access selenium server using secure connection

[Shaul Zevin]

Hello,

I wonder if there is an option to make selenium server to listen to secure connections.

Basically I would like my test to do something like:

DesiredCapabilities capability = DesiredCapabilities.firefox();

WebDriver driver = new RemoteWebDriver(new URL("https://myserver/wd/hub"), capability);

And I want my server to listen on 443.

Thanks,
   Shaul

[Krishnan Mahadevan]

I dont think that is currently possible without you adding tweaks to the core Grid code itself.

Thanks & Regards
Krishnan Mahadevan

"All the desirable things in life are either illegal, expensive, fattening or in love with someone else!"
My Scribblings @ http://wakened-cognition.blogspot.com/

My Technical Scribbings @ http://rationaleemotions.wordpress.com/

--
You received this message because you are subscribed to the Google Groups "Selenium Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to selenium-user...@googlegroups.com.
To post to this group, send email to seleniu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/selenium-users/bfb9cee9-0b94-4d15-8f1a-c93d0138fa1f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Shaul Zevin]

Thanks Krishnan,

I sort of expected your answer.

On the other hand if client tests include some sensitive information ( login credentials for example ) this can be a serious problem.

Do you think ssl support and some basic authorization will be added to selenium server in the near future?

Thanks,
    Shaul

[Krishnan Mahadevan]

I doubt that. Since the tests are going to be run in a test environment how does this matter ?

The sensitive information that you are talking about is going to be basically generated data no ?

Thanks & Regards
Krishnan Mahadevan

"All the desirable things in life are either illegal, expensive, fattening or in love with someone else!"
My Scribblings @ http://wakened-cognition.blogspot.com/

My Technical Scribbings @ http://rationaleemotions.wordpress.com/

To view this discussion on the web visit https://groups.google.com/d/msgid/selenium-users/154815fd-7d6c-4472-bf10-ffcc5ebd3db6%40googlegroups.com.

[Shaul Zevin]

I think you are right for most of the cases.

But imagine your selenium server is hosted on Amazon EC2 or some other cloud.

I do not think adding ssl capability to jetty is too complex. Having a basic authentication is not that complex either. In fact I saw some tests which create authentication enabled selenium server.

Anyway thanks for the prompt response.

Shaul

[David]

Couldn't tunneling and/or proxying traffic over SSH (for port 80, maybe to/from specific servers) between the machine executing Selenium code, the Grid server, and Grid nodes be a workaround? It's attaching security over existing infrastructure w/o code changes. It'd still be HTTP not HTTPS but routed over SSH tunnel that is encrypted. I don't know the specifics to this setup though.

Something like this (though maybe not exactly as that): http://serverfault.com/questions/78351/can-i-create-ssh-to-tunnel-http-through-server-like-it-was-proxy

[Krishnan Mahadevan]

I believe that is somewhat the approach that SauceLabs uses as part of them providing remote execution capabilities in their cloud environment.

Thanks & Regards
Krishnan Mahadevan

"All the desirable things in life are either illegal, expensive, fattening or in love with someone else!"
My Scribblings @ http://wakened-cognition.blogspot.com/

My Technical Scribbings @ http://rationaleemotions.wordpress.com/

To view this discussion on the web visit https://groups.google.com/d/msgid/selenium-users/8ab1bef5-9120-42d9-991d-83f3a1728989%40googlegroups.com.