How to get Playwright .NET tests to run in Azure DevOps Server against IIS using Windows Authentication
I'm trying to get our Playwright tests to run in our CI/CD pipeline. I'm finding scant documentation on how to do so with regards to our specific situation. Here are the key components:
- Code is .NET Framework 4.7.2 MVC
- Build Server Azure DevOps Server 2019
- IIS 10 is our webserver
- Windows Authentication is used for IIS
- CI/CD pipeline is written in YAML
- Deployment Pipeline is Classic because YAML is not supported in 2019
So, I can point the tests towards our development IIS server and run them locally from Visual Studio 2022 with no problems. However, when I run them in the pipeline, I get a "401 Unauthorized" error. It would seem this is obviously due to my local using my Windows Auth credentials, whereas the Build Server, quite obviously, does not have my credentials.
So my question is: What strategies are there for running Playwright tests in an Azure DevOps Server pipeline against an IIS website that uses Windows Authentication?"
For what it's worth, here are the references I found, but they either had no answers or were closed w/o a solution:
- PlayWright test in Chrome with a different Windows user than the one currently logged in?
- https://github.com/microsoft/playwright/issues/20521
I just haven't seen much documentation or guides that deal with how to make these tests work. Finally, for security reasons, we need to keep Windows Auth enabled and as the only authentication mechanism for our site. It's not really an option to circumvent security. Maybe this isn't possible, but then I'd like it explicitly called out somewhere.
Thanks, Michael
Based on your description, the build server and web server are in two different machines.
By default, the Browser will enable the Windows Integrated Authentication for authentication. It will automatically login to the website use the current user.
In your case, it will directly use the user on Build Server to access the Web Server and cause 401 error.
To solve this issue, you need to disable the Windows Integrated Authentication first.
Navigate through Menu bar to Tools -> Internet Options -> Security
Select Local Intranet and Click on "Custom Level" button
Scroll to bottom of the window to User Authentication section, select "Prompt for user name and password"
Click Ok, Apply and Ok to save changes.
For example:
Refer to this doc: How to disable Integrated Windows Authentication (IWA) from browsers
Then you can set the windows user Credentials of IIS web Server in the Playwright project. Refer to this doc: HTTP Authentication
For example:
using var context = await Browser.NewContextAsync(new()
{
HttpCredentials = new HttpCredentials
{
Username = "bill",
Password = "pa55w0rd"
},
});
var page = await context.NewPageAsync();
await page.GotoAsync("https://example.com");
Here is a ticket with the similar requirement: Prevent SSO with Playwright
On the other hand, you can also consider setting the self-hosted agent on IIS web server.
In this case, you don't need to do any changes on the code. It will use the user on IIS web server to access the website in Azure Pipeline.
- Wrong physical path when using URL Rewrite in IIS
- When hosting .NET Core web app in IIS, what are the pros and cons between "In process" and "out of process" hosting model
- IIS restricted verbs still go through
- How to stop IIS asking authentication for default website on localhost
- IIS Restrict Access to Directory for table of users
- Why is IIS Worker Process locking a file?
- There was an error while performing this operation" error when publishing an old ASP.NET web project on IIS
- Get authenticated user's groups from Active Directory in Node
- WCF Error : 'It is likely that certificate 'my cert' may not have a private key that is capable of key exchange
- IIS & Chrome: failed to load resource: net::ERR_INCOMPLETE_CHUNKED_ENCODING
- API call with certificate over webservice isn't working
- .Net Forms Authentication Issue - 401, even though cookie set
- dotnet publish Error: The process cannot access the file because it is being used by another process
- Change URL project IIS ASP.Net
- Disable WebDav Programatically for .NET 3.1 or greater
- Slim Framework 4 with php 8.1 and IIS Server comunication
- How do I reset IIS Express default mime types / staticContent?
- How to solve Server Error in '/' Application.?
- The Web Application Project [...] is configured to use IIS. The Web server [...] could not be found.
- IIS Express not running in Visual Studio 2019
- Change Host Header with IIS URLRewrite
- How to solve the HTTP Error 403.14 - Forbidden in Asp.Net Core API?
- MSDeploy Unauthorized with command
- dotnet publish error WASM0005: Unable to resolve WebAssembly runtime pack version
- ASP.NET mvc auth or session expires quicker than set
- Add URL rewrite rule on root website for specific URL
- SQL1159 Initialization error with DB2 .NET Data Provider, reason code 10, tokens 0.0.0, 9.7.3
- System.IO Exception after IIS deployment
- How Do You Enable HTTP/3 on IIS?
- Return content is "blank" when deployed on production