When you access the server manually you get one of the pop-up dialogs, depending on which browser you are using.

HTTP Authentication pop-up in Chrome

HTTP Authentication pop-up in Safari

HTTP Authentication pop-up in Opera

HTTP Authentication pop-up in Internet Explorer

HTTP Authentication pop-up in Firefox

If you fail to get the username and password correct after a number of retries (usually three), you will get a 401 Unauthorised HTTP result code from the server.

HTTP result code 401 - Unauthorized

So how do we get round this in Selenium? As we have mentioned in our articles, Selenium does not start processing until the onLoad() event has fired. Since no content has yet been delivered by the web server to the browser, this hasn’t yet happened, so we’re stuck.

Fortunately, there is a workaround. In RFC 1738, which covers URLs (Uniform Resource Locators), we are able to use a username and password in the URL. The following quote from the RFC explains how a URL is constructed:

; URL schemeparts for ip based protocols:

ip-schemepart  = "//" login [ "/" urlpath ]

login          = [ user [ ":" password ] "@" ] hostport
hostport       = host [ ":" port ]
host           = hostname | hostnumber
hostname       = *[ domainlabel "." ] toplabel
domainlabel    = alphadigit | alphadigit *[ alphadigit | "-" ] alphadigit
toplabel       = alpha | alpha *[ alphadigit | "-" ] alphadigit
alphadigit     = alpha | digit
hostnumber     = digits "." digits "." digits "." digits
port           = digits
user           = *[ uchar | ";" | "?" | "&" | "=" ]
password       = *[ uchar | ";" | "?" | "&" | "=" ]
urlpath        = *xchar    ; depends on protocol see section 3.1

; HTTP

httpurl        = "http://" hostport [ "/" hpath [ "?" search ]]
hpath          = hsegment *[ "/" hsegment ]
hsegment       = *[ uchar | ";" | ":" | "@" | "&" | "=" ]
search         = *[ uchar | ";" | ":" | "@" | "&" | "=" ]

Or as a simplified version, your URL needs to look like:

http://username:password@www.mydomain.com/secretarea/

Note that this won’t work on Internet Explorer, since Microsoft has disabled usernames/passwords in URLs as a security measure. If you want to get round this on an installation you have access to, you can add that functionality back in by modifying your registry, as described in the Microsoft Knowledge Base article http://support.microsoft.com/kb/834489.

How to disable the new default behavior for handling user information in HTTP or HTTPS URLs

// To disable the new default behavior in Windows Explorer and Internet Explorer, create iexplore.exe and explorer.exe DWORD values in one of the following registry keys and set their value data to 0.

• For all users of the program, set the value in the following registry key:
  HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
• For the current user of the program only, set the value in the following registry key:
  HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

If you use Selenium RC (Remote Control), this is done automatically, as of version 0.9.2. As Cloud Testing is built upon Selenium RC, this is taken care of for you already.

For full details of the services and features available from Cloud testing see www.cloudtesting.com