This patent application is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: "When developing software applications, developers may employ automated testing tools that exercise functionality of software applications with minimal or no user input from a human during the testing cycle. Automated testing tools may employ Application Programming Interfaces (APIs) provided by applications and operating systems to send commands to the software application being tested, in order to interact with the software application (e.g., to select menu options, to provide textual input, to press buttons, etc.). For example, when developing a web-based software application (web application), a developer may employ automated testing tools that utilize APIs of a web browser to interact with the web application. For example, automated testing tools may utilize web browser APIs to select Hypertext Markup Language (HTML) links, to interact with popup dialogue boxes, to provide textual input to text fields, etc.
"Frequently, web applications include authentication mechanisms. For example, an e-mail web application may request user authentication before granting access to the e-mail web application. The request for user authentication may cause a web browser to display a popup authentication dialogue, which includes fields for a user to provide user credentials (e.g., username and password) and one or more buttons (e.g., for submitting the user credentials, for dismissing the dialogue, etc.). To authenticate, a user would typically provide user credentials and select a button for submitting the credentials, which would result in access to e-mail web application if the user credentials are valid. Accordingly, automated testing of web applications may involve dealing with authentication that involves use of popup authentication dialogues.
"One way to perform authentication during automated testing involves providing a 'back door' into the web application. For example, a developer may include functionality for accessing the web application in a manner that bypasses user authentication. However, since inclusion of back doors introduces a significant security risk, developers may include the back door only in a testing version of the web application. This means that the developer must maintain at least two separate versions of the web application, including the testing version and a 'live' version. This also means that automated testing tools only test the testing version of the web application, and not the live version that is actually deployed.
"Another way to perform authentication during automated testing is to include functionality in the automated testing tools for automatically supplying user credentials in any authentication dialogues that are displayed by a web browser. For example, an automated testing tool may be programmed to provide a particular username in a 'username' field of an authentication dialogue, to provide a particular password in a 'password' filed of the dialogue, and to press an 'ok' button of the dialogue. However, different web browsers display authentication dialogues in different ways. For example, an authentication dialogue from one web browser may include a 'username' and a 'password' field along with a 'submit' and a 'cancel' button, while an authentication dialogue from another web browser may include an 'account name' and a 'passphrase' field along with an 'ok' and a 'dismiss' button. In addition, different web browsers may provide different APIs for interacting with authentication dialogues. Each type of web browser may even change the way it presents authentication dialogues from version to version. As such, programming automated testing tools to automate use of authentication dialogues can be difficult, especially when supporting a broad range of web browsers and a large number of versions of the web browsers."
In addition to the background information obtained for this patent application, VerticalNews journalists also obtained the inventor's summary information for this patent application: "At least some embodiments described herein relate to authenticating a user for testing purposes. For example, embodiments may include triggering a web server authentication module that obtains authentication tokens based on user credentials, while refraining from generating any interactive authentication dialogue. As such, some embodiments can facilitate automated authentication during testing of web application code that is intended for deployment, while eliminating the need for authentication-related back doors.
"In some embodiments, authenticating a user for testing purposes includes a web server receiving a request from a client. The request includes an authentication credential and is formatted in a particular manner for being handled by a particular authentication module that is registered with the web server. The authentication module is configured to obtain authentication tokens based on user credentials included in requests that are formatted in the particular manner, while refraining from requesting any interactive authentication dialogue. Based on the request, the web server consults a set of authentication modules that includes the authentication module. Consulting the set of authentication modules includes passing a portion of the request, including the authentication credential, to the authentication module. Based on consulting the set of authentication modules, the web server obtains an authentication token from the authentication module. The web server returns the authentication token to the client.
"In other embodiments, authenticating a user for testing purposes includes an authentication module at a web server receiving a request to authenticate. The request is formatted in a particular manner that triggers the authentication module as opposed to other authentication modules at the web server. The authentication module determines that the request is formatted in the particular manner. Based on the determination, the authentication module extracts an authentication credential from the request. Based on the extracted authentication credential, the authentication module obtains an authentication token from an identity provider, while refraining from generating any interactive authentication dialogue. The authentication module returns the authentication token.
"This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
"In order to describe the manner in which the above-recited and other advantages and features of the invention can be obtained, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings. Understanding that these drawings depict only typical embodiments of the invention and are not therefore to be considered to be limiting of its scope, the invention will be described and explained with additional specificity and detail through the use of the accompanying drawings in which:
"FIG. 1 illustrates an example computer architecture that facilitates authenticating a user for testing purposes.
"FIG. 2 illustrates a flow chart of an example method for authenticating a user for testing purposes."
URL and more information on this patent application, see: Ho,
Keywords for this news article include: Software,
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Dmytro Firtash, Ukrainian Billionaire, Arrested in Vienna
- Obama, Ukraine Discuss Russian Incursion in Crimea
- Obama's Overtime Initiative Praised, Condemned
- Republicans Warn Obama on Immigration
- Liberty Media Drops Sirius Bid
- West Readies Harsh Sanctions Against Russia
- Uli Hoeness, Bayern Munich President, Gets Prison for Tax Evasion
- Lady Gaga Roasts Self on Spit at SXSW
- Calumet Photo Files for Bankruptcy
- Drake Wins Big MTV's Woodie Awards at SXSW