Authentication in RealBrowser

NeoLoad RealBrowser supports applications using SSO/HTTP authentication, such as NTLM or Kerberos.

Browser support

  Chromium Mozilla Firefox WebKit
Basic authentication Yes Yes Yes
NTLM Yes Yes No
Kerberos Yes No No    
Client certificate Yes Yes Yes

Setup

Chromium

As a good practice for SSO, you want to have one authentication per Virtual User (VU) at runtime. This means you need to make sure that the parameter AmbientAuthenticationInPrivateModesEnabled isn't enabled. To do so, follow these steps:

  1.  Start a RealBrowser recording session.

  2. Navigate to chrome://policy/.

  3. Check whether AmbientAuthenticationInPrivateModesEnabled is present or not. If it is, set its value to 0 (zero). Otherwise you need to disable the parameter in the Registry. Learn more here.

How to use

In the OpenBrowser action, you can now add the following parameters:

Parameter Description
httpCredentials.login

Specifies the login for HTTP authentication.
httpCredentials.password

Specifies the password for HTTP authentication.
httpCredentials.origin

Specifies the origin that receives the credentials for the authentication, for example httpCredentials.origin=https://tricentis.com.

Note: From the moment you execute the OpenBrowser action until a CloseBrowser action, you can define only a single username/password pair. Consequently, it's not possible to visit applications behind different SSO providers within a single User Path, unless you restart the browser each time.

Troubleshooting

Tip: In case of any issues with SSO, first make sure you've followed the Setup steps.

I get automatically signed in to my application

You sign in without a username and password prompt, depending on the Kerberos configuration on your machine.

To fix the issue, try the following Windows configuration:

  1. Open the Internet Options.

  2. Go to the Security tab.

  3. Click the Custom level... button in Security level for this zone for these zones:

    • Internet

    • Local intranet

    • Trusted sites

  4. Scroll to User Authentication > Logon and select Prompt for user name and password.

  5. Hit OK.

Client certificate authentication

With RealBrowser user paths, you can set up authentication with a client certificate. Use the Certificate Manager in the project preferences to easily load and configure these certificates.

Configure the Certificate Manager

  1. To access the Certificate Manager, open the Preferences window for your project and navigate to Certificate Manager.

  2. Select Import certificates... to import your PKCS#12/PFX certificates. Currently, NeoLoad only supports PKCS#12/PFX certificates.

  3. You have several options for client certificates for recording:

    • Select No certificate to not use a certificate.

    • Use a specific certificate by entering the Name and Password.

    • Specify an Origin. You must specify the Origin because it sets the server domain NeoLoad authenticates to with the certificate.

  4. You have several options for client certificates for playback:

    • Select No certificate to not use a certificate.

    • Use the same certificate as for recording,,

    • Use a different certificate for each user. For multiple users, you must specify certificate variables such as ${accounts.certificate} for the file name and ${accounts.password} for the password.

Proxy server compatibility is not available when you use client certificates.