468,458 Members | 1,855 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

home > topics > perl > questions > lwp authentication is not sticking

Post your question to a community of 468,458 developers. It's quick & easy.

LWP Authentication is not sticking

Hi,
I use LWP::UserAgent to automate windows login process. I set the credentials using $ua->credentials("host:port","realm","id","password" ); but it fetches only the current page requested. It fails for subsequent requests and pops up the windows form again to supply the credentials. I have created a cookie jar too but this doesnt help as the authentication is not sticking. Any help on this is highly appreciated.

The code is as follows.
Expand|Select|Wrap|Line Numbers
  1. # Module: authenticate.pl
  2. # @author Kiran Kamath
  3.  
  4. #flush the buffer
  5. $|=1;
  6. use CGI;
  7. use CGI::Request;
  8.  
  9. use LWP::UserAgent;
  10. use HTTP::Request;
  11. use LWP::ConnCache;
  12. use HTTP::Cookies;
  13. use LWP::DebugFile;
  14.  
  15. # Configurations required for the script 
  16. require "authvar.ph";
  17. use POSIX qw(strftime);
  18.  
  19. # Set up Alert log
  20.  
  21. open(ALERTS,"$AUTH_LOG") or warn "Cannot open alert log file:$!";
  22. $AlertDate=`date $AUTH_DATE_FORMAT`;
  23. chomp($AlertDate);
  24.  
  25. print ALERTS "$AlertDate authenticate-module entry\n\n" if($AUTH_DEBUG);
  26.  
  27. #Get username and password from POST message
  28.  
  29. $req = GetRequest($pkg);
  30. $uid=$req->param('uid');
  31. $passwd=$req->param('passwd');
  32. my $timeout=10;
  33. $uid=some id ;
  34. $passwd=some passwd ;
  35.  
  36. if(defined($uid) && defined($passwd))
  37. {
  38.     chomp($uid); chomp($passwd);
  39.     print ALERTS "$AlertDate [ UID=$uid , PASSWD=$passwd ]\n";
  40.  
  41.  
  42.     my($res,$request);
  43.  
  44.     # LWP::UserAgent is a class implementing a web user agent used to dispatch web requests.
  45.     $ua = LWP::UserAgent->new();
  46.     $ua->agent('Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727)');
  47.  
  48.     #Set the timeout so that requests is aborted if no activity on the connection to the server is observed for timeout seconds.
  49.     $ua->timeout($timeout);
  50.  
  51.  
  52.     # Set the credentials for a realm 
  53.     $ua->credentials("$AUTH_DOMAIN:$AUTH_PORT","$AUTH_NAME","$uid","$passwd");
  54.  
  55.     # LWP::ConCache is used for the browser to support HTTP Keep-Alive
  56.     # This is required so that after the request is performed connection is not lost and is persistent.
  57.  
  58.     $cache=$ua->conn_cache(LWP::ConnCache->new());
  59.  
  60.     # Cache all the connections
  61.     $ua->conn_cache->total_capacity(undef);
  62.  
  63.     $cookie_jar=HTTP::Cookies->new();
  64.     $cookie_jar->set_cookie("1","nortelid","axptnrtl","/","naxptsts.intec.telcordia.com","4443",1,1,3600,0);
  65.  
  66.     # Give the browser an in-memory empty cookie jar
  67.     $ua->cookie_jar($cookie_jar);
  68.     $ua->default_header('Accept-Language'=>'en-us');
  69.     $ua->default_header('Accept-Encoding'=>'gzip, deflate');
  70.     #$ua->default_header('Accept'=>'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*');
  71.     $ua->default_header('Accept'=>'*/*');
  72.  
  73.  
  74.     $request = new HTTP::Request('GET', $AUTH_URI);
  75.  
  76.     $cookie_jar->add_cookie_header($request);    
  77.  
  78.     $res=$ua->request($request);
  79.  
  80.     $cookie_jar->extract_cookies($res);
  81.  
  82.     my $status = $res->code;
  83.     print ALERTS "$AlertDate Return Status for $AUTH_URI was $status\n";
  84.  
  85.     if($res->is_success){
  86.         $status_message=$res->as_string;
  87.         #print ALERTS "$AlertDate [DEBUG STATUS MESSAGE=$status_message]\n\n";
  88.         print $res->content;
  89.         print ALERTS "$AlertDate [Success Redirecting]\n\n";
  90.     }
  91.     else
  92.     {
  93.         print ALERTS "$AlertDate [Authenticate Header= " . $res->header('WWW-Authenticate') . "]\n";
  94.         print ALERTS "$AlertDate [ERROR STATUS: " .$res->status_line. "]\n\n";
  95.     }
  96. }
  97.  
  98. print ALERTS "$AlertDate authenticate-module exit\n\n" if($AUTH_DEBUG);
  99. close(ALERTS);
  100.  

Thanks
Kiran
Sep 22 '07 #1
4 3991
Hi,
I got the script working when i use webserver url (http). However it doesnt work when going through a proxy server (https). After displaying the initial page it prompts for credentials. This doesnt happen with http. I set env proxy in the script. It handles subsequent requests too. In case of https (proxy server), it doesnt maintaain the credentials for a particular realm.


Any help on this is appreciated.


Thanks
Kiran Kamath
Sep 24 '07 #2
numberwhun
3,503 Expert Mod 2GB
Hi,
I got the script working when i use webserver url (http). However it doesnt work when going through a proxy server (https). After displaying the initial page it prompts for credentials. This doesnt happen with http. I set env proxy in the script. It handles subsequent requests too. In case of https (proxy server), it doesnt maintaain the credentials for a particular realm.


Any help on this is appreciated.


Thanks
Kiran Kamath
The reason that doesn't happen for HTTP is because HTTP is not an authenticated, secure session. HTTPS denotes an SSL session that is authenticated and secure. If you are using it, then you should setup to handle it. I haven't played with LWP yet, but I am sure that the documentation would go over this.

Regards,

Jeff
Sep 24 '07 #3
The reason that doesn't happen for HTTP is because HTTP is not an authenticated, secure session. HTTPS denotes an SSL session that is authenticated and secure. If you are using it, then you should setup to handle it. I haven't played with LWP yet, but I am sure that the documentation would go over this.

Regards,

Jeff
The documentation doesnt describe anything on this. Can the ACL's on the proxy server be configured to get this working?

Thanks
Kiran
Sep 24 '07 #4
Hi,
How to make authentication stick to subsequent pages using LWP . I tried creating cookies after authentication against a realm. but subsequent requests asks for credentials. Anyone knows how to accomplish this? Any help is highly appreciated.


Thanks
Kiran
Sep 26 '07 #5

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

PHP
Authentication with sessions...
10 posts views Thread by Mark H | last post: by
Digest Authentication (RFC 2831)
reply views Thread by Jp Calderone | last post: by
HTTP - basic authentication example.
7 posts views Thread by Michael Foord | last post: by
Windows authentication
8 posts views Thread by Bob Everland | last post: by
Integrated Authentication.
9 posts views Thread by Tom B | last post: by
ASP.NET Forms Authentication Best Practices
reply views Thread by Anonieko Ramos | last post: by
Forms authentication and session expiration
18 posts views Thread by Rippo | last post: by
client authentication
2 posts views Thread by Frank Swarbrick | last post: by
Low-invasive C language library
reply views Thread by NPC403 | last post: by
Python Threads
reply views Thread by kmladenovski | last post: by
BYTES.COM © 2021
About Us
Advertise
Terms Of Use
Privacy Policy
Manage Cookies
Contact Us
Sitemap

Follow us! Get the Latest Bytes Updates
By using this site, you agree to our Privacy Policy and Terms of Use.