• Post Reply Bookmark Topic Watch Topic
  • New Topic

How to automate SSO authentication  RSS feed

 
Jean Robillard
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am wondering how one might automate logging into some system protected by SSO (single sing-on). I say SSO because in SSO, when you enter a URL of the page you want to log into, often you are re-directed to a totally different URL which is the SSO login page (whose URL often contains a long, dynamic string such as session ID). After the successful authentication, you are back to the original URL.

I haven't used QTP in years so I am not sure if it can automate this sort of authentication, but I know that QTP could automate non-SSO type of authentication by recording & reply.

I don't really want to have to use a pricey tool like QTP even if SSO authentication automation is possible with it. Is there a way to do this via Java, Groovy, expect, or any other language or free tool ?

Thanks.

 
Ulf Dittmer
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm unfamiliar with QTP, and not sure what else you need to automate, but the premier library to automate web access in Java is HtmlUnit. It supports redirection, cookies and URL parameters.
 
Winston Gutkowski
Bartender
Posts: 10575
66
Eclipse IDE Hibernate Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jean Robillard wrote:I am wondering how one might automate logging into some system protected by SSO (single sing-on).

I hate to sound old-hat, but what form of "single sign-on"? I remember, back in the day, when Kerberos was touted as a "single sign-on" solution (and it's free), but certificates (and possibly even newer stuff) seem to have taken over, especially in the browser arena.

So, is this "SSO" proprietary? If so, I fear you may need to fork out some cash. If not, and this SSO site really does support any form you like, then there are a myriad ways of doing it.

Winston
 
Rob Spoor
Sheriff
Posts: 21135
87
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The redirecting sounds more like SAML to me.
 
Paul Clapham
Sheriff
Posts: 22844
43
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jean Robillard wrote:I say SSO because in SSO, when you enter a URL of the page you want to log into, often you are re-directed to a totally different URL which is the SSO login page (whose URL often contains a long, dynamic string such as session ID). After the successful authentication, you are back to the original URL.


But this is a description of numerous login systems which wouldn't be described as SSO. When you say SSO you're specifically referring to a system where you can login to several different systems using a single set of credentials, and logging into such a system may or may not preserve the useful bits of the original URL.

So discussing this under the heading of SSO is probably a distraction from the actual requirements. It looks like Ulf's response is the best starting point for further discussion.
 
Joe Areeda
Ranch Hand
Posts: 334
2
Java Netbeans IDE Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Rob Spoor wrote:The redirecting sounds more like SAML to me.

I agree.

We use Shibboleth based on SAML for Single Sign On. There is also a kerberos/LDAP back end that drives the whole thing.

If the OP's set up is like that there is ECP (see https://wiki.shibboleth.net/confluence/display/SHIB2/ECP) which is a bit complicated but the Shib site has some working examples.

If kerberos is involved you can get a keytab (and be responsible for its security) that allows password free log in. Although we are having an issue with this because LDAP doesn't have any attributes to pass for these tickets.

We do need more info on what SSO system you are using.

Joe
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!