Cypress is unable to handle Authentication Scheme - Challenge = "Negotiate, NTLM"

[UTO-sst]

The application I am trying to login using Cypress has both login options - Negotiate and NTLM i.e. Challenge = "Negotiate, NTLM" and cypress for some reason is unable to handle this and throws net-error = 339 [ERR_Unsupported Auth Scheme] instead of providing me a login popup. When I launch the application manually via any browser then it works just fine so I compared the Netlogs in both cases [browser launched by cypress and browser launched by me manually] using chrome's netlogviewer and found the issue with HTTP_AUTH_CONTROLLER. I asked my application developer to change the method to NTLM temporarily and it worked fine with Challenge = "NTLM". However due to business requirements the application requires to have Challenge = "Negotiate, NTLM" and he asked me to report this issue to Automation Tool vendor and get it sorted by them. This is netlog i obtained from chrome in both the cases.

[bjowes]

Hi @UTO-sst, Are you using this plugin (cypress-ntlm-auth) or just plain Cypress? Cypress does not support Windows Authentication. No login popup will be shown since that would not be feasible in an automated scenario. It may be the case that Cypress rejects this combination of challenge protocols, I have not tested that. You can report that issue to them directly, but I don't expect them to prioritise it. However, this plugin was written to add Windows Authentication support on top of Cypress, and it does indeed support the scenario you are describing. If you aren't using it already, please give it a try and see if it helps.

[UTO-sst]

@bjowes I have tried with both cypress-ntlm-auth as well as just plain Cypress but result is same in both cases. I definately want to report the bug to them but how do I do it can you provide me there link where I can log this issue ? Thanks

[bjowes]

If you get the same error while using the plugin, there is likely something missing in your setup of the plugin. The header that makes cypress bounce should not reach cypress when using the plugin. Could you provide more details about your setup and config of the plugin?

To report the issue to Cypress, use their own github page: GitHub - cypress-io/cypress: Fast, easy and reliable testing for anything that runs in a browser. https://github.com/cypress-io/cypress

On Wed, Sep 27, 2023 at 3:15 PM UTO-sst @.***> wrote:

@bjowes https://github.com/bjowes I have tried with both cypress-ntlm-auth as well as just plain Cypress but result is same in both cases. I definately want to report the bug to them but how do I do it can you provide me there link where I can log this issue ? Thanks

— Reply to this email directly, view it on GitHub https://github.com/bjowes/cypress-ntlm-auth/issues/242#issuecomment-1737378264, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCHR3HS6UFGQPSDXRDB4H3X4QRG5ANCNFSM6AAAAAA5HFGFCY . You are receiving this because you were mentioned.Message ID: @.***>

[UTO-sst]

@bjowes I had referred - https://www.npmjs.com/package/cypress-ntlm-auth

I used import "cypress-ntlm-auth/dist/commands"; to import the plugin into my project after I had installed it using npm install --save-dev cypress-ntlm-auth. After that I use cy.ntlm(["app-tst.abcd.com"], "UTO@abcd.com", "Asdf#11:11"); in my test script My username is : UTO@abcd.com My Password is : Asdf#11:11 Then I launch the tool by using npx cypress-ntlm open Cypress gets launched in headed mode and I run the script but instead of logging me in, the browser shows me the login pop up for entering username/pass [just as it would do so if I launch the url manually] Where exactly am I going wrong or am I missing something ?

[bjowes]

It is not uncommon that multiple servers are involved in serving the web page. Please check with dev tools in the browser where the 401 response comes from. If it is another server than app-tst… then add it to the cy.ntlm call

/Björn W

Skickat från min iPhone

tors 28 sep. 2023 kl. 17:10 skrev UTO-sst @.***>:

@bjowes https://github.com/bjowes I had referred - https://www.npmjs.com/package/cypress-ntlm-auth

I used import "cypress-ntlm-auth/dist/commands"; to import the plugin into my project after I had installed it using npm install --save-dev cypress-ntlm-auth. After that I use cy.ntlm(["app-tst.abcd.com"], @.", "Asdf#11:11"); in my test script My username is : @. My Password is : Asdf#11:11 Then I launch the tool by using npx cypress-ntlm open Cypress gets launched in headed mode and I run the script but instead of logging me in, the browser shows me the login pop up for entering username/pass [just as it would do so if I launch the url manually] Where exactly am I going wrong or am I missing something ?

— Reply to this email directly, view it on GitHub https://github.com/bjowes/cypress-ntlm-auth/issues/242#issuecomment-1739488478, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCHR3BXGWT6IA2DCSZMHCTX4WHPJANCNFSM6AAAAAA5HFGFCY . You are receiving this because you were mentioned.Message ID: @.***>

[UTO-sst]

@bjowes On inspecting over browser's dev tool I see that when I make a hit to app-tst.abcd.com then it internally redirs and calls https://app-tst.abcd.com/Users/IntegratedAuthentication.aspx and provides the NTLM login pop up for entering US/Pass.

I also tried with cy.visit (https://UTO%40abcd.com:Asdf%2311%3A11@app-tst.stoltdev.com/Users/IntegratedAuthentication.aspx But it doesnt work either instead of logging me in it throws the login pop up at me. But same works fine manually.

To use ntlm plugin do I require to do any more configs then the ones I mentioned above ?

[bjowes]

Clarification: When you mention NTLM login popup - do you mean the login popup built into the browser (such as in this image), or is it a custom login form (more like a regular web page form)? From the URL that ends with IntegratedAuthentication, I get the impression that it might be a custom login form. If so, the actual authentication is performed by the app, not by the browser. In that scenarion the plugin won't help. However, you should be able to use cypress to fill the fields in the custom login form and login that way.

[bjowes]

Any update on this?