Setting up HTTP Basic Authentication for all requests

Question

Is there a way to set up HTTP Basic Authentication for all requests in a SoapUI project?

I know it can be done for all requests within a TestSuite but I cant figure out how to do it for all requests in all TestSuites.

Is there any particular reason why you do not set up HTTP Basic Authentication via the web server configuration? — Oswald, Aug 23 '11 at 08:24
Authentication has been enabled on the server - and I cant authenticate using SoapUI as the client. However I have to set up authentication for each request/TestSuite individually each time. I would like to be able to set it up once for all requests in the project — DisscCoder, Aug 23 '11 at 09:08

score 74 · Answer 1 · edited Nov 16 '20 at 08:19

74

In SOAPUI 5.0 or higher, you can set it on the basicHttpBinding of your service from the Navigation window on the left (I think it's the interface) (it's the parent of all your methods and direct child of the project).

Right click on the interface name and choose "Show Interface Viewer". Then go to the "Service Endpoints" tab. Put your authentication info there. Now you don't have to specify authentication for every method in your service.

After entering the credentials, you need to assign to your requests. (Button "Assign" below the tabs)

edited Nov 16 '20 at 08:19

Daniel Abou Chleih

2,440
2
19
31

answered Oct 27 '14 at 22:56

goku_da_master

4,257
1
41
43

6

This is the simplest answer. Thank you! I don't know why this isn't more obvious in SoapUI... – Tim Nov 06 '14 at 17:31
2

Anyone confirm this works for a REST project/endpoint? I'm getting a `ClientProtocolException` if I put auth information here, while same auth works fine if I add it to each request message individually. – dbreaux Dec 01 '15 at 20:44
1

I'm using it with to access Redmine REST API and it's working. In navigation pane, right click on the service node (that with the URL of the service), select "Show Service Viewer". In the Service Viewer, select "Service Endpoints" tab and fill the username and password fields. I'm not sure about "mode", but I'm using COMPLEMENT. After that, for each request, select "Auth" tab and specify "Basic". Let username and password fields empty. Click "Authenticate pre-preemptively" to force the authentication header (without wait for a challenge from the server). – jramos Jan 12 '16 at 19:37
For some requests, no need to set Authorization tab, I'm not sure why. Remember my target is Redmine, I'm not sure the behavior with another services. – jramos Jan 12 '16 at 19:48
6

It doesn't actually put auth on all the requests. Even if you have preemptive auth configured in HTTP properties. You still have to go through to all your requests one by one and turn on auth in the auth tab. Pretty much pointless. – Keith Tyler Feb 01 '17 at 00:53
I feel I'm almost there but it is still not working. Do I need to put anything else besides UserName+PassWord+Domain? Thanks – Luis Gouveia Feb 22 '17 at 18:15
1

Just a minor note: for me, the context menu item is called 'Show Service Viewer' and not 'Show Interface Viewer' (v5.3.0 osx) – João Matos Mar 28 '17 at 13:20
@Keith: I didn't have to touch every request. When I added the service wsdl, I told it to generate default requests. Not sure if that's necessary though. – goku_da_master Jun 19 '17 at 18:53
1

@Luis: For the username try: domain\username. Put your password in the password field. Keep the domain field blank. – goku_da_master Jun 19 '17 at 18:54

score 9 · Answer 2 · edited Aug 12 '15 at 18:54

9

There is a few ways to do this:

Set credentials on the Endpoint level. Of course this is then used for all Test Steps where that Endpoint is used.
Set credentials on Test Case level (click on the key icon). The credentials propagate down to each Test Step.
Use Custom Project Properties to store the credentials, then use Property Expansion in the Auth tab on each Test Step to grab your Custom Properties (username/password) http://www.soapui.org/Scripting-Properties/working-with-properties.html
http://www.soapui.org/Scripting-Properties/property-expansion.html

edited Aug 12 '15 at 18:54

Tuna

2,937
4
37
61

answered Aug 29 '11 at 14:44

Magnus Blomstedt

99
1

2

How is step 1 done? How do you add the credentials directly to the endpoint? – goku_da_master Oct 24 '14 at 15:31
2

2 and 3 only work in a testsuite, not in the request objects in the service definition. And 1 does not work without still going into every method and configuring auth. Pretty much pointless to put it in the endpoint definition when you still have to activate it into every method. I don't know why it doesn't have a mechanism to always do auth if auth credentials provided, but I'm pretty convinced no one at SB actually uses their own product. – Keith Tyler Feb 01 '17 at 00:55

score 0 · Answer 3 · answered Jan 23 '18 at 13:46

In ReadyAPI (SOAP UI Pro) version 2.2.0:

In Projects Tab, in the upper part, there is a Auth Manager

In this manager, create an authentication profile in the Auth Repository tab, with proper username and password. Leave Domain blank and set Authenticate Pre-emptively

In the Auth Manager tab, select the required upper level from which you want to apply your credentials (I used the top one) and, in the authorization method column, select your profile. On the 'extension to children' request say 'yes', they all should switch to the state 'Inherit From Parent'.

When you generate the TestSuite from your project, all your requests will inherit from the parent and apply the credentials you set in the profile.

score 0 · Answer 4 · answered Dec 03 '19 at 13:58

If you use rest services in soapUI, first do the following, as goku_da_master described:

Right click on the service name and choose "Show Service Viewer". Then go to the "Service Endpoints" tab. Put your authentication info there.

Since I can't find a way to apply these settings in bulk to all the requests, the easiest workaround is to apply the settings to 1 request, save the project (as xml), and do a simple find replace in your code editor

Open a random Request 1, in the request tab click on the Auth button in the bottom left corner. At Authorization: select 'Add new authorisation...' and select Basic. Maybe you also need to enable the Allow pre-emptively setting. You can test this request now.

Now save the project and open it with your code editor, I use vsCode since it allows multi-line find-replace and has an xml format function (or plugin). So my find and replace looked like this:

                <con:credentials>
                    <con:username>***</con:username>
                    <con:password>******</con:password>
                    <con:domain xsi:nil="true"/>
                </con:credentials>
------------------------------------------------------------------------
                <con:credentials>
                    <con:username>***</con:username>
                    <con:password>******</con:password>
                    <con:domain xsi:nil="true"/>
                    <con:selectedAuthProfile>Basic</con:selectedAuthProfile>
                    <con:addedBasicAuthenticationTypes>Basic</con:addedBasicAuthenticationTypes>
                    <con:preemptive>true</con:preemptive>
                    <con:authType>Preemptive</con:authType>
                </con:credentials>

Setting up HTTP Basic Authentication for all requests

4 Answers4