Automatic Firefox authentication when using Selenium-WebDriver with AutoAuth

I came across a particularly challenging problem today automating a web app for a client that runs behind a corporate proxy on a different Windows domain. The corporate proxy used NTLM authentication, but since I was on a different domain, I couldn’t get Firefox to send this information automatically so an authentication dialog would always appear that looked similar to this (IE worked fine):

Normally with browser authentication it is fairly straightforward to embed the username and password into the URL and Firefox will pass this to the web application without any problems (it’ll even ignore the confirmation normally displayed to the user), but in this case it didn’t work as it was the proxy that was requesting the information, not the application.

require 'watir-webdriver'
b = Watir::Browser.new :firefox
b.goto 'http://admin:password@192.168.0.1'

I manually could get Firefox to store the credentials, but every time the WebDriver tests would run, this darn Authentication Required’ dialog would appear (without credentials if using the standard new WebDriver profile for each test run). I tried setting all sorts of Firefox about:config settings to do with NTLM but nothing would work. After lots of trial and error, and finding nothing useful on the Internet about this issue, a colleague pointed out a Firefox add-on called AutoAuth that automatically submits these dialogs using stored Firefox credentials. Voila!

Example using Watir-WebDriver (the quick way)

The easiest way is to the install the AutoAuth add-on on your default Firefox profile (the one that Firefox uses when launched manually), and store the credentials needed in the default Firefox password manager. All you then need to do is tell Watir-WebDriver to use the default profile:

require 'watir-webdriver'
b = Watir::Browser.new :firefox, :profile => 'default'
b.goto 'http://192.168.0.1'

The issue with the above code is that it’s not repeatable across machines, as the machine’s default profile must have AutoAuth installed, and the username and password in the password manager.

Example using Watir-WebDriver (the most repeatable way)

To make this more repeatable, first you need to create a Firefox profile by following the instructions here (we’ll call it WatirWebDriver).

Manually launch this profile and visit the site you need to authenticate to, enter the username and password and make sure you save the credentials in Firefox when prompted.

The script is then pretty simple: create a profile as a copy of the one you made, add the AutoAuth extension (download it and place the xpi file in your project directory), and visit the site:

profile = Selenium::WebDriver::Firefox::Profile.from_name 'WatirWebDriver'
profile.add_extension 'autoauth-2.1-fx+fn.xpi'
b = Watir::Browser.new :firefox, :profile => profile
b.goto 'http://192.168.0.1'

This script should visit the site and AutoAuth should kick in and automatically submit that pesky ‘Authentication Required’ dialog: take that!

Summary

Whilst this NTLM proxy authentication issue was a bit of an issue to begin with, we found a reasonable way to work around it. I don’t really like the dependency on an existing Firefox profile with the proxy credentials, but until I work out how to store credentials in a Firefox profile I create at runtime using Selenium (which I don’t believe is possible), I think that it’s necessary.

I’ve also updated the Watir-WebDriver Basic Browser Authentication page.

8 thoughts on “Automatic Firefox authentication when using Selenium-WebDriver with AutoAuth

  1. No doubt this post is a great source of information on difficult subject. Here is my contribution to that topic.

    It looks like this trick was tested on Windows platform against proxy with basic authentication. My experience with Firefox 15.0.1 running on Ubuntu to pass thru firewall with NTLM authentication was not successful.Both adding AutoAuth extension and user credentials stored in profile steps were completed. However
    1) running a script from this post still gets 401 page from proxy with “Access Denied (authentication_failed)”.
    2) starting FF manually in Gnome makes no problem for user to visit sites with ‘Authentication Required’ dialog being automatically filled by AutoAuth.

    Have anyone tried this workaround?

    • Another thing to try would be to use the CNTLM proxy software which acts a local proxy and pipes your credentials forward. Seems to work well.

  2. There is a one more simple and quickest way, If it helps then great!

    If you are running server from cmd then
    1. Start cmd with admin rights (run as administrator) so server is also started with admin rights,
    2. Now run application, It may ask for username and password again but don’t worry – just fill username and password or click cancel (in case of site running on localhost), and it will work like. (now it works as if it is passing username and password to browser or application)

    I just had a intuition and it worked like charm:-)

Comments are closed.