Skip to main content

Development

How to Get an HTTP Cookie for Web Service Authorization in SoapUI

A web service may need credentials to allow a client to make a request call to the report server. The authorization method depends on the security settings for your report server. SoapUI is a popular web service testing tool, and testers need to send authentication information in SoapUI to the server before testing target requests.

Authorization Types

SoapUI provides a UI function to get credentials for basic authorization, NTLM authorization, and OAuth 2.0 authorization. Testers just need to select the authorization type and type their username, password and domain, then the request can pass the authorized information to the  server. But some servers need the sessionID or cookies to validate, rather than the username. In this blog post, we will discuss how to get the HTTP cookie as a credential.

Get Credentials from HTTP Cookie

Here is a sample where the user has to login to a site and then receives the cookie in the response header. Then, when the user visits the target web service request, the request will catch the cookie to pass authorization in a report server. We can accomplish this with three steps:

1. How to identify the HTTP request for authorization from browser

Get the log-in form, submit the URL using firebug or Chrome. The HTML source code is similar to:

<form data-ajax=”false” name=”loginForm” action=”/Login/cws/processlogin.htm” method=”POST”> Get the parameters for this post operation as below.

How to Get an HTTP Cookie for Web Service Authorization in SoapUI

2. Create an HTTP request in SoapUI with parameters.

The endpoint URL should be https://localhost/Login/cws/processlogin.htm. The parameters should match the three fields we catches in step 1.

How to Get an HTTP Cookie for Web Service Authorization in SoapUI

3. Pass the cookie to the next target step.

We can see the cookie is created in the headers of the login http request.

How to Get an HTTP Cookie for Web Service Authorization in SoapUI

A groovy script can help fetch the sso cookie. The script is as follows:

def setCookie = testRunner.testCase.testSteps[“login”].testRequest.response.responseHeaders[“Set-Cookie”]

def re = /(SSOCookie=.*,)/

def matcher = ( setCookie =~ re )

def cookie = matcher[0][0]

def map=[:]

testRunner.testCase.testSteps[“ship”].testRequest.requestHeaders=map

def headers=testRunner.testCase.testSteps[“ship”].testRequest.requestHeaders

headers.put(“Cookie”, cookie)

testRunner.testCase.testSteps[“ship”].testRequest.requestHeaders=headers

Then the cookie has been added to the header of teststeps “Ship” and the communication with the response server can succeed.

 How to Get an HTTP Cookie for Web Service Authorization in SoapUI

Reference

http://www.soapui.org/

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Cathy Zhang

More from this Author

Categories
Follow Us
TwitterLinkedinFacebookYoutubeInstagram