WebGate Customization

The WebGate Customization tool helps you to customize the WebGate client components.

In this topic:

Overview
Download WebGate Customization
Run WebGate Customization
Web server configurations
Proxy configurations
Log configurations
Authentication mode configurations
Shared login configurations
Launcher configurations
Run Webgate Customization from the command line
Notes and Limitations

Overview

WebGate Customization is used when:

A web proxy is required.
A web proxy requires authentication.
A web server in front of OpenText Application Quality Management requires authentication.
External authentication is enabled.

Download WebGate Customization

You download the WebGate Customization tool from the Tools page.

To download the tool:

From the qcbin page (http://<server>:<port_number>/qcbin/), click the Tools link.
On the Tools page, click WebGate Customization.
On the WebGate Customization page, click Download Tool.

Run WebGate Customization

Run the downloaded WebGateTool.exe file to configure the WebGate Customization settings.

The settings are maintained in the HKEY_CURRENT_USER\SOFTWARE\Mercury Interactive\TestDirector\WEB_CLNT_DEBUG and HKEY_CURRENT_USER\SOFTWARE\Mercury Interactive\TestDirector\WEB registry keys.

Web server configurations

Open the Web Server Settings tab to configure the Web Server credentials, WebClient certificates, and general HTTP settings.

Option	Description
Web Server Credentials	When the web server requires user credentials, for example with SSO, enter Web Server Username, Web Server Password, and Domain. To force credentials to be entered for the web server to load, select Always ask for credentials.
Headers	For SSO users, enable Add basic authentication header and select whether to add the header when a cookie is present. For SSO users, this option must be selected to allow testing tools and Microsoft add-ins to connect. For SSO users, this option must be selected in case the SSO response does not contain an HTTP authentication error code for an unauthorized request.
WebClient Certificates	Select Use client certificate according to the desired mode to define a client certificate if the HTTP server requires it for authentication. After selecting the mode, click Select to select the certificate. Not specify mode. No specific execution mode is set, but the OTA script displays user dialogs. Interactive mode. The OTA script displays user dialogs. Non-interactive mode. The OTA script does not display user dialogs. Note: To run UFT tests in a smart card authentication environment, select Non-interactive mode and select a valid client certificate. Ensure that the Certificate Authority that issued your client certificate is added to the Trusted Root Configuration Authorities list for the current user.
General HTTP Settings	Set the following HTTP settings: Connection Timeout. Set the timeout in seconds for the HTTP connection between the ALM client or OTA script and the server. Enable HTTP Compression. The HTTP traffic from the server to the client is compressed with a standard HTTP-compliant gzip compression. Use Default User Agent. Regulate the user agent value in HTTP requests to the server. Select this checkbox to use the TeamSoft WinInet Component; otherwise,the user agent is the same as for Internet Explorer.
QCCH - SSL Type	Select the SSL type for the QCCH (QC Connectivity Helper) connection from the dropdown list.

Proxy configurations

Open the Proxy Settings tab to configure the proxy server and proxy credentials.

Option	Description
Proxy	Select the type of proxy server: Use a Proxy Server. Select this option if the client or OTA script is using a proxy to connect to the server. Enter the proxy server port in Proxy Port, and enter the proxy server I.P. or machine name in Proxy Server. Use System Proxy Server. Select this option if the system proxy setting is used for the client or OTA script connection to the server. This option and the Use a Proxy Server option are mutually exclusive. Bypass Proxy Server. Select this option to bypass the proxy settings, when the client or OTA script does not use a proxy to connect to the server.
Proxy Credentials	If the proxy server requires user credentials, enter the Proxy Username, Proxy Password, and Domain. To force credentials to be entered for the web server to load, select Always ask for credentials. Note: If you select Always ask for credentials, ALM Explorer asks for web proxy credentials even if they are specified by the tool. If a user is not working with ALM Explorer, do not select this option.

Option

Description

Proxy

Select the type of proxy server:

Use a Proxy Server. Select this option if the client or OTA script is using a proxy to connect to the server. Enter the proxy server port in Proxy Port, and enter the proxy server I.P. or machine name in Proxy Server.
Use System Proxy Server. Select this option if the system proxy setting is used for the client or OTA script connection to the server. This option and the Use a Proxy Server option are mutually exclusive.
Bypass Proxy Server. Select this option to bypass the proxy settings, when the client or OTA script does not use a proxy to connect to the server.

Proxy Credentials

If the proxy server requires user credentials, enter the Proxy Username, Proxy Password, and Domain.

To force credentials to be entered for the web server to load, select Always ask for credentials.

Note: If you select Always ask for credentials, ALM Explorer asks for web proxy credentials even if they are specified by the tool. If a user is not working with ALM Explorer, do not select this option.

Log configurations

Open the Log Settings tab configure whether to keep the log file for the desktop client.

Option	Description
Write Client Side Log File	To create a log file, select Write Client Side Log File and specify the path where the log file is created.

Authentication mode configurations

Open the Authentication Settings tab to specify the API key and API key secret for API key authentication.

Option	Description
Authentication Mode	Enter API Key and Secret for API Key authentication mode.

Shared login configurations

Open The Shared Login Settings tab to configure the browser and timeout settings for external authentication, such as SSO authentication, ALM Client Launcher authentication, and authentications via add-ins and external testing tools.

Option Description

Option	Description
Use Custom User Agent	If you want to use a custom user agent, select this option and specify the user agent string. If you use the ALM SharedLoginModule user agent in a previous version, after the upgrade, the user agent is replaced with the following: `Mozilla / 5.0(Windows NT 10.0; WOW64; Trident / 7.0; rv: 11.0) like Gecko` To use a different user agent, replace the above string with your custom user agent string.
Use embedded web browser	Use either your default browser or the embedded browser for external authentication. If it is selected, you get authenticated with the embedded browser. The embedded browser renders web content using Microsoft Edge WebView2 Runtime if WebView2 Runtime is installed or using Internet Explorer's rendering engine if WebView2 Runtime is not installed. IE Mode: This mode forces the embedded browser to use Internet Explorer’s rendering engine instead of Edge's, even when Edge WebView2 Runtime is installed. IE mode is intended for cases where compatibility with legacy systems that are dependent on IE core functionalities is required. However, this mode is not recommended and should only be used when the Edge-based rendering engine already meets the requirements. If it is not selected, you get authenticated with your operation system's default web browser, for example, Edge, Chrome, or Firefox. You can also use the DISABLE_SLM_WITH_DEFAULT_WEBBROWSER parameter to control the use of your default browser on the server side. By default, it is set to N, which means your default browser is not disabled. If you do not select the Use embedded web browser option, your default browser is used. If you select the option, the embedded browser is used. If it is set to Y, the embedded browser is used, regardless of whether you select the Use embedded web browser option. See Browser configuration matrix. Note: You use the embedded browser when the default browser cannot meet your specific authentication requirement. For example, if you require users to manually enter their credentials instead of allowing automatic login through existing SSO sessions, you should use the embedded browser for SSO authentication.
Authentication timeout	Available for authentication with your operation system's default web browser. Set the amount of time in seconds after which the authentication expires. You can set the timeout to a maximum of 120 seconds. By default, it is 60.

Use Custom User Agent

If you want to use a custom user agent, select this option and specify the user agent string.

If you use the ALM SharedLoginModule user agent in a previous version, after the upgrade, the user agent is replaced with the following:

Mozilla / 5.0(Windows NT 10.0; WOW64; Trident / 7.0; rv: 11.0) like Gecko

To use a different user agent, replace the above string with your custom user agent string.

Use embedded web browser

Use either your default browser or the embedded browser for external authentication.

If it is selected, you get authenticated with the embedded browser.

The embedded browser renders web content using Microsoft Edge WebView2 Runtime if WebView2 Runtime is installed or using Internet Explorer's rendering engine if WebView2 Runtime is not installed.
- IE Mode: This mode forces the embedded browser to use Internet Explorer’s rendering engine instead of Edge's, even when Edge WebView2 Runtime is installed. IE mode is intended for cases where compatibility with legacy systems that are dependent on IE core functionalities is required. However, this mode is not recommended and should only be used when the Edge-based rendering engine already meets the requirements.

If it is not selected, you get authenticated with your operation system's default web browser, for example, Edge, Chrome, or Firefox.

You can also use the DISABLE_SLM_WITH_DEFAULT_WEBBROWSER parameter to control the use of your default browser on the server side.

By default, it is set to N, which means your default browser is not disabled. If you do not select the Use embedded web browser option, your default browser is used. If you select the option, the embedded browser is used.
If it is set to Y, the embedded browser is used, regardless of whether you select the Use embedded web browser option.

See Browser configuration matrix.

Note: You use the embedded browser when the default browser cannot meet your specific authentication requirement. For example, if you require users to manually enter their credentials instead of allowing automatic login through existing SSO sessions, you should use the embedded browser for SSO authentication.

Authentication timeout

Available for authentication with your operation system's default web browser.

Set the amount of time in seconds after which the authentication expires.

You can set the timeout to a maximum of 120 seconds. By default, it is 60.

Browser configuration matrix

DISABLE_SLM_WITH_DEFAULT_WEBBROWSER	Use Embeded browser	Use IE Mode	Browser	Browser Engine Type
Y	Y	Y	Embedded browser	Internet Explorer
Y	Y	N	Embedded browser	Edge (WebView2 Runtime) if available, otherwise, Internet Explorer
Y	N	N	Embedded browser	Edge (WebView2 Runtime) if available, otherwise, Internet Explorer
N	Y	Y	Embedded browser	Internet Explorer
N	Y	N	Embedded browser	Edge (WebView2 Runtime) if available, otherwise, Internet Explorer
N	N	N	Default browser	Based on the operation system's configuration

Launcher configurations

Open the Launcher Settings tab for configurations related to ALM Client Launcher, including launcher log, UI font, and high-resolution displays.

Option	Description
Enable Launcher Log File	Toggles on or off log for ALM Client Launcher.
Log Path	If ALM Client Launcher log is enabled, specify where the log file is stored.
Log Level	If ALM Client Launcher log is enabled, select the type of log file you want ALM Client Launcher to create. All. Records all events. Information. Records informational messages. Warning. Records potentially harmful situations. Error. Records error events. Debug. Records events that are most useful for debugging.
Support High-DPI Mode	Select this option if you want to use ALM Client Launcher against high-resolution displays.
Enable Large UI	Whether or not to display ALM Client Launcher in bigger fonts.

Run Webgate Customization from the command line

Webgate Customization can be run from the command line.

To open the Webgate Customization dialog box from the command line, enter WebGateTool.exe.

To run Webgate Customization in silent mode, enter WebGateTool.exe /silent followed by the appropriate parameters. The following is a list of the parameters:

Parameter Name	Short Name
Silent	S
UseProxy	P
UseIEProxy	IE
BypassProxy	BP
ProxyPort	PrP
ProxyUrl	PrU
ProxyUserDomain	PrUD
ProxyUserName	PrUN
ProxyPassword	PrUP
ProxyAlwaysAskCreds	PrAC
ShouldFilterCertificates	CeF
CertSNForNotspecifyMode	CeNS
CertSNForInteractiveMode	CeI
CertSNForNoninteractiveMode	CeNI
IISUserDomain	SUD
IISUserName	SUN
IISPassword	SUP
IISAlwaysAskCreds	SAC
ConnectionTimeout	CTO
AcceptCompressedResponse	ACR
UserAgent	UA
SslType	SslT
AddBasicAuthHeader	ABAH
ForceAddBasicAuthHeader	FABAH
MakeLog	ML
LogPath	LP

Note:

Set Boolean parameters to y or n. For example, /MakeLog=y or /ML=Y.
If a parameter value contains spaces, use quotes. For example, /LogPath="d:\my docs".

Example: To set the log path and make a log checkbox in silent mode, run WebGateTool.exe /Silent /LogPath="C:\logs" /MakeLog=y or WebGateTool.exe /s /lp="C:\logs" /ml=y.

Notes and Limitations

WebGate Customization includes the following limitations:

Webgate Customization cannot be run directly from Internet Explorer. To run Webgate Customization, right-click on the link and save the file to your hard drive. Then, double-click on the downloaded file.
Proxy Username must be valued with the domain and the username, as domain\username. Domain must be blank.
WebClient Certificate cannot be disabled once it is activated.
The list of WebClient Certificates to select displays all certificates, not just the certificates from the trusted Certificate Authority (CA).
If you enable Add basic authentication header and select Add when a cookie is present, and you run from Internet Explorer, an unnecessary authorization window appears. Ignore this window.