS because that’s just how I roll.)

    driver = new webdriver.Builder().withCapabilities(capabilities).build();
    driver.get('http://username:password@hostname.com:8080');

So, by simply including the username and password as a preface to the actual domain name, you can instruct the browser to use those credentials and in theory avoid the browser waiting for user input.

There are a few caveats with this approach, mostly I can’t guarantee it’d actually work on every single browser on every single OS combination. As of writing, this approach did work on the latest Firefox, Chrome and IE on OSX Yosemite and Windows 8.1. As for mobiles, I haven’t tried that yet.

Secondly, you should never be sending any form of credentials in a URL (or indeed in headers / query strings as you may do with basic auth anyway) over a non-HTTPS connection. But you knew that.

Of course a better approach is to tell your engineering team to not be lazy and just build a fecking log-in form, even if you are going to use basic authentication. Not that there’s anything wrong with that.

Leave a reply:

Your email address will not be published.

Site Footer

Sliding Sidebar

About Me

About Me

Hi. I'm Neill. I'm a software tester from Belfast. You could say a Belfast Tester. I've worked in some companies and all my thoughts are my own. Not the man's. I can think for myself. Honestly.

Latest Posts

Social Profiles