Skip to content

NTLM Integration Test Plan

Jump to bottom Edit New page
Roger Leite edited this page Jan 11, 2013 · 16 revisions

The following writeup describes how to setup an NTLM enabled connection via Windows Server in order to test savon/httpi over NTLM connections.

SETUP

Windows Server 2012 VM Setup

  • First, download the Windows Server 2012 Evaluation VHD from Microsoft. (You'll need to login with a free Microsoft LIVE account and fill out some marketing information.)

  • Next, extract the VHD (if in windows, you can run the exe to do this, otherwise, use Rar to extract. You may use any vm capable of running VHD, I used VirtualBox.)

  • Create a new VM and point it at the extracted VHD. Set networking to bridged adapter (so that you can test the guest server from your host system.)

  • Once you boot the VM and set the admin password, you can log in. Server Manager will automatically startup.

  • [OPTIONAL] Click Local Server and change the Computer name to "ntlmtest" and restart. (this is optional, if you want to use the existing default name for the guest server you can.)

Installing IIS 8

  • Follow the instructions to install IIS8.

  • [IMPORTANT] When you get to the page "Role Services", Look under "Web Server: Security" and check "Windows Authentication" (this is NTLM). Install IIS.

  • From a browser on your host OS, you should now be able to go to the IIS8 server and see the default page: http://ntlmtest

Changing the Authentication for the Default Web Site

  • In the Server Manager select "Tools: Internet Information Services (IIS) Manager".

  • Expand the list in "Connections" and find the "Default Web Site". Left click it.

  • Double-click "Authentication" and then select "Anonymous Authentication". Click "Disable" on the right Action menu.

  • Next, select "Windows Authentication" and then click "Enable" on the right Action menu.

  • Restart your browser and go to http://ntlmtest. You should see an authentication prompt. Enter garbage and confirm failure. Next, we will setup a test account for access.

Adding a test user account

  • From "Server Manager", select "Tools: Computer Management".

  • Expand "Computer Management (Local): System Tools: Local Users and Groups". Right-click on the "Users" folder and select "New User..."

  • Enter user name: "tester", and password: "vReqSoafRe5O". Uncheck "User must change password" and check "User cannot change password" and "Password never expires". Click Create.

  • Now, go back to your test page: http://ntlmtest and enter your user/pass. You should now be authenticated and see the page.

Your server is now configured for NTLM integration tests with HTTPI. Once a request is correctly processed over NTLM, you should be able to use Savon to access web services, although this test plan does not cover setting up a web service.

INTEGRATION TESTS

Manual Test

create a new ruby test area (preferably with RVM).

use the following Gemfile:

source :rubygems
gem 'httpi', :git => "https://github.com/coldnebo/httpi.git"

use the following test.rb:

require 'rubygems'
require 'httpi'

user = "tester"
pass = "vReqSoafRe5O"

HTTPI::Adapter.use = :net_http
request = HTTPI::Request.new("http://ntlmtest")
request.auth.ntlm(user,pass)
response = HTTPI.get request

puts response.raw_body

Execute:

$ bundle install
$ bundle exec ruby test.rb

You should see the HTML contents of the default IIS page.

Running Test Specs within the Gem

If you have cloned this fork locally and run bundle install to setup the gem development environment, you can run two variations of the integration test above using rspec.

The standard integration tests include a Rack-simulated NTLM exchange. Just run rspec as usual:

$ bundle exec rspec

If you want to run a variation of the test that points at the external Windows 2012 Server you configured above, then add NTLM=external as an environment variable:

$ NTLM=external bundle exec rspec
Add a custom footer
Add a custom sidebar
Clone this wiki locally