Karate tooling : How to make rest api kerberised calls/SPNEGO authentication? [duplicate]

Question

We have a basic use case to connect to webserver and get an ack back but having issues in Authentication. Scenario : Feature sample

Given url <>

And header Content-Type= 'application/json;'

And header AuthScheme='KEBEROS' #hasnt helped though

When request <>

And method POST

Then status 200

Error in logs: 'You were not able to be authenticated using SPNEGO'

I have tried few options to add VM arguments for KRB5 but didnt seem to help.

Let me know if any else faced this and how you handled this in config. We are checking the option to have a custom class for http but wanted to check if any property can be defined correctly above or in config.

Answer 1

As long as you can figure out the right cookies and headers, you should be able to get it to work.

Also refer this answer: https://stackoverflow.com/a/51150286/143475 - yes, it is possible you need to depend on some .NET code to get you the token, but there are various ways to do this.

Note that for the sake of testing, you could consider standing up a service only for testing in your intranet - that will give you the right "magic" header that is needed.

And note that Karate can do browser-automation, so if it means you need to perform a sign-in using a browser and get the cookies, consider that: https://github.com/intuit/karate/tree/master/karate-core