2

I'm trying to automate testing of an ASP.NET (not MVC) website that uses Forms authentication.

I want to simulate what happens when a user submits a particular form; to do this, my code can POST to the corresponding URL - but that won't work unless my code can first log in as my test user.

I've tried posting to the LogOn page (supplying a suitable username and password), but this fails - and I think it fails because the website uses ASP.NET event validation. (If I use Fiddler to watch what's sent to and from the browser, there's an __EVENTVALIDATION hidden form item).

I'm guessing that I'll need to visit the login page once, get the __EVENTVALIDATION value, and include that when I post the username and password to the LogOn page?

Is that all I need to do, or is spoofing a Forms-authentication-based website a non-starter?

Improve this question
2
  • possible duplicate of HttpClient and forms authentication in C# Commented May 4, 2015 at 14:07
  • @CodeCaster: I've edited the question to include the extra complication of __EVENTVALIDATION which is not addressed in the question you referenced. Commented May 4, 2015 at 14:28

1 Answer 1

Reset to default
4

Well, in case it helps anyone else, I was able to get this working by issuing a GET request to the LogOn page, extracting the values of the __EVENTVALIDATION, __VIEWSTATE and __VIEWSTATEENCRYPTED hidden form fields from the returned HTML, and then POSTing those values back to the LogOn page along with the rest of my form values (user name and password).

I'm using a single instance of HttpClient throughout, so the ASP.NET session cookie is preserved between requests.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I was looking to do this from Python. For anyone else in that boat, this approach also works using requests (with Session) and bs4.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.