Search code examples
javajsonapintlmqaf

QAF: '401 Unauthorized: Access is denied' when running script with NTLM request

I already implemented the NTLMAuthClient class

rest.client.impl=com.qmetry.qaf.automation.ws.client.NTLMAuthClient

into the project properties but still getting the aforementioned error.

Here is the JSON request template I am using and I am not sure whether the structure is what causes the error:

{
    "headers":
    {
        "Authorization":
        [
            {
                "username": "${ntlm.user}",
                "password": "${ntlm.password}"
            },
            {
                "domain": "${ntlm.domain}"
            }
        ],
        "Content-Type":"application/json"
    },
    
    "endPoint": "",
    "baseUrl": "${base_url}/api/data/v4/contacts(integrationkey='${clientNumber}')",
    "method": "PATCH",
    
    "body":
    {
        "userid": ""
    }
}

And here's the response from the QMetry report:

Request

Client out-bound request PATCH https://xxxx.com/CRMDEV2/api/data/v4/contacts(integrationkey='xxxx') Authorization: [{username=xxxx, password=xxxx}, {domain=xxxx}] Content-Type: application/json {"userid":""}

Reponse

Client in-bound response 401 REQ_ID: 3d391170-40d7-4ea6-80ca-2531a7fe73ff Server: WWW-Authenticate: NTLM WWW-Authenticate: Negotiate Set-Cookie: ReqClientId=21490c2c-bdfe-4c00-9330-401ca0bb5811; expires=Thu, 22-Oct-2071 11:59:11 GMT; path=/; secure; HttpOnly Content-Length: 49 Date: Fri, 22 Oct 2021 11:59:11 GMT Content-Type: text/plain HTTP Error 401 - Unauthorized: Access is denied

Appreciate the help.

QAF and Selenium version I am using:

QAF version: 2.1.14

Selenium: 3.141.59

Solution

  • Refer NTLMAuthClient java-doc. Instead of Authorization in request call header, you should try providing properties used by NTLMAuthClient.

    NTLMAuthClient class uses following properties:

    ntlm.user - The user name. This should not include the domain to authenticate with. For example: "user" is correct whereas "DOMAIN\\user" is not.
ntlm.password - The password
ntlm.workstation - workstation (default is blank) The workstation the authentication request is originating from. Essentially, the computer name for this machine.
ntlm.domain- domain The domain to authenticate within (default is blank). 
#register NTLMAuthClient
rest.client.impl=com.qmetry.qaf.automation.ws.client.NTLMAuthClient

    set above properties in your property file and then try without authorization in request call header.