User authentication

This topic describes the user authentication methods used with DevWeb scripts.

Working with user authentication

The following types of user authentication are supported:

When a web server requests authentication, the appropriate load.setUserCredentials step should be specified in the script.

For Basic and Digest authentication, username, password, and hostname are required:

load.setUserCredentials({
	username: "<username>",
	password: "<password>",
	host: "<host>:<port> "
});

For NTLM authentication, domain is also required:

load.setUserCredentials({
	username: "<username>",
	password: "<password>",
	domain: "<domain>",
	host: "<host>:<port> "
});

Note: You can hide password values in the script using load.unmask or load.decrypt APIs. For more information, see Encode sensitive data.

Back to top

Kerberos authentication

Kerberos-based authentication is supported for replaying your scripts.

Note: When Kerberos authentication is enabled, the script tries to use it during replay. If the Kerberos authentication is unsuccessful, the replay will fail.

To enable Kerberos authentication:

  1. Create a krb5.ini Kerberos configuration file, and put it in an available folder. The krb5.ini file should contain detailed information about each domain (KDS and AS addresses) and trust chains.
  2. Save the full path name of the krb5.ini into the KRB5_CONFIG environment variable.
  3. Specify the appropriate load.setUserCredentials API parameters in the script.
  4. In the runtime settings file for the script (rts.yml), set the value for replay > enableIntegratedAuthentication to true.

    When the web server requests Kerberos authentication type, the Kerberos configuration file is used to obtain tickets and complete the flow.

Back to top

See also: