When reading through the Selenium FAQ, I noticed a piece of coolness that I didn't know existed in HTTP Authentication (Selenium FAQ - authentication).  RFC 1738 specifies the following scheme for specifying authentication information in a url //<user>:<password>@<host>:<port>/<url-path>.  I have been familiar with this for commanline based protocols (ftp/telnet and their secure equivalents) but didn't realise that it would work in a browser. In a browser you can specify http://user:password@server:80/path to do basic http authentication. While this ia a bad idea for usernames and passwords in real applications, it is a great tool for development purposes.  My firefox speeddial plugin now has development pages specified in this way.

Of course this approach is not a silver bullet, and other tools are needed. I have used this technique to access websphere portal and webapps hosted on a WebSphere Portal server, as well as applications using HTTP Authentication on Tomcat Servers. Unforutnately it doesn't work with the WebSphere administration console, but thankfully you can simulate the form based login using the following type of url: https://serverName:10039/ibm/console/secure/securelogon.do? action=secure&j_username=username&j_password=password 

The combination of //<user>:<password>@<host>:<port>/<url-path> tye urls, and faking login forms, makes it possible to access most web urls very quickly in a browser environment. 1

1 -Internet explorer doesn't support this for recent browsers (see: http://support.microsoft.com/kb/834489) ↩

This entry was posted on Monday, May 19th, 2008 at 12:09 am and is filed under Development. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.