1

When I use curl, this works:

curl -v https://example.org:8080/platform/3/zones --insecure --basic -u 'user:password'
* About to connect() to example.org port 8080 (#0)
*   Trying example.org... connected
* Connected to example.org (example.org) port 8080 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
*       subject: E=support@isilon.com,CN=Isilon Systems,OU=Isilon Systems,O="Isilon Systems, Inc.",L=Seattle,ST=Washington,C=US
*       start date: May 15 07:48:59 2014 GMT
*       expire date: May 14 07:48:59 2017 GMT
*       common name: Isilon Systems
*       issuer: E=support@isilon.com,CN=Isilon Systems,OU=Isilon Systems,O="Isilon Systems, Inc.",L=Seattle,ST=Washington,C=US
* Server auth using Basic with user 'root'
> GET /platform/3/zones HTTP/1.1
> Authorization: Basic xxxxxxxxxxxxxxxxxxxx
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: example.org:8080
> Accept: */*
>
< HTTP/1.1 200 Ok
< Date: Mon, 08 Jan 2018 23:44:18 GMT
< Server: Apache/2.2.31 (FreeBSD) mod_ssl/2.2.31 OpenSSL/1.0.2j-fips mod_fastcgi/2.4.6
< Allow: GET, POST, HEAD
< Transfer-Encoding: chunked
< Content-Type: application/json
<
[data omitted]

So, I'm trying this Python code:

#!/usr/bin/python
import urllib2
auth_handler = urllib2.HTTPBasicAuthHandler()
auth_handler.add_password(None, 'https://example.org:8080/', 'user', 'password')
opener = urllib2.build_opener(
    auth_handler,
    )
urllib2.install_opener(opener)
r = urllib2.Request('https://example.org:8080/platform/3/zones')
try:
    f = urllib2.urlopen(r)
except urllib2.HTTPError as err:
    print '***', err.code, err.msg
    print err.headers
    print err.read()

and I get this back:

*** 401 Authorization Required
Date: Mon, 08 Jan 2018 23:32:19 GMT
Server: Apache/2.2.31 (FreeBSD) mod_ssl/2.2.31 OpenSSL/1.0.2j-fips mod_fastcgi/2.4.6
WWW-Authenticate: Basic
Last-Modified: Fri, 12 May 2017 09:14:48 GMT
ETag: "2841d-31-54f5023135200"
Accept-Ranges: bytes
Content-Length: 49
Connection: close
Content-Type: application/json

{"errors":[{"message":"authorization required"}]}

It might be that the '--insecure' flag on the curl command is doing something, or perhaps I made a mistake setting up my auth_handler. If you spot something, let me know. I'm unfortunately behind a firewall that won't let me get to http://httpbin.org/ so I'll need to move my code elsewhere to test it there.

samwyse
  • 2,760
  • 1
  • 27
  • 38
  • After much mucking around, I discovered https://stackoverflow.com/questions/635113/python-urllib2-basic-http-authentication-and-tr-im/33509568#33509568 and added the authentication header myself. Would still like to know why the auth handler isn't filling it in itsef. – samwyse Jan 09 '18 at 02:53
  • Why are you giving `None` as the value of the `realm`? According to the [documentation](https://docs.python.org/2/library/urllib2.html#urllib2.HTTPPasswordMgr.add_password) it must be `string`. – DjLegolas Jan 09 '18 at 21:37
  • @DjLegolas "For HTTPPasswordMgrWithDefaultRealm objects, the realm None will be searched if the given realm has no matching user/password." – samwyse Jan 18 '18 at 20:11
  • that is correct in case you are sure you are using **HTTPPasswordMgrWithDefaultRealm**. But you don't know that, as you are not passing a password manager as a parameter. Therefor, you are using the default on giving to you in init, which is **HTTPPasswordMgr**. – DjLegolas Jan 19 '18 at 16:55

0 Answers0