tag:blogger.com,1999:blog-6005334108330583722.post2439135014861025189..comments2011-10-24T10:25:08.762-04:00Dawnhttp://www.blogger.com/profile/00149191486108175617noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-6005334108330583722.post-17981416384532261502011-10-24T10:25:08.762-04:002011-10-24T10:25:08.762-04:00Hmm... I&#39;m not sure about this, what about when your testing application is not on your own machine but on some remote server...how to locate this authentication window or to skip it, but if you skip this authentication window, in this case we have big security issue. Aren&#39;t we?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-33604322381346761492011-10-14T04:08:57.360-04:002011-10-14T04:08:57.360-04:00Hi Dawn,<br />1000 thanks for this great post, you save my life ... well, at least my week ;-) - a comment to share with others: I follow your instructions and at the end, I copy-paste the generated firefox profile to my \Lib\site-packages\SeleniumLibrary\firefoxprofile folder that is used when I run Robotframework test suites.CreativIThttp://www.blogger.com/profile/17446724281926994108noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-47101023123010585772011-03-16T10:09:44.735-04:002011-03-16T10:09:44.735-04:00Hi Anoop-<br /><br />If you do not create a custom FireFox profile, then the server that is asking for authentication will nto be in the &quot;trusted sites&quot; list and it will not work. The section where you go into the about:config and search for ntlm is effectively considering the server under test a &quot;trusted site&quot; for that profile (which stops the authentication dialog from appearing).<br /><br />I am not sure which part you think is a security vulnerability, but adding this web server to a &quot;trusted sites&quot; list is something you have to do manually, and presumably you would only do that if you are inside a protected network, for example.Dawnhttp://www.blogger.com/profile/00149191486108175617noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-14874085320650222222011-03-16T06:30:20.993-04:002011-03-16T06:30:20.993-04:00Hi Dawn, <br />I tried your steps without creating a new firefox profile to know whether its works fine. Unfortunately it didn&#39;t. Is it works only in customized firefox profile?<br /><br />BTW.. It seems to be security vulnerability from the FireFox side. Is it?Anoophttp://www.blogger.com/profile/14741031668068508211noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-81336439260154574622010-05-27T10:22:26.503-04:002010-05-27T10:22:26.503-04:00Thanks a ton Dawn!!<br />It worked for me!!!!Amol Dakhanehttp://www.blogger.com/profile/02905946493606993997noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-82676144166496543252010-05-07T19:42:44.374-04:002010-05-07T19:42:44.374-04:00Hi Menty666 and Mari--<br /><br />To the best of my knowledge, if you enter the trusted uri&#39;s, there is nowhere to pt credentials in. My guess at this point is that it will use the credentials of the logged in user when opening the browser window.<br /><br />Mari, I am glad to hear that something worked for you.Dawnhttp://www.blogger.com/profile/00149191486108175617noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-52092488701659800742010-05-07T16:43:33.978-04:002010-05-07T16:43:33.978-04:00Well, it seems that with that method, the http://user:password@server:port/something/... method works!<br /><br />Thanks a lot, everything works just fine here for me now!Marihttp://www.blogger.com/profile/04897909364478914878noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-20502942555475358402010-05-07T16:28:12.401-04:002010-05-07T16:28:12.401-04:00I&#39;d like to know the same as menty666. Where do you put the credentials to authenticate?<br /><br />Dawn, your post is pretty interesting considering I have the same issue here.Marihttp://www.blogger.com/profile/04897909364478914878noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-36094877884704093792010-04-16T11:09:17.841-04:002010-04-16T11:09:17.841-04:00out of curiosity, where do you then put in the credentials? It seems the profile change says &#39;don&#39;t ask for this URI&#39;, but the server still needs to know who you are, right?menty666http://www.blogger.com/profile/12458328701069455800noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-30916449019166428912010-03-16T21:05:18.231-04:002010-03-16T21:05:18.231-04:00Hi Jussi--<br /><br />I *think* that if I fought hard enough, I could *probably* get it arranged to have it turned off at my current place. However, after reading about other people struggling with this issue, I felt it was worth treating as if it&#39;s not possible :)<br /><br />I&#39;d love to hear more about how these auths work. Are there different types of Windows Integrated auth -- ones that use AD, and ones that don&#39;t? How do they work? Can we work around them as test automators?Dawnhttp://www.blogger.com/profile/00149191486108175617noreply@blogger.comtag:blogger.com,1999:blog-6005334108330583722.post-51738242427941819522010-03-16T17:43:57.412-04:002010-03-16T17:43:57.412-04:00Hmm, to me that authentication method just doesn&#39;t sound testable. I might raise an issue (that might get outright rejected) that a more testable auth method would be preferred. <br /><br />Of course, if the auth relies on Active Directory then you are just out of lck ;-)Jussi Mononenhttp://www.jussimononen.infonoreply@blogger.com