Regarding the issue of browserBasedAuthentication authentication, please advise
155 views
Skip to first unread message
guanggang long
Jan 19, 2026, 2:34:59 AMJan 19
to ZAP User Group
Hello!
I use Java SDK:
<dependency>
<groupId>org.zaproxy</groupId>
<artifactId>zap-clientapi</artifactId>
<version>1.17.0</version>
</ dependency >
docker version: zaproxy/zap-stable:2.17.0
command: docker run -u zap -p 8090:8090 -i zaproxy/zap-stable zap-x.sh -daemon -host 0.0.0.0 -port 8090 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key=123456
chrome version:
chromeAras:
4561 [ZAP-daemon] INFO org.zaproxy.addon.network.ExtensionNetwork - ZAP is now listening on 0.0.0.0:8090
21688 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
29364 [ZAP-IO-Server-1-5] INFO org.zaproxy.zap.users.User - Authenticating user: admin
30652 [ZAP-IO-Server-1-1] ERROR org.zaproxy.zap.users.User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [f3c618f8357bc494eb29904e97053283, get {url=http://192.168.11.124/login}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 149, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:11198/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: f3c618f8357bc494eb29904e97053283
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481)
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:142)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:49)
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215)
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:329)
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserImpl(AuthUtils.java:502)
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserWithErrorStep(AuthUtils.java:480)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:341)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
at org.zaproxy.zap.users.User.authenticate(User.java:271)
at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307)
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
31039 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
35189 [ZAP-IO-Server-1-9] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
35325 [ZAP-IO-Server-1-10] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
35325 [ZAP-IO-Server-1-9] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
36003 [ZAP-IO-Server-1-5] ERROR org.zaproxy.zap.extension.selenium.ExtensionSelenium - unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [a127cc065907aaaa9c1d15fcf5cd8cd4, get {url=https://zap/zapCallBackUrl/-6013776022888708683?zapenable=true}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 348, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18986/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: a127cc065907aaaa9c1d15fcf5cd8cd4
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [a127cc065907aaaa9c1d15fcf5cd8cd4, get {url=https://zap/zapCallBackUrl/-6013776022888708683?zapenable=true}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 348, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18986/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: a127cc065907aaaa9c1d15fcf5cd8cd4
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481)
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:142)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:49)
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215)
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:329)
at org.zaproxy.addon.client.RedirectScript.browserLaunched(RedirectScript.java:51)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.lambda$getWebDriverImpl$3(ExtensionSelenium.java:830)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
at java.base/java.util.Collections$SynchronizedCollection.forEach(Collections.java:2132)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:827)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:620)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:593)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:335)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
at org.zaproxy.zap.users.User.authenticate(User.java:271)
at org.zaproxy.zap.users.User.processMessageToMatchUser(User.java:170)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAuthenticated(BaseHttpSender.java:378)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendNoRedirections(BaseHttpSender.java:351)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.send(BaseHttpSender.java:307)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:278)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:234)
at org.parosproxy.paros.network.HttpSender.sendImpl(HttpSender.java:536)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:356)
at org.zaproxy.addon.network.internal.server.http.handlers.HttpSenderHandler.handleMessage(HttpSenderHandler.java:78)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
I use Java SDK:
<dependency>
<groupId>org.zaproxy</groupId>
<artifactId>zap-clientapi</artifactId>
<version>1.17.0</version>
</ dependency >
docker version: zaproxy/zap-stable:2.17.0
command: docker run -u zap -p 8090:8090 -i zaproxy/zap-stable zap-x.sh -daemon -host 0.0.0.0 -port 8090 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key=123456
chrome version:
chrome:
chromeAras:
browserBasedAuthentication code:
Error message:
Error message:
4561 [ZAP-daemon] INFO org.zaproxy.addon.network.ExtensionNetwork - ZAP is now listening on 0.0.0.0:8090
21688 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
29364 [ZAP-IO-Server-1-5] INFO org.zaproxy.zap.users.User - Authenticating user: admin
30652 [ZAP-IO-Server-1-1] ERROR org.zaproxy.zap.users.User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [f3c618f8357bc494eb29904e97053283, get {url=http://192.168.11.124/login}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 149, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:11198/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: f3c618f8357bc494eb29904e97053283
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481)
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:142)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:49)
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215)
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:329)
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserImpl(AuthUtils.java:502)
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserWithErrorStep(AuthUtils.java:480)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:341)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
at org.zaproxy.zap.users.User.authenticate(User.java:271)
at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307)
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85)
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
31039 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
35189 [ZAP-IO-Server-1-9] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
35325 [ZAP-IO-Server-1-10] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
35325 [ZAP-IO-Server-1-9] WARN org.zaproxy.zap.extension.api.API - API key incorrect or not supplied: not set in request from 127.0.0.1
36003 [ZAP-IO-Server-1-5] ERROR org.zaproxy.zap.extension.selenium.ExtensionSelenium - unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [a127cc065907aaaa9c1d15fcf5cd8cd4, get {url=https://zap/zapCallBackUrl/-6013776022888708683?zapenable=true}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 348, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18986/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: a127cc065907aaaa9c1d15fcf5cd8cd4
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [a127cc065907aaaa9c1d15fcf5cd8cd4, get {url=https://zap/zapCallBackUrl/-6013776022888708683?zapenable=true}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 348, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18986/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: a127cc065907aaaa9c1d15fcf5cd8cd4
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481)
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:142)
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:49)
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215)
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:329)
at org.zaproxy.addon.client.RedirectScript.browserLaunched(RedirectScript.java:51)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.lambda$getWebDriverImpl$3(ExtensionSelenium.java:830)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
at java.base/java.util.Collections$SynchronizedCollection.forEach(Collections.java:2132)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:827)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:620)
at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:593)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:335)
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
at org.zaproxy.zap.users.User.authenticate(User.java:271)
at org.zaproxy.zap.users.User.processMessageToMatchUser(User.java:170)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAuthenticated(BaseHttpSender.java:378)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendNoRedirections(BaseHttpSender.java:351)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.send(BaseHttpSender.java:307)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:278)
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:234)
at org.parosproxy.paros.network.HttpSender.sendImpl(HttpSender.java:536)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:356)
at org.zaproxy.addon.network.internal.server.http.handlers.HttpSenderHandler.handleMessage(HttpSenderHandler.java:78)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
thc202
Jan 19, 2026, 2:48:21 AMJan 19
to zaprox...@googlegroups.com
Hi,
Browsers launched by ZAP are already configured to proxy through the
correct proxy (which is different depending on the browser's usage), you
should remove the proxy-server argument which is causing the failure.
Best regards.
Browsers launched by ZAP are already configured to proxy through the
correct proxy (which is different depending on the browser's usage), you
should remove the proxy-server argument which is causing the failure.
Best regards.
guanggang long
Jan 19, 2026, 3:28:11 AMJan 19
to ZAP User Group
Hello !
Let me ask again, I have removed the parameters set in the code, but the authentication still reports an error:
zap | org.openqa.selenium.SessionNotCreatedException: Could not start a new session. Response code 500. Message: session not created: Chrome instance exited. Examine ChromeDriver verbose log to determine the cause.
zap | Host info: host: '30883985e470', ip: '172.19.0.2'
zap | Build info: version: '4.39.0', revision: '126f156aee'
zap | System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
zap | Driver info: org.openqa.selenium.chrome.ChromeDriver
zap | Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new, --enable-unsafe-extension-d..., --remote-debugging-pipe], binary: /usr/bin/chrome, extensions: []}, proxy: Proxy(manual, http=localhos..., webSocketUrl: true}]}]
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:114)
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:75)
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:61)
zap | at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:187)
zap | at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
zap | at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
zap | at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
zap | at org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:250)
zap | at org.openqa.selenium.remote.RemoteWebDriver.<init>(RemoteWebDriver.java:178)
zap | at org.openqa.selenium.chromium.ChromiumDriver.<init>(ChromiumDriver.java:109)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:88)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:83)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:72)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:1083)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:972)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:940)
zap | at org.zaproxy.zap.extension.selenium.internal.BuiltInSingleWebDriverProvider.getWebDriver(BuiltInSingleWebDriverProvider.java:63)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:820)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:620)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:593)
zap | at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:335)
zap | at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
zap | at org.zaproxy.zap.users.User.authenticate(User.java:271)
zap | at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307)
zap | at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
zap | at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
zap | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
zap | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
zap | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
zap | at java.base/java.lang.Thread.run(Thread.java:840)
Let me ask again, I have removed the parameters set in the code, but the authentication still reports an error:
zap | org.openqa.selenium.SessionNotCreatedException: Could not start a new session. Response code 500. Message: session not created: Chrome instance exited. Examine ChromeDriver verbose log to determine the cause.
zap | Host info: host: '30883985e470', ip: '172.19.0.2'
zap | Build info: version: '4.39.0', revision: '126f156aee'
zap | System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
zap | Driver info: org.openqa.selenium.chrome.ChromeDriver
zap | Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new, --enable-unsafe-extension-d..., --remote-debugging-pipe], binary: /usr/bin/chrome, extensions: []}, proxy: Proxy(manual, http=localhos..., webSocketUrl: true}]}]
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:114)
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:75)
zap | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:61)
zap | at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:187)
zap | at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216)
zap | at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174)
zap | at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:561)
zap | at org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:250)
zap | at org.openqa.selenium.remote.RemoteWebDriver.<init>(RemoteWebDriver.java:178)
zap | at org.openqa.selenium.chromium.ChromiumDriver.<init>(ChromiumDriver.java:109)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:88)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:83)
zap | at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:72)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:1083)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:972)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:940)
zap | at org.zaproxy.zap.extension.selenium.internal.BuiltInSingleWebDriverProvider.getWebDriver(BuiltInSingleWebDriverProvider.java:63)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:820)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:620)
zap | at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:593)
zap | at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:335)
zap | at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309)
zap | at org.zaproxy.zap.users.User.authenticate(User.java:271)
zap | at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307)
zap | at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85)
zap | at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131)
zap | at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
zap | at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
zap | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
zap | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
zap | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
zap | at java.base/java.lang.Thread.run(Thread.java:840)
guanggang long
Jan 19, 2026, 3:43:45 AMJan 19
to ZAP User Group
When using the headless mode of the Firefox browser built-in in the container, an error occurs indicating that the proxy refused the connection. The error message is as follows:
48515 [ZAP-daemon] INFO org.zaproxy.addon.network.ExtensionNetwork - ZAP is now listening on 0.0.0.0:8080
76691 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
199457 [ZAP-IO-Server-1-4] INFO org.zaproxy.zap.users.User - Authenticating user: admin
223580 [ZAP-IO-Server-1-1] ERROR org.zaproxy.zap.users.User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: Reached error page: about:neterror?e=proxyConnectFailure&u=http%3A//192.168.11.124/login&c=UTF-8&d=Firefox%20is%20configured%20to%20use%20a%20proxy%20server%20that%20is%20refusing%20connections.
Build info: version: '4.38.0', revision: '6b412e825c*'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.firefox.FirefoxDriver
Command: [5a544fa0-8cda-45ba-b51f-b0490462dee5, get {url=http://192.168.11.124/login}]
Capabilities {acceptInsecureCerts: true, browserName: firefox, browserVersion: 140.6.0, moz:accessibilityChecks: false, moz:buildID: 20251201132345, moz:geckodriverVersion: 0.36.0, moz:headless: true, moz:platformVersion: 5.4.0-150-generic, moz:processID: 195, moz:profile: /tmp/rust_mozprofileru1l9K, moz:shutdownTimeout: 60000, moz:webdriverClick: true, moz:windowless: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(), setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, userAgent: Mozilla/5.0 (X11; Linux x86..., webSocketUrl: ws://127.0.0.1:44781/sessio...}
Session ID: 5a544fa0-8cda-45ba-b51f-b0490462dee5
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77) ~[?:?]
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500) ~[?:?]
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481) ~[?:?]
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167) ~[?:?]
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:138) ~[?:?]
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:50) ~[?:?]
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215) ~[?:?]
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216) ~[?:?]
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174) ~[?:?]
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:557) ~[?:?]
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:325) ~[?:?]
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserImpl(AuthUtils.java:501) ~[?:?]
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserWithErrorStep(AuthUtils.java:479) ~[?:?]
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:341) ~[?:?]
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309) ~[?:?]
at org.zaproxy.zap.users.User.authenticate(User.java:271) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82) ~[?:?]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) [network-beta-0.24.0.zap:?]
at java.base/java.lang.Thread.run(Thread.java:840) [?:?]
48515 [ZAP-daemon] INFO org.zaproxy.addon.network.ExtensionNetwork - ZAP is now listening on 0.0.0.0:8080
76691 [ZAP-IO-Server-1-1] INFO org.zaproxy.zap.users.User - Authenticating user: admin
199457 [ZAP-IO-Server-1-4] INFO org.zaproxy.zap.users.User - Authenticating user: admin
223580 [ZAP-IO-Server-1-1] ERROR org.zaproxy.zap.users.User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: Reached error page: about:neterror?e=proxyConnectFailure&u=http%3A//192.168.11.124/login&c=UTF-8&d=Firefox%20is%20configured%20to%20use%20a%20proxy%20server%20that%20is%20refusing%20connections.
Build info: version: '4.38.0', revision: '6b412e825c*'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '5.4.0-150-generic', java.version: '17.0.17'
Command: [5a544fa0-8cda-45ba-b51f-b0490462dee5, get {url=http://192.168.11.124/login}]
Capabilities {acceptInsecureCerts: true, browserName: firefox, browserVersion: 140.6.0, moz:accessibilityChecks: false, moz:buildID: 20251201132345, moz:geckodriverVersion: 0.36.0, moz:headless: true, moz:platformVersion: 5.4.0-150-generic, moz:processID: 195, moz:profile: /tmp/rust_mozprofileru1l9K, moz:shutdownTimeout: 60000, moz:webdriverClick: true, moz:windowless: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(), setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, userAgent: Mozilla/5.0 (X11; Linux x86..., webSocketUrl: ws://127.0.0.1:44781/sessio...}
Session ID: 5a544fa0-8cda-45ba-b51f-b0490462dee5
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[?:?]
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77) ~[?:?]
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[?:?]
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500) ~[?:?]
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481) ~[?:?]
at org.openqa.selenium.remote.ErrorCodec.decode(ErrorCodec.java:167) ~[?:?]
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:138) ~[?:?]
at org.openqa.selenium.remote.codec.w3c.W3CHttpResponseCodec.decode(W3CHttpResponseCodec.java:50) ~[?:?]
at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:215) ~[?:?]
at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:216) ~[?:?]
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:174) ~[?:?]
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:557) ~[?:?]
at org.openqa.selenium.remote.RemoteWebDriver.get(RemoteWebDriver.java:325) ~[?:?]
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserImpl(AuthUtils.java:501) ~[?:?]
at org.zaproxy.addon.authhelper.AuthUtils.authenticateAsUserWithErrorStep(AuthUtils.java:479) ~[?:?]
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticateImpl(BrowserBasedAuthenticationMethodType.java:341) ~[?:?]
at org.zaproxy.addon.authhelper.BrowserBasedAuthenticationMethodType$BrowserBasedAuthenticationMethod.authenticate(BrowserBasedAuthenticationMethodType.java:309) ~[?:?]
at org.zaproxy.zap.users.User.authenticate(User.java:271) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.zap.extension.users.UsersAPI.handleApiAction(UsersAPI.java:307) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:538) ~[zap-2.16.1.jar:2.16.1]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:111) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:85) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleMessage(ZapApiHandler.java:70) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:131) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:67) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82) ~[?:?]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) [network-beta-0.24.0.zap:?]
at java.base/java.lang.Thread.run(Thread.java:840) [?:?]
kingthorin+zap
Jan 19, 2026, 9:13:57 AMJan 19
to ZAP User Group
Is http://192.168.11.124/login accessible from inside the container?
It seems you're using an old image (ZAP 2.17 is out as well as network add-on 0.25.0, etc)
guanggang long
Jan 19, 2026, 10:33:38 AMJan 19
to ZAP User Group
The version I am currently using is ZAP 2.17.0, and the network plugin I am using is network-beta-0.25.0, as shown in the figure:
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
Using the current Zap container's Chrome can retrieve the DOM content of a webpage:
root@ubuntu:/home/lgg/webls# docker exec -it zap google-chrome --no-sandbox --headless=new --dump-dom http://192.168.3.4/login | head -100
[1913:1939:0119/152828.109030:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.114173:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.114250:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.114418:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.122191:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.134871:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.191437:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.191614:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191631:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191636:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191639:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191641:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.191718:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.191852:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.192614:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1913:0119/152828.209424:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1913:0119/152828.209478:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.209525:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1913:0119/152828.209544:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.209993:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1913:0119/152828.234079:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.Properties.GetAll: object_path= /org/freedesktop/UPower/devices/DisplayDevice: unknown error type:
[1913:1939:0119/152828.275280:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.314282:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.314778:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.322722:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.322811:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.325637:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.325743:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.332651:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.332757:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.334274:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
<!DOCTYPE html>
<html class="nprogress-busy"><head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<link rel="icon" href="/favicon.ico">
<title>test</title>
<!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]-->
<style>
html,
body,
#app {
height: 100%;
margin: 0px;
padding: 0px;
}
.chromeframe {
margin: 0.2em 0;
background: #ccc;
color: #000;
padding: 0.2em 0;
}
#loader-wrapper {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: 999999;
}
#loader {
display: block;
position: relative;
left: 50%;
top: 50%;
width: 150px;
height: 150px;
margin: -75px 0 0 -75px;
border-radius: 50%;
border: 3px solid transparent;
border-top-color: #FFF;
-webkit-animation: spin 2s linear infinite;
-ms-animation: spin 2s linear infinite;
-moz-animation: spin 2s linear infinite;
-o-animation: spin 2s linear infinite;
animation: spin 2s linear infinite;
z-index: 1001;
}
#loader:before {
content: "";
position: absolute;
top: 5px;
left: 5px;
right: 5px;
bottom: 5px;
border-radius: 50%;
border: 3px solid transparent;
border-top-color: #FFF;
-webkit-animation: spin 3s linear infinite;
-moz-animation: spin 3s linear infinite;
-o-animation: spin 3s linear infinite;
-ms-animation: spin 3s linear infinite;
animation: spin 3s linear infinite;
}
root@ubuntu:/home/lgg/webls# docker exec -it zap google-chrome --no-sandbox --headless=new --dump-dom http://192.168.3.4/login | head -100
[1913:1939:0119/152828.109030:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.114173:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.114250:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.114418:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1939:0119/152828.122191:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.134871:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.191437:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.191614:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191631:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191636:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191639:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1939:0119/152828.191641:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.191718:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.191852:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.192614:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1913:0119/152828.209424:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1913:0119/152828.209478:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.209525:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1913:0119/152828.209544:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.209993:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[1913:1913:0119/152828.234079:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.Properties.GetAll: object_path= /org/freedesktop/UPower/devices/DisplayDevice: unknown error type:
[1913:1939:0119/152828.275280:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.314282:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.314778:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.322722:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.322811:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.325637:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.325743:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.332651:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
[1913:1939:0119/152828.332757:ERROR:dbus/bus.cc:406] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[1913:1913:0119/152828.334274:ERROR:dbus/object_proxy.cc:573] Failed to call method: org.freedesktop.DBus.NameHasOwner: object_path= /org/freedesktop/DBus: unknown error type:
<!DOCTYPE html>
<html class="nprogress-busy"><head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<link rel="icon" href="/favicon.ico">
<title>test</title>
<!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]-->
<style>
html,
body,
#app {
height: 100%;
margin: 0px;
padding: 0px;
}
.chromeframe {
margin: 0.2em 0;
background: #ccc;
color: #000;
padding: 0.2em 0;
}
#loader-wrapper {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: 999999;
}
#loader {
display: block;
position: relative;
left: 50%;
top: 50%;
width: 150px;
height: 150px;
margin: -75px 0 0 -75px;
border-radius: 50%;
border: 3px solid transparent;
border-top-color: #FFF;
-webkit-animation: spin 2s linear infinite;
-ms-animation: spin 2s linear infinite;
-moz-animation: spin 2s linear infinite;
-o-animation: spin 2s linear infinite;
animation: spin 2s linear infinite;
z-index: 1001;
}
#loader:before {
content: "";
position: absolute;
top: 5px;
left: 5px;
right: 5px;
bottom: 5px;
border-radius: 50%;
border: 3px solid transparent;
border-top-color: #FFF;
-webkit-animation: spin 3s linear infinite;
-moz-animation: spin 3s linear infinite;
-o-animation: spin 3s linear infinite;
-ms-animation: spin 3s linear infinite;
animation: spin 3s linear infinite;
}
Strangely, using SDK to call browser authentication will result in an error, indicating that the proxy has been denied a connection:
52606 [ZAP-IO-Server-1-1] ERROR org.zaproxy.zap.users.User - An error occurred while authenticating:
org.openqa.selenium.WebDriverException: unknown error: net::ERR_PROXY_CONNECTION_FAILED
(Session info: chrome=143.0.7499.193)
Build info: version: '4.39.0', revision: '126f156aee'
System info: os.name: 'Linux', os.arch: 'amd64', os.version: '6.8.0-90-generic', java.version: '17.0.17'
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [ecf5dce301521baee0fadcd15a91d4ad, get {url=http://192.168.3.4/}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 194, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18021/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: ecf5dce301521baee0fadcd15a91d4ad
Driver info: org.openqa.selenium.chrome.ChromeDriver
Command: [ecf5dce301521baee0fadcd15a91d4ad, get {url=http://192.168.3.4/}]
Capabilities {acceptInsecureCerts: true, browserName: chrome, browserVersion: 143.0.7499.193, chrome: {chromedriverVersion: 143.0.7499.193 (fc6af963ede..., userDataDir: /tmp/.org.chromium.Chromium...}, fedcm:accounts: true, goog:processID: 194, networkConnectionEnabled: false, pageLoadStrategy: normal, platformName: linux, proxy: Proxy(manual, http=localhos..., setWindowRect: true, strictFileInteractability: false, timeouts: {implicit: 0, pageLoad: 300000, script: 30000}, unhandledPromptBehavior: dismiss and notify, webSocketUrl: ws://localhost:18021/sessio..., webauthn:extension:credBlob: true, webauthn:extension:largeBlob: true, webauthn:extension:minPinLength: true, webauthn:extension:prf: true, webauthn:virtualAuthenticators: true}
Session ID: ecf5dce301521baee0fadcd15a91d4ad
Simon Bennetts
Jan 20, 2026, 7:23:57 AMJan 20
to ZAP User Group
Lets step back for a minute and understand what you are trying to do.
It looks like you are running ZAP in daemon mode and controlling it via the API, is that right?
Have you tested the authentication in the ZAP desktop app before you used the API?
Any reason why you did not choose to use the Automation Framework?
Cheers,
Simon
guanggang long
Jan 26, 2026, 8:32:00 PMJan 26
to ZAP User Group
1. Executing automation scripts through the command line is normal
docker run --rm -v "$(pwd)":/zap/wrk/:rw -it zap-chrome zap.sh -cmd -autorun /zap/wrk/BrowserAuth.yaml
2. Using the automation framework API (runPlan) of Zap client API 1.17.0 to call BrowserAuth. YAML for browser authentication, the error message from Zap is as follows:
58843 [ZAP-IO-Server-1-2] ERROR org.zaproxy.zap.authentication.AuthenticationHelper - Cannot add authentication message to History tab.org.parosproxy.paros.db.DatabaseException: java.sql.SQLException: The actual Response Body length 26697635 is greater than the configured response body length 16777216 for GET http://192.168.11.161/static/js/chunk-vendors.js
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:435)
at org.parosproxy.paros.model.HistoryReference.<init>(HistoryReference.java:409)
at org.zaproxy.zap.authentication.AuthenticationHelper.addAuthMessageToHistory(AuthenticationHelper.java:142)
at org.zaproxy.zap.authentication.AuthenticationHelper.addAuthMessageToHistory(AuthenticationHelper.java:127)
at org.zaproxy.addon.authhelper.HistoryProvider.addAuthMessageToHistory(HistoryProvider.java:80)
at org.zaproxy.addon.authhelper.internal.ClientSideHandler.handleMessage(ClientSideHandler.java:93)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:138)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:469)
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:419)
... 13 more
140069 [ZAP-IO-Server-1-3] ERROR org.zaproxy.zap.authentication.AuthenticationHelper - Cannot add authentication message to History tab.
org.parosproxy.paros.db.DatabaseException: java.sql.SQLException: The actual Response Body length 26697635 is greater than the configured response body length 16777216 for GET http://192.168.11.161/static/js/chunk-vendors.js
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:435)
at org.parosproxy.paros.model.HistoryReference.<init>(HistoryReference.java:409)
at org.zaproxy.zap.authentication.AuthenticationHelper.addAuthMessageToHistory(AuthenticationHelper.java:142)
at org.zaproxy.zap.authentication.AuthenticationHelper.addAuthMessageToHistory(AuthenticationHelper.java:127)
at org.zaproxy.addon.authhelper.HistoryProvider.addAuthMessageToHistory(HistoryProvider.java:80)
at org.zaproxy.addon.authhelper.internal.ClientSideHandler.handleMessage(ClientSideHandler.java:93)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:151)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:138)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:94)
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.lambda$channelRead0$0(MainServerHandler.java:82)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:840)
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:469)
at org.parosproxy.paros.db.paros.ParosTableHistory.write(ParosTableHistory.java:419)
... 13 more
Hello, can you tell me the reason?
Message has been deleted
guanggang long
Jan 27, 2026, 5:27:18 AMJan 27
to ZAP User Group
BrowserAuth.yaml:
env:
contexts:
- name: Default Context
urls:
- http://192.168.11.161
includePaths:
- http://192.168.11.161.*
authentication:
method: browser
parameters:
browserId: chrome-headless
loginPageUrl: http://192.168.11.161/login
loginPageWait: 5
verification:
method: autodetect
sessionManagement:
method: autodetect
technology: {}
users:
- name: test-user
credentials:
username: admin
password: admin123
parameters: {}
jobs:
- type: passiveScan-config
parameters:
disableAllRules: true
rules:
- name: Authentication Request Identified
id: 10111
threshold: medium
- name: Session Management Response Identified
id: 10112
threshold: medium
- name: Verification Request Identified
id: 10113
threshold: medium
- type: requestor
parameters:
user: test-user
requests:
- url: http://192.168.11.161
- type: passiveScan-wait
parameters: {}
- name: auth-test-report
type: report
parameters:
template: auth-report-json
theme: null
reportDir: .
reportFile: auth-report.json
reportTitle: ZAP by Checkmarx Scanning Report
sections:
- summary
- afenv
- statistics
The automation script called by the daemon mode API failed to authenticate the browser. The JAVA code is as follows:
env:
contexts:
- name: Default Context
urls:
- http://192.168.11.161
includePaths:
- http://192.168.11.161.*
authentication:
method: browser
parameters:
browserId: chrome-headless
loginPageUrl: http://192.168.11.161/login
loginPageWait: 5
verification:
method: autodetect
sessionManagement:
method: autodetect
technology: {}
users:
- name: test-user
credentials:
username: admin
password: admin123
parameters: {}
jobs:
- type: passiveScan-config
parameters:
disableAllRules: true
rules:
- name: Authentication Request Identified
id: 10111
threshold: medium
- name: Session Management Response Identified
id: 10112
threshold: medium
- name: Verification Request Identified
id: 10113
threshold: medium
- type: requestor
parameters:
user: test-user
requests:
- url: http://192.168.11.161
- type: passiveScan-wait
parameters: {}
- name: auth-test-report
type: report
parameters:
template: auth-report-json
theme: null
reportDir: .
reportFile: auth-report.json
reportTitle: ZAP by Checkmarx Scanning Report
sections:
- summary
- afenv
- statistics
The automation script called by the daemon mode API failed to authenticate the browser. The JAVA code is as follows:
Please let me know if you need any other code so that I can provide it!
Simon Bennetts
Jan 27, 2026, 12:13:48 PMJan 27
to ZAP User Group
Why are you calling the Automation Framework via the API?
The command line option seems to be much more straight forward.
Does the authentication actually work?
The error ZAP is reporting indicates that it failed to record a very large response in the ZAP db.
This is unlikely to impact whether authentication works or not.
Cheers,
Simon
guanggang long
Jan 27, 2026, 7:27:25 PMJan 27
to ZAP User Group
ZAP's powerful scanning function is planned to be integrated into the system, so API calls are used;
Strangely, authentication can be performed normally by calling BrowserAuth. yaml from the command line;
Strange errors may occur when calling through the API, and it seems that authentication has not been triggered based on the analysis of the scanned system logs;
Is there a bug in the API that does not support calling?
ZAP version used: 2.17.0
Strangely, authentication can be performed normally by calling BrowserAuth. yaml from the command line;
Strange errors may occur when calling through the API, and it seems that authentication has not been triggered based on the analysis of the scanned system logs;
Is there a bug in the API that does not support calling?
ZAP version used: 2.17.0
Simon Bennetts
Jan 30, 2026, 6:00:47 AMJan 30
to ZAP User Group
We are not aware of any bugs when setting up authentication via the API.
However it is generally more complicated to use the API, which is why we recommend just using the Automation Framework for most users.
Unfortunately this is probably something you'll have to debug yourself, unless you can create a standalone example that shows the problem that we can run.
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages