cypress-ntlm-auth
cypress-ntlm-auth copied to clipboard
bjowes
Negotiate authentication fails due to invalid credentials
Hello,
I am using cy.ntlmSso for testing web application which uses Kerberos authorization and get 401 response. From nginx server logs I can see that Negotiate token sent by plugin is much shorter than the one sent via powershell or browser.
Here are debug logs:
Do you have any ideas where the problem is?
Thanks in advance.
Hi,
Kerberos authentication has only been tested against IIS. In theory Nginx should work the same, but it hasn't been verified. If any other users have a successful setup with Nginx, please let me know.
Which version of Cypress are you using? And which version of the plugin?
Also note that the plugin only supports Kerberos with SSO, meaning that the user account that started cypress-ntlm will be used to authenticate. Is this the same account that is intended for login to the site?
On Wed, Jun 15, 2022 at 7:12 AM avivanov-dev @.***> wrote:
Hello,
I am using cy.ntlmSso for testing web application which uses Kerberos authorization and get 401 response. From nginx server logs I can see that Negotiate token sent by plugin is much shorter than the one sent via powershell or browser.
Here are debug logs: [image: Screenshot_2] https://user-images.githubusercontent.com/67158903/173741087-19c3e1aa-7846-4b5f-a10a-e3ef23f06ea1.png
Do you have any ideas where the problem is?
Thanks in advance.
— Reply to this email directly, view it on GitHub https://github.com/bjowes/cypress-ntlm-auth/issues/205, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCHR3A2HRJRWLXXLVH7NDDVPFQ2LANCNFSM5YZ52NQA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
I am using Cypress 7.4.0. The plugin version is 4.0.2.
The account that starts cypress-ntlm is the same as the one used for logging on to the website.
Hi,
Kerberos authentication has only been tested against IIS. In theory Nginx should work the same, but it hasn't been verified. If any other users have a successful setup with Nginx, please let me know.
Which version of Cypress are you using? And which version of the plugin?
Also note that the plugin only supports Kerberos with SSO, meaning that the user account that started cypress-ntlm will be used to authenticate. Is this the same account that is intended for login to the site?
Sorry for the delay, have been quite busy lately. The cypress version you are using is quite old. Please try updating it.
Also, you stare that the token is much larger when you login through the web browser. Could you use wireshark or similar to intercept the traffic and compare the decoded tokens? Hopefully that could give some clue to what might be missing.
The tokens are actually not created by the plug-in. It uses native windows methods to acquire the token, so it should be fully compliant.
tors 16 juni 2022 kl. 07:34 skrev avivanov-dev @.***>:
I am using Cypress 7.4.0. The plugin version is 4.0.2.
The account that starts cypress-ntlm is the same as the one used for logging on to the website.
Hi,
Kerberos authentication has only been tested against IIS. In theory Nginx should work the same, but it hasn't been verified. If any other users have a successful setup with Nginx, please let me know.
Which version of Cypress are you using? And which version of the plugin?
Also note that the plugin only supports Kerberos with SSO, meaning that the user account that started cypress-ntlm will be used to authenticate. Is this the same account that is intended for login to the site?
— Reply to this email directly, view it on GitHub https://github.com/bjowes/cypress-ntlm-auth/issues/205#issuecomment-1157251698, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCHR3CXUN2RPK4FWU6X6JTVPK4GZANCNFSM5YZ52NQA . You are receiving this because you commented.Message ID: @.***>
-- /Björn W
Skickat från min iPhone
I am having the same issue where the tokens from the browser and the proxy are of very different length.
I have done some improvements to the negotiate flow. Please try out the latest release, 4.1.0