HTTP authentication - AuthServerAllowlist Command Line

1,865 views
Skip to first unread message

Robert Bodrick

unread,
Mar 15, 2022, 1:57:44 PM3/15/22
to net...@chromium.org, Arun Sundareswaran Jayaraman

Hello Net Dev Team,

 

My colleague Arun and I are looking into one item discovered with one of the automation tools and how it handles WWW-Authenticate request headers.  Chrome 98 enforced integration authentication whereby we needed to ensure WBG domains are included in the AuthServerAllowlist, for integrated authentication.  However, with the automation tool, a service account is used for logon and to override the behaviors with Integrated Authentication.  Using auth-server-allowlist / auth-server-whitelist command line switch does not seem to emit the expected behavior from chrome v98+.

 

Internally we set a chrome policy for AuthServerAllowlist but idealistically the command line argument should override the policy setting as it did prior to v98.

 

The command line being passed by the automation tool which is not working is:  "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-features=Translate --disable-extensions --disable-component-extensions-with-background-pages --disable-background-networking --disable-component-update --disable-client-side-phishing-detection --disable-sync --metrics-recording-only --disable-default-apps --mute-audio --no-default-browser-check --no-first-run --disable-backgrounding-occluded-windows --disable-renderer-backgrounding --disable-background-timer-throttling --disable-ipc-flooding-protection --password-store=basic --use-mock-keychain --force-fieldtrials=*BackgroundTracing/default/ --user-data-dir="C:\Users\AJAYAR~1\AppData\Local\Temp\lighthouse.3940143463" --auth-server-whitelist="\"_\"" --flag-switches-begin --flag-switches-end --site-per-process about:blank

 

The command line being passed by the automation which is working: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --auth-server-whitelist="_" --auth-schemes="basic"

 

We understand Edge is working but only Chrome is not.

 

Best,

Robert

 

The World Bank Group | Information and Technology Solutions
Robert Bodrick
End User Solutions and Engineering | ITSGC
T +1 (202) 473-8257
M +1 (202) 569-0091
E rbod...@worldbankgroup.org
S rwilliamjr

 

Reply all
Reply to author
Forward
0 new messages