grails embedded server functional testing needs to have valid ssl cert - grails

I have been scouring the web for how to solve my problem with grails functional testing using embedded server + ssl, and would very much appreciate any help with the problem I'm having.
We have had good success so far testing our Grails webapp with Firefox using Selenium WebDriver 2. We run functional tests automatically from our Jenkins server (and sometime our local machines) using the functional-test plugin to start and stop our app, and the webdriver plugin in conjunction.
This line:
profile.acceptUntrustedCertificates = true
that is used for the profile of the new Firefox instance has been effective for us in making everything SSL totally valid as far as the browser is concerned during our tests with Firefox.
So, although that setup is working great with Firefox, we still need to run a parallel set of tests for IE 8, but I simply cannot figure out a way for webdriver to deal with the SSL warnings/obstacles of IE 8.
Because we are purely Mac (dev)/Linux (jenkins, etc) here, we run IE 8 in a Win 7 VirtualBox VM. Then from the Win 7 VM instance we run the standalone WebDriver server. It works fine up to the point where the test reaches the SSL part of our webapp, at which point I get the IE SSL warning page, and the test is derailed.
We bought a cheap godaddy SSL cert to use for this very reason, hoping to make IE happy, but I have not been able to figure out a way to make our certificate appear as valid and CA signed one, rather than just self-signed. When I examine the certificate in Chrome for example, it does show my certificate, but also that it is self signed. It's CN is along the lines of testbox.example.com and I have added to /etc/hosts the line: 127.0.0.1 testbox.example.com.
I generated the CSR with java keytool and then imported the resulting signed certificate, and intermediate certificate, cross certificate, etc, per the instructions on the godaddy site. I saw somewhere that grails requires it's keystore to retain the password 123456, which I have done.
I have done SSL configs successfully for regular servers, e.g. standalone glassfish and tomcat, but I have just really hit a wall on this issue.
Thanks!
Jamie

Another aproach:
You mentioned that changes in the IE settings don't work since the WebDriver creates a new IE instance.
IE stores a lot of settings in the windows registry. So "IE registry certificate" could be a good start to google your problem. Here is one promising result:
http://www.ehow.com/how_5024374_fix-certificate-error-internet-explorer.html
Since you run your IE in a virtual machine, I guess it is OK to disable the IE security features on this vm. Otherwise I have to admit that it's not a good idea to disable such a security feature by default.

For testing just install your certificate into IE 8.
See What do I need to do to get Internet Explorer 8 to accept a self signed certificate?

I know it's not a very clean solution, but out IE8 displays a warning that something is wrong with the certificate. This warning itself is a valid HTML page and your are able to click the link which says something like "ignore this, display the page".
You only have to this once for a session. So we simple have a small step in our tests which checks after invoking the first page if we get the error message. If yes, we automatically click the link and the rest works fine.
Again: I know it's not a clean solution. But it works for us. And having to configure the java keystores the right way can be a pain. :-)

Related

Websites detecting and blocking Selenium Chromedriver

I got a task to update a URL in a test (using Selenium, Java and Chromedriver) to a new URL. The page is the same, just at a new location. This test worked fine with the old URL.
I brought up an instance of Chrome and verified I could access the URL.
Then I changed the URL, committed to git, and ran on our Jenkins machine and it failed. The screenshot said "This site can’t be reached". I told a co-worker that I think the URL must be wrong (though it worked on my desktop without Selenium). He tried it and it loaded fine. I tried it again from a regular Chrome window and it loaded fine. I tried from Eclipse using Selenium and I got the message about the site could not be accessed.
So I ran Eclipse, stopped it right when Chrome came up but hadn't loaded a URL yet. I manually entered the URL (from copy/paste) and got "This site cannot be accessed). Then I brought up a regular Chrome window and pasted the URL in and it loaded fine.
I decided to look for differences. So in my regular Chrome window it was "Version 77.0.3865.120 (Official Build) (64-bit)". I did the same on the version running under Chromedriver and got "Version 77.0.3865.120 (Official Build) (64-bit)". So the same.
I did a search for the latest Chromedriver. It said for version 77 to please use 77.0.3865.40. This was not what I was using. So I downloaded the correct version and thought "surely this will fix it". I verified it was 77.0.3865.40 coming up. But, as you guessed it, I got the same problem after updating to the most compatible Chromedriver.
Some searches said that basically nothing would be able to tell, but there was one property that Chromedriver inserts. I don't know whether this would be enough to block a session using Chromedriver?
The only thing I can think of is that we have iBoss and possibly iBoss is blocking it? Either that or somehow the site is blocking it.
I would like to share the URL with you but I do not know whether that would be violating company policy. If I get permission, I will share the URLs.
by the way, the error is "ERR TUNNEL CONNECTION FAILED"
Got some internal help to help fix some settings

Selenium jobs not running on jenkins CI server

We have automated 5 test cases and ran locally and seems to be worked fine. When the same code base is running on CI server(linux box against firefox browser), It failed to execute. However I used xming to see the GUI execution part and observed the browser is keep on loading and not displayed any web element to perform action. I just cross check with whether its proxy issue, and handled through code as below: (Due to security issue I can't able to share proxy details, but I pinged It returned proper response.)
Sample Code(created firefox profile):
profile.setPreference("network.proxy.type", 1);
profile.setPreference("network.proxy.http", "someproxy.com");
profile.setPreference("network.proxy.http_port", 8090);
//Other dependencies like "No Proxy for" is added in firefox.
profile.setPreference("network.proxy.no_proxies_on","localhost, 127.1.1.1, prt-www.xxx.com, ti.xxx.com, s3, xxx.com" );
DesiredCapabilities desired = DesiredCapabilities.firefox();
desired.setCapability(FirefoxDriver.PROFILE, profile);
I really don't understand the root cause for this issue. Can somebody tell me what would be the root cause for this issue?
I check the firewall in that box , and It has been stopped.

Intern test framework hangs/does nothing when used with Appium 1.4.13 on an iOS device for mobile web

I just started looking into using the intern test framework to write functional tests for our mobile web apps. I'm looking to run these tests on actual iOS devices.
I setup Appium as the selenium server talking to the intern client. It works as expected on the simulator (although I get 'method not implemented' for many of the touch related methods).
I then decided to configure everything to work on my iPhone 6 plus, running iOS 9.0.2
After much wrangling with instructions from here, I got all the various pieces working in tandem (ios-webkit-debug-proxy, appium-server from the repo, etc.)
Finally, I decided to run my tests. When I run the test runner, Safari on my device starts up (via SafariLauncher App), and ios-webkit-debug-proxy and appium-server seem to be talking to each other. However, intern simply posts a 'created session on...' message, and then does nothing.
To ensure that the server was running properly, I decided to use a rest client to send it POST and GET requests using the JSONWire Protocol methods, and it seems to be loading the web-page url and responding to JSONWire requests. So clearly, something is going wrong with Appium talking to intern, or vice-versa.
Any help/insight on this would be greatly appreciated. Thanks!
I'm also in the unique position of having to run these locally, so using SauceLabs, BrowserStack, etc. is out of the question.
Got it working!!!
So the trick was to specify the proxyUrl config option.
My original conjecture was that there might have been some issues with basePath, etc., but I noticed my console.log statements that were outside of test cases were running properly.
That's when I noticed that the Safari page tried to navigate to localhost right after the test had started. This is my first time ever working with Intern or Appium or any Selenium stuff for that matter. Because you cannot access localhost (which in this case was meant for accessing the Intern server on my computer, since you're running the tests on your computer, and not on an external device), from the iPhone, I specified proxyUrl and proxyPort in the config, and specified my computer's local IP (192.168.x.x) and the Intern server port (9000). It still didn't work. I looked at the URL in Safari and noticed that it wasn't using the proxyPort field - so that the URL looked like: 192.168.x.x/__intern/clie... So I just tried to enter the port in the proxyUrl option - as that option's a string - 192.168.x.x:9000. And voila - it worked!!!
So hopefully this helps some other soul looking to have a native mobile test working with this setup!

grails: get redirect loop when deploying to Jetty server, but works fine using Jetty in development mode

NOTE: I put a bounty on this question. I was not able to put a bounty yet on a similar BUT SIMPLER question, here. It is fine if you can help with this simpler question, and then we can put the answer on this one too. In the simpler question you can create the scenario yourself quite quickly. And I also downloaded Jetty 9.1.0 -- so I don't care if it works with 9.05 or 9.10, either version is fine.
I installed Spring Security Core to get the "channel security" feature, namely to indicate which controller actions require an ssl connection.
This works fine in development mode using a Jetty server -- e.g. /cert/page1 defined at bottom, it asks to approve an https connection as expected.
When I deploy the (production) WAR file to Jetty 9 server (hosted externally), I get a redirect loop indication when I go to the same controller/action (using Chrome), or then on Firefox it also indicates "page isn't redirecting properly". I cleared cookies in Chrome just in case, and same problem.
I created an SSL certificate for the Jetty 9 server following directions (using external cert agency) and to install it I looked at various ssl articles on Jetty, and then found it appears simplest to alter the start.ini file, which I did, uncommenting the following lines and pointing to my sslcert/keystore:
#===========================================================
# SSL Context
# Create the keystore and trust store for use by
# HTTPS and SPDY
#-----------------------------------------------------------
jetty.keystore=sslcert/keystore
jetty.keystore.password=xxxxx
jetty.keymanager.password=xxxxx
jetty.truststore=sslcert/keystore
jetty.truststore.password=xxxxx
jetty.secure.port=8443
etc/jetty-ssl.xml
#===========================================================
# HTTPS Connector
# Must be used with jetty-ssl.xml
#-----------------------------------------------------------
jetty.https.port=8443
etc/jetty-https.xml
Is there a general way I can tell if Jetty will take any https page request? In it's log it seems to come up okay from what I did, namely:
2013-10-04 20:48:43.520:INFO:oejs.ServerConnector:main: Started ServerConnector#73c87405{HTTP/1.1}{0.0.0.0:80}
2013-10-04 20:48:43.692:INFO:oejs.ServerConnector:main: Started ServerConnector#4194f034{SSL-http/1.1}{0.0.0.0:8443}
Also, for the my Config.groovy defining the secure channels I have:
grails.plugins.springsecurity.secureChannel.definition = [
'/cert/cpnimember': 'REQUIRES_INSECURE_CHANNEL',
'/cert/page1': 'REQUIRES_SECURE_CHANNEL',
'/cert/page2': 'REQUIRES_SECURE_CHANNEL',
'/cert/page3': 'REQUIRES_SECURE_CHANNEL',
'/cert/page4': 'REQUIRES_INSECURE_CHANNEL'
]
I'm not sure how to debug this. I'd like to go to some page on my jetty 9 server that requires https/ssl just to make sure that it works without the spring-security core defined channels, but don't know what that is.
Can you provide help on how to debug this or what is wrong?
Thanks.
This question is a similar answer to the simplified question I created and offered a bounty. Now that the other question's bounty is awarded I can remove this question. BUT, it is not letting me remove or delete it, so ...
It seems to me that Jetty is redirecting an anonymous request to be logged in (authenticated) to some login screen. Does a login screen exist?

How to fix lost connection to Access Database after Deploying ASP website to IIS?

I am fairly new to ASP, so if anything doesn't make sense, or you think, "WHY WOULD YOU DO THAT?", it's becasue I really didn't know.
So the issue is that I created a Website using Visual Studio 2012 Express for Web. It was an ASP.NET MVC. I have spent over a week, working on this, doing testing and getting everything to work and look correctly. So I started the process of deploying it. I followed a couple guides, and felt like I did everything correctly.
Right now I am only trying to test my website on , and my first screen shows up. This screen is a "login" screen of sorts and is supposed to connect to my Access Database to check to see if a user should be admited to the next screen. But clicking the "Submit" button doesn't even open the Database. All of this works fine when I run it in Visual Studio.
What can I do to get this working?
Some steps I have tried and failed at:
-Redeploying
-Changing location of the Access DB
-I started to try to install configure and convert my Access Database to SQL Server, but I haven't been able to get that to work either.
If anyone has any suggestions, please let me know. If you need code examples or IIS settings, I will get them to you as fast as I can, but please help me because I don't want to have lost over a week of work.
Thanks,
D
Edit: After taking the suggestion from HansUp, it lead me to some other search terms that lead me to http://www.iis.net/learn/application-frameworks/running-classic-asp-applications-on-iis-7-and-iis-8/using-classic-asp-with-microsoft-access-databases-on-iis. I am using a 64-bit machine, and my application pool in IIS was not set to run 32-bit applicaions which when using Access ODBC drivers that are 32-bit casue a problem.
Set the IUSR account to Read/Write for the DB file and folder where the DB file is located.
Then, seeing as I was using a 64-bit machine, and the Access ODBC drivers that were being used were 32-bit, I had to set "Enable 32-bit Applications" to "true" in IIS, for the Application Pool that my site was using.
This is a link to where I found the 64-bit 32-bit solut
http://www.iis.net/learn/application-frameworks/running-classic-asp-applications-on-iis-7-and-iis-8/using-classic-asp-with-microsoft-access-databases-on-iis

Resources