[BDDFramework] Anonymous access to BBD Framework tests - is there any option?
bddframework
Web icon
Forge component by Platform Maintenance

As per the BDD Framework documentation:

"Note: When calling a TestSuiteScreen, always make sure that it can be accessed through non-authenticated requests (in Service Studio, set the Anonymous Role in the Web Screen properties.) When the BDDFramework makes a request to get the screen, it will be without authentication and as a result, it won’t work if not set up this way."

I don't like this at all, since it basically means that anyone can access thorough documentation of my client's business logic in the form of BDD test scenarios.

Is there any way to secure the BDD test screens? I should mention that I'm also using the TestFramework developed by Indigo to automate my BDD tests.

Hi Johan,

I totally agree with you, that it wouldn't be a viable option.

However, if you do not deploy and run the tests on the production environment, wouldn't this solve your issue? 

They would still be readily available on the internet even if they are only published on the dev environment, right?

Of course, the URL would have to be known, so maybe it's far-fetched to assume that this is a problem... still, I feel it's not very elegant to have them out in the open like that!

Yes, this might absolutely be an option!

However, I'm unsure what would happen when the automated TestFramework suite runs, i.e. what IP address it would use?

It should run under the IP of the environment, so I guess it won't be a problem ;)

So, @Pedro Gonçalves , would a feasible solution be to contact support (this is a cloud environment), ask them to put the dev environment's front end server IP as the "Internal network address", and then set my BDD screens to "Internal access only"?

BTW in the second link it was written, that it is for Traditional Web only (at least the part of setting the property on the Screen itself). So you have to double check that part ;)

Yes, I noticed, that's no problem however, as I'm looking into implementing this on the BDD Framework screens :)

Affirmative, that's what I'm reading in that suggested article. I did this same contact in the past to activate Internal Network but for other reasons, not due to BDD Framework. Believe it was done for those internal reporting screens to be printed to PDF that prior to Platform Server 11 required anonymous access (this is no longer the case, thanks to a recent Forge component).

Wonderful then, this is a perfect solution for me. Thank you!

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.