Server returned HTTP status code 401:
Since publishing my UFT book The UFT API Testing Manifesto – A step-by-step, hands-on testing guide for the masses, I've received a few emails from folks who are receiving this error message: Server returned HTTP status code 401: Unauthorized while attempting to run their API tests.
More about the 401 Unauthorized error
According to Wikipedia, the 401 Unauthorized message is “401 Unauthorized is similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided.[2] The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication.”
Why this 401 error occurs in UFT API
Sometimes the server you're testing against expects to receive authentication information before transport. For this reason, you must add some additional information to your API request's HTTP header. This can be done using custom code in BeforeApplyProtocolSettings event handler.
How to add a username and password to your HTTP Request Header
- In your test, click on the web service activity on your main canvas area.
- Under its Properties section, click on the Events icon.
- Select the Create a default handler…option from the BeforeApplyProtocolSettings event.
- In the TestUserCode.cs file, under the StServiceCallActivity5_OnBeforeApplyProtocolSettings method, add the following (note your StServiceCallActivity number might be different)
- Create a string variable that contains the user name and password your server needs for authentication:
string myAuth = “Basic” + Convert.FromBase64String(System.Text.Encoding.ASCII.GetBytes(“YourUserName:YourPassword));
- Next, add your authentication variable value as a parameter to the HttpRequestHeaders Add method:
this.StServiceCallActivity5.HttpRequestHeaders.Add(“Authorization”,myAuth);
- Run your test. You should no longer receive a 401 error message.
More UFT API Automation Awesomeness
For more UFT API Automation Awesomeness, tips, tricks and how-tos, check out my new book The UFT API Testing Manifesto – A step-by-step, hands-on testing guide for the masses –now available on Amazon.com!
Don't own a Kindle? No Problem — you can still read my book!
I'm aware that some of you have had trouble accessing my books in the past. The truth is that you don't need a Kindle! There are a variety of free ways you can read a Kindle eBook:
- Read it on your PC or Mac (Kindle Cloud Reader)
- Read it on your iPhone or iPad (iTunes App)
- Read it on your Android (Kindle for Android)
- Read it on your Blackberry (Kindle for Blackberry)
In short, it's really simple to read Amazon Kindle books, no matter what type of device you use to access the Internet.
Is that double quote missing in GetBytes argument?
string myAuth = “Basic” + Convert.FromBase64String(System.Text.Encoding.ASCII.GetBytes(“YourUserName:YourPassword));
When I used this code, UFT says the it cannot convert byte[] to string and the compile fails.
Thanks
Yes – Sorry Rick! I will update the screenshot after the Holidays. The line should be:
string upAuth = “Basic ” + Convert.ToBase64String(System.Text.Encoding.ASCII.GetBytes(“USERNAME:PASSWORD”));
Even after updating the above line of code i am facing the issue in compiling.It says it cannot convert byte[] to string
Sorry not sure why its not working for you. Any chance you could contact HP support and find out why? If i could report I would contact myself.
Hi Joe,
I tried encoding the username and passwork thorough some base64 encoder and tried passing it .I was getting compiled but returning 401 error again
public void StServiceCallActivity5_OnOnSendRequest(object sender, HP.ST.Ext.WebServicesActivities.ActivityProcessRawMessageEventArgs args)
{
//TODO: Add your code here…
this.StServiceCallActivity5.HttpRequestHeaders.Add(“Authorization”,”Basic cWNtc2VydmljZTAiMTiUMHM4aDJGeXFXMiA=”);
}
tried without concatinating Basic also as below:
public void StServiceCallActivity5_OnOnSendRequest(object sender, HP.ST.Ext.WebServicesActivities.ActivityProcessRawMessageEventArgs args)
{
//TODO: Add your code here…
this.StServiceCallActivity5.HttpRequestHeaders.Add(“Authorization”,”cWNtc2VydmljZTAwMTpUMHM4aDJGeXFXMiA=”);
}
Sorry Joe.I am passing it in Before apply protocol settings method as below
public void StServiceCallActivity5_OnBeforeApplyProtocolSettings(object sender, HP.ST.Ext.WebServicesActivities.Models.StChannelsBindingStack args)
{
//TODO: Add your code here…
this.StServiceCallActivity5.HttpRequestHeaders.Add(“Authorization”,”cWNtc2VydmljZTAwMTpUMHM4aDJGeXFXMiA=”);
}
Tried passing by appending “Basic” as well as without “Basic”.But no luck.It is returning 401 error
Joe,
I would like to capture the HttpStatusCode that is returned if the call fails. I see it in the run result but I can’t figure out how to capture it in code. Any ideas on how to get this value?
Hi Joe,
Why can’t we use the Header section in the Input tab of Properties for providing the authentication details?
~ Rick
Hi Joe,
Cool, have you ever run across a HTTP request behind a log-in page? I have some of these and always get a 302 redirect, obviously because it has to go to the log-in page first. What’s the best way to handle this in Service Test or UFT API?
Thanks, Nick
I’ve found that sending a Base64 Authorization POST with a redirect option works in most cases with the HTTP requests. However I am running into a “409 Conflict” error on some pages that require a login. I have your book but didn’t see anything about this situation, I was think about your solution above but it’s not really a REST Service or anything so I don’t have a OnBeforeApplyProtocolSettings Activity. Any ideas?
Thanks
Nick or Joe-
were you able to use this authorization for REST services. I even do not see Onbeforeapplyprotocolsettins events? Any idea why I do not see?
Krishna
Hi Joe,
I am facing an error in trying to post data from an XML file using POST request to REST API Service. I am not using API Test type of UFT but using vbscript code (Microsoft.XMLHTTP ) to post data from XML to api server. However at objRestReq.Send strXMLContent step I get Operation Aborted error and error description is “Unknown” .Status code returned is 1223. However the data is correctly posted to GUI. I also tried to do the same flow using Service Test of UFT(API Test Type) and status code returned is as expected. Please help me resolve this error
Hi,
I follow your book “The UFT API Testing Manifesto” and I have 404 error when i have been added this WSDL : “http://www.webservicex.net/geoipservice.asmx?WSDL”
Error :”Couldnot download ‘http://www.webservicex.net/geoipservice.asmx?WSDL’ …error 404
What should I do ?
Hi Stephacho, unfortunately, it looks like http://www.webservicex.net/ no longer host this web service. I need to find another public WSDL as a substitute