I am looking for a good way to use Selenium with Digest Authentication (for a flex UI though I don't think that makes a difference if I can't do authentication). I'd like to avoid platform-dependencies such as using AutoIT to drive browser pop-ups (since cross-platform testing is a motivator for going to Selenium), though if there's a good cross-platform library for doing such things that would work fine.
I'm thinking maybe there is a way to use a separate http client to create a session and then pass the session credentials off to the browser, but I'm not sure how to inject the session ID into the browser requests. That's just an idea I had, not sure how feasible it is.
You could try using an HTTP proxy, such as AuthProxy by #CarlYoungblood.
It's an HTTP proxy server written in Ruby which was developed specifically for testing a server that required basic authentication with Selenium, but it should also work on a server with digest authentication.
Simply explained, you cannot automate a Flex UI from Selenium, as it doesn't handle Flash for testing (you can embed the flash plugin in your browser, but Selenium won't be able to test against flash component...)
Even if you can authenticate, you won't be able to test anything, so, you should try something else, like Sikuli
Related
I am using rest-assured dependency in my project for testing API's with selenium.
Can anyone guide me why basically we use rest-assured dependency in API testing ? (Tried finding the answer from my seniors who developed our project framework and online, i couldnt get any answer why are we using this, it would help me if anyone guides me with the reason ?)
And what are the other ways to do API automation using selenium ?
why should we use them ? (in comparison with rest-assured ?)
Thank you.
Selenium is not typically used for REST API testing. Selenium is a tool that can control web browser. Despite a web browser is a sort of HTTP client, it is very specific client that is intended for browsing web and maintain high level of user security. The above puts certain degree of restriction of what you can and cannot do with the browser. For example:
You can only fire GET request from the address bar
You can do POST request using HTML form but you have to have an HTML page with the form and fixed set of parameters
You can overcome the above if have the page with any javascript client so that you can configure different requests configurations
Points 2 and 3 basically mean you have another level of communication in your framework and that level has to be properly maintained. That's because Web Browser is not naturally intended for interacting with API. But only with very narrow part of what HTTP can offer (again we can overcome that restriction by javascript code executed within the browser but that would be another level of complexity).
RestAssured is pure HTTP client with some handy and neat functionality allowing to easily manipulate with requests and responses. So it allows to fire any type of requests supported by HTTP protocol, parse responses responses and verify them (often all in a single statement).
The latter is naturally designed for interacting with REST API, does not introduce extra levels to your tests, does not have limitation like the browsers have.
Recap
The below schema demonstrates the difference of having your API tests implemented in both approaches:
Selenium case:
Selenium binding lib -> Web Driver -> Browser -> API GET (rarely others - need to maintain special file for that)
Rest-Assured case:
Rest-Assured lib -> API ANY SORT OF REQUESTS
P.S. - In the same way as RestAssured handles API case much effectively than Selenium, Selenium handles Web Testing in much more effective way than RestAssured since the latter cannot neither control browsers nor even execute JAvaScript code. That is why we have two such a powerful and great tools each of which perfectly serves the needs it naturally designed for.
Just because Rest-Assured (RA) is a code-based tool to test API. It supports:
make HTTP(s) request
extract value from response
assert response
Selenium is tool to control web browser, it CANNOT do API testing.
I don't know why you compare Selenium to Rest-Assured. They are 2 different tools that serves 2 different purposes.
I am researching the differences between Selenium and JMeter and I stumbled across the following statement about Selenium:
Even though WebSocket might be encapsulated into a web session and
affect the browser, the user/Selenium will not realise it. So, we will
use JMeter for testing WebSockets.
which confuses me because even though Selenium can't detect that specific scenario, Selenium still uses a programming language like JAVA, hence you can still use Java to accomplish the same thing JMeter does in this case. Or am I missing something here?
I don't know what you're reading however I would recommend stopping referring this source as they don't really realize what they're talking about.
According to The WebSocket API documentation:
The WebSocket API is an advanced technology that makes it possible to open a two-way interactive communication session between the user's browser and a server. With this API, you can send messages to a server and receive event-driven responses without having to poll the server for a reply.
Selenium is browser automation framework therefore you get this WebSocket API support "for free". If you need to perform some custom use cases you can use JavascriptExecutor to call WebSocket object functions.
When it comes to JMeter:
JMeter is not a browser, it works at protocol level. As far as web-services and remote services are concerned, JMeter looks like a browser (or rather, multiple browsers); however JMeter does not perform all the actions supported by browsers. In particular, JMeter does not execute the Javascript found in HTML pages. Nor does it render the HTML pages as a browser does (it's possible to view the response as HTML etc., but the timings are not included in any samples, and only one sample in one thread is ever displayed at a time).
Therefore JMeter will not trigger any WebSocket-related events unless you use a plugin and manually open connection, send message, read response, etc.
I'm trying to use robot framework as a ui test tooling for a website we use internal.
To test different user roles I open the browser with basic authentication (http://user:ww#url). Unfortunately this methode is removed from chrome and chromedriver (http://www.chromestatus.com/feature/5669008342777856) (for the test I use PhantomJS).
because of this issue subresource requests are blocked. See image attached.
Because of this issue also js files are blocked and therefore my UI tests don't work properly.
Does anybody have an idee on how to solve this or another way of testing?
This issue is being encountered by all browser automation frameworks. This SO answer describes an approach to take a two step approach:
Go to the url with http://user:pass#hostname.ext
Go to the url with http://hostname.ext
The username and password are cached and subsequent visits will reuse it.
Hi I am using Selenium WebDriver with Java. So I have a website A from which after I fill form I go to website B but before it asks a Basic Authentication Username and Password.
I read in SO that, Basic Authentication Support Is not provided in Selenium.
I read somewhere I can use ROBOT Class(not sure what do u mean by that in Java) but it is risky to use.
I am not sure how to handle this event as after I reach to B I have to do some more validations before Passing the test case.
I hope someone can help.
Thanks.
I think you should be able to overcome it by using the following URL
http://username:password#www.example.com/
Don't forget to give a / at the end. I think you can refer this
Is there a way to test logging into a site with open id using Selenium?
In Selenium all the tests live in the server, so once filled the open id URL in the appropriate field in the web page I am taken to the 3rd party web page for entering the credentials and my test can't run anymore.
Is there a way around this?
Yes - use Selenium RC. It gets around the cross-domain problem of basic Selenium Core and allows you to script against multiple sites.
I guess, technically speaking, you could include a really dumb OpenID server on your testing domain, but Patrick's suggestion of a testing framework that supports cross-domain operations sounds like a much better idea.
Although, I guess that depends on what you're trying to test. It could be that using a third party OpenID server is bad for your tests, because a change to the UI of that server could cause your tests to break. Or maybe you want to make sure that your code is interoperating correctly with that server, in which case using the 3rd party is exactly what you want to test.