Ranorex Forum

Hi I'm a novice user of Ranorex (v. 6.0) in a Windows/.NET environment (Win. 7, IE 11/Chrome/FF latest versions). I searched the forum but couldn't find a similar issue - here's my question:

I have a web-app that requires 2nd factor authentication to log-in (i.e. a security code/PIN that gets emailed to a user). However we can suppress that feature for subsequent logins by logging in on the same machine and clicking a Remember Me checkbox. Executing this manually works perfectly well but with Ranorex, it does not. It seems that Ranorex presents itself as a new user/session to the authentication server so that it issues a new session cookie, something like that? Is there a way for Ranorex to identify itself as a persistent user so that I can easily log in with multiple user accounts on the same machine? Thanks for any info!

I think it might be easier if you have Ranorex open up the email account and find the new 2-factor email and read the security code from that each time. Ranorex is great at repeatable steps, and that is what it's designed for. Just make this set of steps part of your test, then you don't have to worry about having a session always be there. I'm not sure about how you are getting to the login, but Ranorex doesn't store any session info at all unless you code it into your test.

What settings are you using for the Start Browser action?

Can you post a sample project that demonstrates the issue so we can help you figure it out?

Thank you krstcs - I just use the Open Browser command with the URL populated in that step (it's actually its own recording module consisting of just that 1 action).

I tried to get the security code/PIN from both Outlook desktop and Outlook web-client but, in the emails with the security code, Ranorex sees that section of the email body as 1 onscreen element. I'm not sure how to direct Ranorex to parse just the unique sec. code out of the rest of the paragraph. I contacted the dev. team and unfortunately they don't store that code in any other table I could access.

Thank you again for your reply - sorry I'm not able to upload a sample project. Maybe I can send to another email client (e.g. Gmail) and see if Ranorex can 'see' the code there.

Basically it works like this, however:

1. User opens site.
2. User clicks Log In.
3. User enters user name/pw and submits.
4. User is prompted to check their personal email for 15-min. security code.
5. User retrieves code and enters it and has option to activate Remember Me checkbox to avoid second factor authentication in future. User submits.
6. Home page of application displays.

Thanks.

I just looked at Outlook OWA and it works just fine with Ranorex. Is it that your system sends the code as an image block instead of a text element? If that is the case, then you will probably need to find a different way. Perhaps your developers could add a service call in your test environment that allows you to get the code that way, or add a test web site that shows the generated code as pure text?

Thanks - I tracked the section of the email containing the security code and it's identified as 'rawtext' in the Path Editor (sorry I'm still quite a novice when it comes to the tool) - it displays as a long string, a sentence basically, containing the Sec. Code. I just don't know how to get the Security Code isolated by itself. Perhaps I have to use some Regex syntax? It'll have to be some kind of a variable right, since each unique login will get its own matching code.

Can you post the FULL TEXT of the line that includes the security code? I might be able to help with the regex that way.

Also, if you can please post a Ranorex Snapshot of the email, that would be even better.

Thanks very much for your patience/assistance krstcs - here's the line I can actually track as an onscreen element:

Your temporary security code is XXXXXXXX. This code expires in 15 minutes. Expiration Time: Mon Nov 14 14:57:14 EST 2016

...where XXXXXXXX = the unique sec. code (alphanum in all caps). Thank you again!

Hi, I believe this regex should help (I hope Kelly will confirm it;))...

([A-Z0-9]+)(?=\.)

Basically, it returns all uppercase alphanumeric characters preceding "." character.

Looks good to me! Mine probably wouldn't have been so elegant... Thanks Pavel!


Just in case they have any other periods preceded by uppercase alphanumerics, I would probably have gone for something like:

security code is ([A-Z0-9]+)\.

But, if Pavel's works for you, then use it because it also won't be as hard to manage if your verbiage changes.

Thank you both, it's very helpful of you! I will probably run into more novice-level problems but will give it a try.