From version 8.4.0 beta, Katalon Studio supports NTLM authentication.
- An active Katalon Studio Enterprise license.
- Katalon Studio version 8.4.0 beta onwards. Download from our GitHub repository: Katalon Studio version 8.4.0 beta.
- Connection to a server that has NTLM Windows Authentication enabled. To check your connection to the server, open the terminal/command line and type:
The NTLM authentication in Katalon Studio is tested with:
- Windows Server 2003 systems, configured to use LM and NTLMv1 authentication.
- Windows Server 2016 systems, configured to use NTLM2SessionResponse authentication.
What is NTLM authentication?
Windows New Technology LAN Manager (NTLM) is an authentication protocol used for Windows authentication with systems configured as members of workgroups. NTLM applies to web application authentication when the organization uses a domain controller for user domain and identity management. A domain controller is a server running a Windows Server operating system version with Active Directory Domain Services installed.
Use NTLM Authorization in Katalon Studio
Open your web service request object.
In the web service request object editor, switch to the Authorization tab.
Choose Authorization type as NTLM.
Input the following information:
- Username: The username of the account used to authenticate. The username should not include the domain. For example: "user" is correct, whereas "DOMAIN\user" is not.
- Password: The password of the account used to authenticate.
- Domain (Optional): The domain to authenticate against. If you are using a domain account, you need to input your domain to avoid the error:
401 Unauthorized: Access is denied due to invalid credentials. If you are using a local account to log in, you can leave this field empty.
- Workstation (Optional): The hostname of your computer. Naming your workstation helps better management since the workstation name is more straightforward to track than an IP address when logging in to another machine.
To update inputs to the request, click Update.
NTLM authenticates connections, not requests. Therefore, the NTLM authorization inputs are updated directly to the request, not to the HTTP Header.
Once the log-on is successful, you can see the workstation name and domain information in event 4624.
You can learn more about the 4624 event at Microsoft documentation: 4624(S): An account was successfully logged on.