User Authentication

The following types of user authentication are supported:

When a web server requests Basic authentication, VuGen automatically inserts a web_set_user function with the recorded arguments into the script.

However, when the web server demands the more secure NTLM or Digest authentication, VuGen is unable to insert the required information. If it could, these methods would not be secure. In these two cases, you must manually insert web_set_user into the script, including user and password information, to authenticate the Vuser to the web server.

With NTLM authentication, you must prepend the domain name and a double backslash to the user name: "[domain_name]\\[username]". For example:

web_set_user("spark\\peter", "XYZ", "spark:80");

Kerberos authentication

You can enable Kerberos-based authentication to be used during replay for web protocol scripts.

Note: If Kerberos authentication is unsuccessful, the replay will fail.

To enable Kerberos authentication:

  1. Create a krb5.ini Kerberos configuration file, and put it in an available folder. The krb5.ini file should contain detailed information about each domain (KDS and AS addresses) and trust chains.

  2. Save the full path name of the krb5.ini into the KRB5_CONFIG environment variable.

  3. Specify the appropriate web_set_user API parameters in the script.

  4. In Runtime Settings for the script, open Internet Protocol > Preferences > Authentication. Enable the Enable integrated authentication option.

  5. When the web server requests Kerberos authentication type, the web protocol uses the Kerberos configuration file to obtain tickets and complete the flow.