Username and Password not being entered for Authentication popup using ntlm plugin

[delwinh13]

I have installed and configured the cypress-ntlm-auth plugin in order to enter the Username and Password for a Sign In popup on a test site. I was initially getting the 401 Unauthorised Error but no longer get this Error and the Sign In popup is is visible when running npx cypress-ntlm open and then running test in Cypress UI.

[bjowes]

Hi @delwinh13 This is odd. Which version of Cypress (and Chrome) are you using? Cypress has always configured Chrome to not perform any authorization, since this breaks automated testing. But maybe this has changed.

[delwinh13]

Hi @bjowes Thank you for your reply. Cypress package version: 9.1.0 Cypress binary version: 9.1.0 Electron version: 15.2.0 Bundled Node version: 16.5.0

Chrome is up to date Version 96.0.4664.45 (Official Build) (64-bit)

VS Code Version: 1.62.3 (user setup) Commit: ccbaa2d27e38e5afa3e5c21c1c7bef4657064247 Date: 2021-11-17T08:11:14.551Z Electron: 13.5.2 Chrome: 91.0.4472.164 Node.js: 14.16.0 V8: 9.1.269.39-electron.0 OS: Windows_NT x64 10.0.19041

[delwinh13]

The test site is a client hosted site and we provide the application within the iframe of the web page and the 'client' introduced the Authentication popup which I am now trying to enter the provide username and password credentials before the test site will load?

[bjowes]

I see in your test code that you are only registering a single domain for NTLM. Could it be that the page you are accessing are loading resources from another domain? It is not uncommon that a Web API is hosted on another domain. Check the Network tab of the developer tools to see if more domains may need to be added for NTLM. Still, Cypress should block this behaviour and only return the 401, but maybe your usage of iframe circumvents this.

[delwinh13]

Hi @bjowes I have opened the Network Tab when opening the Test Site and entering the Username and Password manually and see the attached?

Would the below be correct for the cy.ntlm then?

[delwinh13]

Also when trying to run npx cypress-ntlm open in VS Code I receive: 1129/154015.320:ERROR:registration_protocol_win.cc(102)] CreateFile: The system cannot find the file specified. (0x2) [1129/154214.992:ERROR:registration_protocol_win.cc(102)] CreateFile: The system cannot find the file specified. (0x2) [23472:1129/154215.072:ERROR:gpu_init.cc(453)] Passthrough is not supported, GL is disabled, ANGLE is

And the Cypress UI does not open, is this a known issue?

[delwinh13]

@bjowes Could gong-eb.qubit.com be the domain I would need to enter? cy.ntlm(["premierbet-cm.btobet.net"], Cypress.env("username"), Cypress.env("password"), "gong-eb.qubit.com");

[delwinh13]

Does not want to find the password?

[bjowes]

Yes, at least gong-eb.qubit.com needs to be added, other requests requiring authentication may come after it. It seems you are confusing hostname and domain, which is understandable since those terms are often synonyms. In the cy.ntlm command however, domain refers to the windows domain of the user. This is not required, it will default to the windwos domain of the target server which usually works unless you have multiple domains.

Additional hostnames should be added to the first argument, like so: cy.nltm(['host1.com', 'host2.com'], user, pass)

[delwinh13]

@bjowes Thank you for your assistance so far. I have added gong-eb.qubit.com to the first argument without any success? Would I still need to keep "{ failOnStatusCode: false }"?

cy.ntlm(['premierbet-cm.btobet.net','gong-eb.qubit.com'], "test44", "test444");
    cy.visit('/', { failOnStatusCode: false })

[bjowes]

Running from VS Code: I am not aware of any issues using cypress from VS Code, but I haven't tried it myself. You can check the issues at github for cypress.

Password not showing: This is by design, the plugin does not log the password. This does not mean that no password is set.

failOnStatusCode: false should only be used for negative testing, if you expect the site navigation to fail. This setting does not affect the authentication performed by the plugin, and unless you are doing negative testing you should not set that option.

Can you confirm that your site uses windows authentication? The hostnames makes me think this may not be the case - most internet facing sites do not use windows authentication. One way to make sure is to use the network tab and inspect the headers of the response during the login. Just click cancel in the login dialog and inspect the headers of the 401 response. The header "www-authenticate" will tell you which protocols are supported. For this plugin to work, it should be NTLM (or Negotiate, but that may not work if the server is configured to only allow Kerberos).

You can also enable debug logging to see if the plugin attempts to authenticate.

[bjowes]

Closing due to lack of response.