We all want to keep our systems secure. As new times are coming, more and more security threats are arising. Along with that, more secure ways are also being created, which makes sure our systems stay protected. NTLM is on such measure. Let us find out about NTLM Authentication in Katalon today.
NTLM Authentication
New Technology LAN Manager (NTLM) is an authentication protocol. It is used for authentication with workgroup-configured systems. In simple words, with a system that is set as a member of a workgroup. It is a challenge-response authentication system that is a more secure variant of Digest authentication. NTLM also gets used in web applications. This happens when an organization uses a domain controller for identity management and user domain.
Instead of the unencoded user name and password, NTLM changes or transforms the challenge data using the OS credentials. More than one exchange between the client and server is needed for NTLM authentication.
Requirements for NTLM
Similar to other Authentication measures, NTLM too has some requirements. Let us find out the things we need to have NTLM Authentication in Katalon.
Enterprise License: One of the very first requirements is to have an Enterprise license for Katalon Studio.
Updated Version: We need to have the Katalon Studio Version 8.4.0 beta and later for using NTLM Authentication.
Authentication Activated: We should have a connection to a server with NTLM Windows Authentication activated. We can open the command line and type the following command: ping<ip_address> to check the connection to the server.
Systems for testing: These are the systems where we can test NTLM authentication in Katalon Studio:
a. Windows Server 2003. The system should be configured and set up for using NTLMv1 and LM authentication.
b. Windows Server 2016. The system should be configured and set up for using NTLM2SessionResponse authentication.
Using NTLM Authorization in Katalon Studio
Till now, we read about New Technology LAN Manager and the prerequisites of NTLM Authentication in Katalon. Now let us find out how we can use NTLM Authorization in Katalon Studio. We will go through the procedure and then talk about the results.
Procedure
Step 1: First, in Katalon, we have to open the web service request object.
Step 2: Once opened and we have the web service request object editor, we will select the "Authorization" tab.
Step 3: There, we will find the Authorization type. There we will choose NTLM as the Authorization type.
Step 4: Once done with the above steps, we will be given the option to input the following information.
Username: This is the username of the account that is used for authenticating. We should ensure that the domain does not get included in the username. Example: "username" is acceptable, whereas "Domain\username" isn't acceptable.
Password: We have to enter the password of the account that is used for authentication.
Domain: This is an optional input. Here we enter the domain against which we wish to authenticate. If we are using a domain account, we must enter the domain. This is for avoiding the following error: "401 Unauthorized: Access is denied due to invalid credentials." However, we can leave this field empty if we are using a local account for logging in.
Workstation: This is an optional input. Here we enter the hostname of the computer. It is helpful because we can manage things more smoothly after naming our workstation. It is because tracking a workstation name is simpler and easier than tracking an IP address when we log in to a different machine.
Step 5: In this step, we will click on Update to update the inputs that we have given to the request.
Result
After we are done with all the steps above, we can expect the result. We should remember that NTLM authenticates connections, not requests.
For this reason, the NTLM authorization input gets directly updated to the request and not to the HTTP Header.
When the logon is successful, the workstation name and domain details get displayed in event 4624.
Which is the default port for NTLM authentication?
NTLM authentication uses Port 445 by default.
Do we still use NTLM authentication?
Yes, NTLM authentication is still supported. We should know that it must be used for Windows authentication with the systems that have been set up or configured as a workgroup member.
NTLM authentication is also used on non-domain controllers for local logon authentication.
Can we log on with a local account even when NTLM is blocked?
Because the local login procedure still uses NTLM, blocking it does not entirely disable it on a machine. This means, Even if NTLM is disabled, we can still use a local account to log on.
Conclusion
In the article, we read about NTLM Authentication in Katalon. Though it is available to Enterprise versions of Katalon only, it still has got some much-needed uses. We also learned the steps to set up the Authentication in Katalon in a simple way.
Refer to our courses and explore Coding Ninjas Studio to find more exciting stuff.
It is a must to remember that Not all versions of Katalon studio support NTLM authentication. We should know that for using NTLM authentication, our Katalon studio version must be 8.4.0 beta and above. You can also look into the interview experiences and solve different problems. Look into our Guided paths, test series, libraries and resources to know more.