AnsweredAssumed Answered

authentication a .NET application

Question asked by Ali Khalfan on Sep 11, 2013
Latest reply on Sep 11, 2013 by jkent

I'm trying to perform a scan on  a .NET application which requires form authetncation.  I write the selenium script shown below:

 

 

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head profile="http://selenium-ide.openqa.org/profiles/test-case">

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<link rel="selenium.base" href="http://www.example.com/Account/Accounts/Login.aspx" />

<title>login</title>

</head>

<body>

<table cellpadding="1" cellspacing="1" border="1">

<thead>

<tr><td rowspan="1" colspan="3">login</td></tr>

</thead><tbody>

<tr>

    <td>open</td>

    <td>http://www.example.com/Account/Accounts/Login.aspx</td>

    <td></td>

</tr>

<tr>

    <td>refreshAndWait</td>

    <td></td>

    <td></td>

</tr>

<tr>

    <td>waitForPageToLoad</td>

    <td></td>

    <td></td>

</tr>

<tr>

    <td>waitForElementPresent</td>

    <td>id=ctl00_ContentPlaceHolder1_btLogin_input</td>

    <td></td>

</tr>

<tr>

    <td>type</td>

    <td>id=ctl00_ContentPlaceHolder1_txtUsername</td>

    <td>admin</td>

</tr>

<tr>

    <td>type</td>

    <td>id=ctl00_ContentPlaceHolder1_txtPassword</td>

    <td>admin</td>

</tr>

<tr>

    <td>click</td>

    <td>id=ctl00_ContentPlaceHolder1_btLogin_input</td>

    <td>Login</td>

</tr>

 

</tbody></table>

</body>

</html>

 

WHen I try performing a discovery scan, authentication fails.  It does not redirect to the expected page.  I run this on the firefox selenium IDE plugin, and I notice that the POST payload omits some necessary information from the hidden fields (which are set afer submit is clicked). 

 

 

How else can I troubleshoot this issue, all what the Selenium disgnositics informs me of is that the expected regular expression is not read.

Outcomes