5

I'm testing my WS with and without authorization (turning it on and off and restarting). I spent a lot of time wondering why it is connecting to WS with security even when I provided No Authorization:

SoapUI No Authorization screenshot

In between I tested the same with curl, later on I checked and realized, that in my request, there is still Authorization header even when I selected No Authorization option.

In Raw tab I can see:

SoapUI, Raw tab screenshot

How can I choose No Authorization properly?

My version is SoapUI 5.4.0-EB

edit 1: As a workaround (to test my service is or is not password protected) I'm setting correct/incorrect credentials. In short if I send incorrect credentials to service without password it should pass, with password set it should fail.

Betlista
  • 10,327
  • 13
  • 69
  • 110

3 Answers3

1

Sending the authentication to outgoing requests be controlled thru Preferences.

Go to menu 

File -> Preferences -> HTTP Settings -> Authenticate Preemptively

and uncheck Authenticate Preemptively and Save preferences. More details can be found here from documentation.

Now, authentication details are not sent in the requests.

If you want again to send the authentication, restore the the above change.

Rao
  • 20,781
  • 11
  • 57
  • 77
  • Hi Rao, nice try, but it is not working for me. `Authenticate Preemptively` was already unchecked. My understanding of preemtive authentication is, it will send credentials before server asks for it. My issue is, that SoapUI sends some cached credentials even when I configured "No Authorization". – Betlista Jan 31 '18 at 09:41
1

You must remove the username and password properties in the request properties TAB.

Daniel Puiu
  • 962
  • 6
  • 21
  • 29
Roberto Luque
  • 11
  • 1
0

Add an Authorization header with no value.

This will overwrite the default Authorization header SoapUi seems to adds when authorization is set to "No Authorization"

Empty Authorization header

Eelco
  • 69
  • 4