New issue
Advanced search Search tips

Issue 807028 link

Starred by 1 user
Status: Available
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

Headless: Request Ability to provide credentials for Integrated Authentication

Reported by samir.ma...@powwowmobile.com, Jan 29 2018 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36

Steps to reproduce the problem:
This is a feature request for Chrome in Headless mode.  When testing against a site that uses NTML or Kerberos authentication, I'd like to impersonate a user other than the user logged into the Windows desktop.

For Basic Auth, I can use "Network.setExtraHTTPHeaders" to set the username/password.  However, there is no good solution for NTML/Kerberos.

See: https://bugs.chromium.org/p/chromium/issues/detail?id=741872#c31

What is the expected behavior?

What went wrong?
Unable to impersonate users when using Headless Chrome to test a website that uses NTML authentication.

Did this work before? No 

Does this work in other browsers? Yes

Chrome version: 60.0.3112.50 (Windows, Beta)  Channel: stable
OS Version: 
Flash Version:

Comment 1 by irisu@chromium.org, Jan 30 2018

Components: Internals>Headless
Labels: -Pri-2 Pri-3
Status: Available (was: Unconfirmed)

Comment 2 by samir.ma...@powwowmobile.com, Feb 22 2018 

Actually, we found a work around using "Network.setRequestInterception".

// 1) Call request interception:

Network.setRequestInterception({ patterns: [] })

// 2) Handle the requestIntercepted event: 

let authChallengeSubmitted = {};
let username = "test";
let password = "hunter2";

Network.requestIntercepted(function (params) {
    if (params.authChallenge) {
        // There was an auth challenge!
        if (authChallengeSubmitted[params.interceptionId]) {
            // We already tried and failed
            delete authChallengeSubmitted[params.interceptionId];
            // Cancel the authChallenge.
            Network.continueInterceptedRequest({
                'interceptionId': params.interceptionId,
                'authChallengeResponse': {
                    'response': 'CancelAuth'
                }
            });
        } else {
            // Save that we tried because if it fails, we will just get the authChallenge again.
            authChallengeSubmitted[params.interceptionId] = true;
            // Provide the username and password.
            Network.continueInterceptedRequest({
                'interceptionId': params.interceptionId,
                'authChallengeResponse': {
                    'response': 'ProvideCredentials',
                    'username': username,
                    'password': password
                }
            });
        }
    } else {
        // No auth challenge - continue with the request.
        Network.continueInterceptedRequest({ 'interceptionId': params.interceptionId });
    }
});

Sign in to add a comment