Configuring the authentication

As of Tricentis Tosca 12.2, the Webservice Engine 3.0 is no longer supported. By default, you cannot create WSE TestCases in API Scan.

For information on how to re-enable scanning WSE TestCases in API Scan, see chapter "Web service".

This chapter describes in greater detail how to configure authentications using HTTP or HTTPS.

HTTP authentication

The TestStepValue Authentication is used for HTTP authentication. Basic authentication is supported.

  1. Select the specialization Basic authentication via the context menu option Implement Specialization.

  2. Define the TestStepValues Username and Password.

  3. Set the value of the TestStepValue PreAuthenticate to Yes if the Authentication information is set with the first request.

HTTP authentication example

Using HTTPS

SSL verification

For SSL verification, use the TestStepValue SSL Configuration, which is located under the TestStepValue Communicate.

If the server certificate is used, the TestStepValue Verify server certificate is used.

Procedure

  1. Expand the TestStepValue SSL Configuration and the subordinate TestStepValue Verify server certificate.

  2. If you want to use a certificate without verifying it, select the value No for the TestStepValue Verify. If you want to verify the certificate, select the value Yes.

  3. If required, select the flags to be excluded from verification under Verification Flags. If the value NoFlag is selected, all flags are set and none are ignored. The TestStepValue RevocationFlag can be used to define additional restrictions for the verification.

  4. Select the SSL version under SSL Version.

In this example, the server certificate is used. This is not verified.

SSL verification example

SSL client authentication

The storage location of the client certificate must be specified for SSL authentication. If the certificate is installed in the default directory and it is my certificate, the value CurrentUser must be specified for StoreLocation and the value My for StoreName. Certificates from a Java Keystore can also be used.

The search method is specified in the TestStepValue Find Type, which is located under Find Options. The required value is specified in the TestStepValue FindValue. Please make sure that there are no spaces in the value.

In this example, the search method FindByThumbprint is used.

SSL client authentication example