Open andreastt opened 8 years ago
@andreastt Any chance we can prioritise this please?
@haroon-sheikh It is scheduled for level 2 of the specification, so we will likely discuss this at the next F2F in November. However, implementors are currently focussing on level 1 conformance.
As of now this can be solved by WinAppDriver https://github.com/Microsoft/WinAppDriver/issues/212
Guyz, I would like to understand the reason for thumbs down?
This is a discussion on how to handle HTTP basic access authentication in WebDriver, and not about how to circumvent or work around the current API’s shortcomings.
I alluded in an earlier comment that basic auth might be handled by a new permissions API in general, but this API wound up being tied closely to the Permissions API standard. They are now extending WebDriver which makes it possible to control permissions for a range of web APIs, but since basic auth isn’t part of this standard we still need to find a solution for how to handle this in WebDriver.
Wokhay! That sounds justifiable.
Guys, this is a 2 years old topic. To be honest I don't really get why is it so complicated by given the facts:
What is missing: The ability to fill or switch over to the password field.
Ok, I'm not included in any browser development project that's true, but given the above facts and that Selenium is able to handle all the other type of popups, it doesn't seems to be a big deal to get this fixed.
And I also feel a bit overcomplicated that we need to hack through proxys in order to get this properly workaround for the moment.
Authentication isn't always via a username and password. Other valid forms include OTPs, and security tokens. Any API for authentication added to webdriver should support those other mechanisms too.
I would say OTP is out of the scope of this ticket. This is usually implemented by a 3rd party service which redirects you to a webpage. In turn a webpage can be handled by selenium. Security token can not be used securely in a cloud environment like sauce, so that is kind is out of the scope as well.
NTLM and FaceID are both authentication mechanisms baked into browsers that we need to support. The idea isn't specifically about OTP, it's about the fact that browser-based authentication via modal dialogs owned by the browser aren't always just username and password. My apologies for not making that clearer.
While I applaud the effort to support all of that, I would be very much more happy to get support for http basic authentication first and those settings later, when the dust has settled for how to authenticate those and make API for them.
This appear to be a pangalactic gap in WebDriver. Every architect should now that: 1) Basic authentication is NOT supported in URL in most modern browsers. 2) WebDriver has absolutely no support for basic authentication.
As a consequence, automation of any BAISC AUTH involving scenario is NOT SUPPORTED IN WEBDRIVER at all.
Possible workarounds include:
This is still utterly lame. This problem persists for two+ years. Basic auth should be basic!
@andreastt Do you know where does the priority sit now? When are we planning to make a start on Level 2 conformance?
I believe most vendors are hesitant to start new feature work before they are in complete conformance with the existing specification.
Well, let me tell you, the vendor that first gets any form of basic http authentication is going to see a massive spike in usage, as this is pretty much the most annoying missing feature of any implementation. And all of them require different, hard to implement and not generic workarounds. :-(
Can we have any permanent solution for this? No reliable and good workaround solution as well. authenticateUsing feature should be available in latest release.
Resolution from TPAC (minutes):
Add new capability for default authentication credentials. Add handling of authentication dialogues wherever it is that we have unhandled prompt prose. Add endpoint to allow deliberate authentication, and this is probably going to be in section 18.
It's been a while since TPAC and I wonder if we can make a bit of progress on this issue given that it blocks a couple of people correctly implementing their tests.
Sadly the minutes don't mention someone who should take action on it, but in the final lines Simon asked Brian, if that is a sensible approach and he agreed. So @burg I would like to kindly ask if you would have the time to write down the spec changes?
I do not have the bandwidth to develop this endpoint at this time.
On Feb 18, 2019, at 7:37 AM, Henrik Skupin notifications@github.com wrote:
It's been a while since TPAC and I wonder if we can make a bit of progress on this issue given that it blocks a couple of people correctly implementing their tests.
Sadly the minutes don't mention someone who should take action on it, but in the final lines Simon asked Brian, if that is a sensible approach and he agreed. So @burg https://github.com/burg I would like to kindly ask if you would have the time to write down the spec changes?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/w3c/webdriver/issues/385#issuecomment-464778772, or mute the thread https://github.com/notifications/unsubscribe-auth/AAEUGCsnQc0qPMqTGjaPY7oNfRFcyO08ks5vOsjHgaJpZM4KNosO.
I'm also running into this issue trying to implement some enterprise level tests that run in Jenkins. I had to switch from geckodriver to chromedriver and now authentication is not working. The pre-authentication workaround is also not working for me. Any chance of progress on this issue? I'm at a standstill.
I am having the same problem. I am able to do the URL approach to bypass basic auth on chrome but when it comes to Safari OS X I haven't been able to find any solution yet.
Is there a workaround for this on Chrome?
any change in this matter?
Since Chrome does not support in-URL auth (https://medium.com/@lmakarov/say-goodbye-to-urls-with-embedded-credentials-b051f6c7b6a3) since v59, are there plans of increasing the priority of this?
@AutomatedTester who basically could take this up nowadays?
What is the priority for this?
At the moment this is not a priority for me. If someone wants to write the prose I will gladly edit it and get it merged.
Hi David,
At the moment this is not a priority for me. If someone wants to write the prose I will gladly edit it and get it merged.
Since I am not too familiar with the project - what would be required to get this to go forward? I am sure there are enough people on this bug report to collaborate on a pull request to move this forward.
Beste Regards, Martin Häcker
You will need to update the details in https://github.com/w3c/webdriver/blob/master/index.html#L1479-L1641 on how to set the authentication. It will need to know how to handle the data coming in from a Selenium binding.
On Thu, Mar 12, 2020 at 8:37 PM notifications@github.com wrote:
Hi David,
At the moment this is not a priority for me. If someone wants to write the prose I will gladly edit it and get it merged.
Since I am not too familiar with the project - what would be required to get this to go forward? I am sure there are enough people on this bug report to collaborate on a pull request to move this forward.
Beste Regards, Martin Häcker
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/w3c/webdriver/issues/385#issuecomment-598407238, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA7MBU6EJK7S3XUK4FXWNTRHFBYLANCNFSM4CRWRMHA .
@AutomatedTester would something like what selenium-wire incorporated to handle requests and use proxies that require basic authentication be what could inspire the handling of basic authentication here?
We are not documenting what Selenium does here, we need to document what the browser needs to do in the case that it requires basic authentication. As mentioned in a previous comment you will need to add in prose there that describes what needs to happen
On Tue, Mar 17, 2020 at 2:04 PM walter-hernandez notifications@github.com wrote:
@AutomatedTester https://github.com/AutomatedTester would something like what selenium-wire https://github.com/wkeeling/selenium-wire incorporated to handle requests and use proxies that require basic authentication be what could inspire the handling of basic authentication here?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/w3c/webdriver/issues/385#issuecomment-600089473, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA7MBRTGA5YGZCLVJIXRDLRH57O7ANCNFSM4CRWRMHA .
Any priority for this?
It seems that the current workaround is to use use selenium support for the BIDI API to solve this problem. AFAIK it currently only works with Chrome/Chromium.
I don't see any movement happening on this until we from the community create pull requests for the relevant specification in the webdriver spec, as the current maintainers seem to have moved on?
Any workarounds in headless Python Chrome Selenium without spinning up XVFB display for extension cycling (unreliable on Lambda) and without using SeleniumWire (blocked due to TLS fingerprint)?
https://www.w3.org/Bugs/Public/show_bug.cgi?id=28802
csnover: