Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Unable to get LWP Basic Authentication to Work

by sierrathedog04 (Hermit)
on Mar 01, 2002 at 02:05 UTC ( #148451=perlquestion: print w/ replies, xml ) Need Help??
sierrathedog04 has asked for the wisdom of the Perl Monks concerning the following question:

How do I know if a site is prompting me with basic authentication? I am attempting to use LWP to do basic authentication and for some reason it is not working. Running the the following script:
use HTTP::Request::Common qw(POST); use LWP::UserAgent; use strict; my $ua = LWP::UserAgent->new(); my $req = POST 'http://home.sff.net/login.asp', [ username => 'jonatha +nmark', RecordID => 4142]; print "The netloc is" , $req->url->netloc, ". "; $ua->credentials($req->url->netloc, "home.sff.net", 'jonathanmark', 'n +ottherealpassword'); my$content = $ua->request($req)->as_string; print "Content is $content";
produces the following output:
The netloc is: home.sff.net. Content is HTTP/1.0 401 (Unauthorized) Ac +cess Denied Cache-Control: private Date: Fri, 01 Mar 2002 01:46:04 GMT Via: 1.1 Dyn-EH-NetCache (NetCache NetApp/5.1R2) Server: Greyware Web Server WWW-Authenticate: Basic realm="home.sff.net" Content-Length: 24 Content-Type: text/html Client-Date: Fri, 01 Mar 2002 01:48:51 GMT Client-Peer: 208.14.208.55:80 Error: Access is Denied.
If anyone has any idea I would really appreciate it.

Comment on Unable to get LWP Basic Authentication to Work
Select or Download Code
Re: Unable to get LWP Basic Authentication to Work
by Zaxo (Archbishop) on Mar 01, 2002 at 05:34 UTC

    Adapted from lwpcook and HTTP::Request::Common:

    use HTTP::Request::Common qw(POST); use LWP::UserAgent; use strict; my $ua = LWP::UserAgent->new; my $req = POST 'http://home.sff.net/login.asp', Content_Type => form-data, Content => [ username=>'jonathanmark', RecordID=>'4142' ]; $req->authorization_basic('jonathanmark', 'nottherealpassword'); my $content = $ua->request($req)->as_string; print "Content is $content";
    This has some changes to the HTTP::Request constructor's arguments, and addition of the &HTTP::Request::authorization_basic call. Warning: untested.

    After Compline,
    Zaxo

      Thanks. Your changes seemed to fix the immediate problem. I now get
      Content is HTTP/1.0 302 (Found) Object moved Cache-Control: private Date: Fri, 01 Mar 2002 15:37:36 GMT Via: 1.1 Dyn-EH-NetCache (NetCache NetApp/5.1R2) Location: /index.asp Server: Greyware Web Server Content-Length: 131 Content-Type: text/html Client-Date: Fri, 01 Mar 2002 15:40:21 GMT Client-Peer: 208.14.208.55:80 Set-Cookie: ASPSESSIONIDGGQQGGAJ=KOMOONBBOOGGPDKDEEPCAAOI; path=/ Title: Object moved <head><title>Object moved</title></head> <body><h1>Object Moved</h1>This object may be found <a HREF="/index.as +p">here</a>.</body>
      There is a good chance that with some tinkering I might be able to get this thing to work. One oddity is that the object moved message does not appear when I go to login.asp interactively and enter a password.

      However, what I have now is a big improvement. I guess one lesson is to use

      req->authorization_basic('jonathanmark', 'nottherealpassword');
      instead of the credentials method.

      Addendum: Finally got it to work. The trick turned out to be setting the referrer property so that the script seems to be coming from the page on which the form exists.

      use HTTP::Request::Common qw(POST); use LWP::UserAgent; use HTTP::Cookies; use strict; my $ua = LWP::UserAgent->new; $ua->cookie_jar(HTTP::Cookies->new(file => "lwpcookies.txt", autosave => 1)); for (my $i = 3543; $i < 4140; $i++) { # log in to authentication page. my $req = HTTP::Request->new(GET => 'http://www.sff.net/member/guestbo +okconfigurator.asp?jonathanmark'); $req->authorization_basic('jonathanmark', 'nottherealpassword'); my $content = $ua->request($req)->as_string; print "Login to configurator $i\n"; my $req = HTTP::Request->new(GET => 'http://www.sff.net/member/guestbo +ok.asp?jonathanmark'); $req->referer("http://www.sff.net/guestbookconfigurator.asp?jonathanma +rk"); $req->authorization_basic('jonathanmark', 'nottherealpassword'); my $content = $ua->request($req)->as_string; print "retrieved guestbook $i\n"; #delete an entry my $req = POST 'http://www.sff.net/guestbook.asp', Content => [ GuestbookName=>'jonathanmark', RecordID=>"$i", Button=>'Delete this Entry' ]; $req->referer("http://www.sff.net/guestbook.asp?jonathanmark"); $req->authorization_basic('jonathanmark', 'nottherealpassword'); my $content = $ua->request($req)->as_string; print "deleted $i\n"; }

        You don't see the "Object Moved" message from your browser because there is also a redirect header in that response, and the browser follows that.

        Have a closer look at how the LWP::UserAgent handleds request chains, especially in terms of examining what you get back as a response. The response object you were originally getting, for example, would tell you that you needed to provide authentication credentials, and also told you the "realm" for which it was expecting you to authenticate. Browsers manage this hand-shaking behind the scenes for you.

        Generally, I would have expected LWP::UserAgent to have followed the redirect to the new location, but it may be that with the POST data it consciously doesn't do so (I don't know for certain on this point). Still, you can use the Location: header to determine the new URL, and send the same content-body to the new location. If you created an actual HTTP::Request object to pass to the useragent object (as opposed to creating a throw-away instance within the parameter list to $US->request()), you can re-assign the request's URL using the ->uri($new_uri) method as detailed in the manual page.

        --rjray

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://148451]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (10)
As of 2014-10-22 22:01 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (122 votes), past polls