473,804 Members | 3,700 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Basic Authentication problem

Hi,

I've written my first attempt at basic authentication and it doesn't
work. I thought I understood the specs, but I must be missing something
obvious. Can anyone give me a hint as to what might be going wrong. I
know the username and password are correct because I can log into the
site manually. Below is the code (with my customer's site-specific
stuff X'ed out) :

Thanks,
--gary

$fh = fsockopen('XXXX XXXXX.com', 80, $errno, $errstr, 30);
if($fh) {
$body =
'service=Remove Prospect&modifi ers[responder]='.$group;
$body .= '&modifiers[email]='.$_POST['email'];
$body .= '&modifiers[ip]='.$ip_addr;
$request = 'POST /XXX/Webservice/PostServer/
HTTP/1.1'."\r\n"
.'Authorization : Basic
'.base64_encode ("username:pass word")."\r\n"
.'Host: XXXXXXXXX.com'. "\r\n"
.'Referer:
http://'.$_SERVER['SERVER_NAME']."\r\n"
."Content-Type:
application/x-www-form-urlencoded\r\n"
.'Content-length: '.strlen($body) ."\r\n"
.'Connection: close'."\r\n\r\ n"
.$body;
fwrite($fh, $request);
$response = '';
while(!feof($fh )) {
$response .= fread($fh, 1024);
}
fclose($fh);

The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.

Jun 27 '06 #1
6 2465
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW
Jun 27 '06 #2

Janwillem Borleffs wrote:
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW


Good thought. I just tired your suggestion but it didn't help. :-(

Thanks,
--gary

Jun 27 '06 #3

fiziwig wrote:
Janwillem Borleffs wrote:
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW


Good thought. I just tired your suggestion but it didn't help. :-(

Thanks,
--gary


Another oddity: I changed the URL in the fsockopen to point to a
different server (also changing the password and username) and the same
code works fine on my own server but not on the customer's server.
Hmmm.

--gary

Jun 27 '06 #4
fiziwig wrote:
Another oddity: I changed the URL in the fsockopen to point to a
different server (also changing the password and username) and the
same code works fine on my own server but not on the customer's
server. Hmmm.


Try manual entry with FireFox and the Live HTTP Headers extension enabled
(http://livehttpheaders.mozdev.org/) and see where the communication
consists of.

Perhaps one uses IIS and the other Apache and there's a difference in
handling these requests...
JW
Jun 27 '06 #5
fiziwig wrote:
Hi,

I've written my first attempt at basic authentication and it doesn't
work. I thought I understood the specs, but I must be missing something
obvious. Can anyone give me a hint as to what might be going wrong. I
know the username and password are correct because I can log into the
site manually. Below is the code (with my customer's site-specific
stuff X'ed out) :

Thanks,
--gary

$fh = fsockopen('XXXX XXXXX.com', 80, $errno, $errstr, 30);
if($fh) {
$body =
'service=Remove Prospect&modifi ers[responder]='.$group;
$body .= '&modifiers[email]='.$_POST['email'];
$body .= '&modifiers[ip]='.$ip_addr;
$request = 'POST /XXX/Webservice/PostServer/
HTTP/1.1'."\r\n"
.'Authorization : Basic
'.base64_encode ("username:pass word")."\r\n"
.'Host: XXXXXXXXX.com'. "\r\n"
.'Referer:
http://'.$_SERVER['SERVER_NAME']."\r\n"
."Content-Type:
application/x-www-form-urlencoded\r\n"
.'Content-length: '.strlen($body) ."\r\n"
.'Connection: close'."\r\n\r\ n"
.$body;
fwrite($fh, $request);
$response = '';
while(!feof($fh )) {
$response .= fread($fh, 1024);
}
fclose($fh);

The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.

'Authorization: Basic '.base64_encode ("username:pass word")."\r\n"

Are you putting your real username and password in here?

Also, don't know if it makes a difference - but I normally put the authorization
header just before the content type.

If you're running Firefox, you can get the Live HTTP Headers extension for it.
Print out your header and compare it to what you get when you try to access the
page with Firefox. You should be able to see what the difference is.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attgl obal.net
=============== ===
Jun 27 '06 #6

Jerry Stuckle wrote:
<snip>

'Authorization: Basic '.base64_encode ("username:pass word")."\r\n"

Are you putting your real username and password in here?

Also, don't know if it makes a difference - but I normally put the authorization
header just before the content type.

If you're running Firefox, you can get the Live HTTP Headers extension for it.
Print out your header and compare it to what you get when you try to access the
page with Firefox. You should be able to see what the difference is.


Yes, I am using the real username and password.

FWIW: This alternate approach DID work:

$url = 'http://XXXXXXX.com/ModWebservice/PostServer/';
$url .= '?service=AddPr ospect&modifier s[responder][0]='.$list_name;
$url .= '&modifiers[email]='.$email;
$url .= '&modifiers[name]='.urlencode($f irst_name.' '.$last_name);
$url .= '&modifiers[ip]='.$ip;
$ch = curl_init();
// set URL and other appropriate options
curl_setopt($ch , CURLOPT_URL, $url);
curl_setopt($ch , CURLOPT_HEADER, false);
curl_setopt($ch , CURLOPT_USERPWD , "username:passw ord");
curl_setopt($ch , CURLOPT_HTTPAUT H, CURLAUTH_BASIC) ;
curl_setopt($ch , CURLOPT_RETURNT RANSFER, true);

// grab URL and pass it to the browser
$response=curl_ exec($ch);

// close CURL resource, and free up system resources
curl_close($ch) ;

Thanks for all the suggestions.

--gary

Jun 29 '06 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
7
9293
HTTP - basic authentication example.
by: Michael Foord | last post by:
#!/usr/bin/python -u # 15-09-04 # v1.0.0 # auth_example.py # A simple script manually demonstrating basic authentication. # Copyright Michael Foord # Free to use, modify and relicense. # No warranty express or implied for the accuracy, fitness to purpose
Python
4
11848
Setting timeout for basic authentication
by: Joseph | last post by:
I have an intranet application that I setup using windows authentication through IIS basic authentication. Is there a way to set a timeout, so that after ten minutes the user will be prompted again to enter their login ID and password? I have not been able to find anything on microsoft or google. Other than this, the only way a user will be prompted again is if they are forced to open a new browser window for getting to the web page. ...
C# / C Sharp
2
1669
ASP.Net Forms authentication with basic authentication popup
by: Brett Porter | last post by:
Relatively new to ASP.Net but have a strange problem. My site uses forms authentication for a large administration section however after the user logs in each page they subsequently click on brings up a basic authentication dialogue box. Clicking cancel will still allow the user to view the page but this quickly becomes very annoying. What is even more confusing is that for another part on the same site I decided to use session...
ASP.NET
4
2073
Basic Authentication problem
by: Barry | last post by:
The MS fix for IE broke how users access our site (if they patch their browsers), so I need a solution to get users logged onto our site transparently. Basically we used to log on to the site by: http://username:pwd@www.mysite.com/main/ which uses basic auth, but now that doesn't work. I would like to find a way where I can still use basic auth and tell the people hitting our site to modify their url to:...
ASP.NET
3
2544
problems with windows basic authentication
by: sefe dery | last post by:
hi ng, i try to create a asp.net 1.0 website on windows server 2003(Servername: ServerX) with iis 6.0. PROBLEM: The user should login with his windows credentials in basic.aspx and automatically redirect to his own files. i have the following file-structure:
ASP.NET
13
15571
Basic Authentication ... solution seems a mystery?
by: Pete | last post by:
I'm cross posting from mscom.webservices.general as I have received no answer there: There has been a number of recent posts requesting how to satisfactorily enable BASIC authorization at the HTTP level but as yet no fully useful answer. I too have been trying to call an apache/axis webservice which desires a username/password from my C# Client. (ie the equivalent of _call.setUsername("Myname") name from within a Java client proxy)...
.NET Framework
3
15881
Setting up HttpListener basic authentication
by: Martin | last post by:
How does one set up basic authentication on an HttpListener? I know I need to set the HttpListener.AuthenticationSchemes to AuthenticationSchemes.Basic but then I'm unsure how and against what (users on the PC?) the Authentication is occuring. Is there a way for me to receive and control the Authentication attempt myself? This is probably obvious but I've found nothing describing it.
.NET Framework
1
9534
.NET based SOAP proxy and HTTP Basic Authentication
by: Tony Stephens | last post by:
Hi, I've created a small forms based application in c# to test a vendor's product and the web service interface that it exposes. We have deployed two instances of the vendor product one which has an unprotected (no authentication) interface and one that is protected using HTTP basic authentication. I can invoke methods on the unprotected instance and everything's fine. When I attempt to invoke methods on the protected instance the...
.NET Framework
3
1678
Authentication Q - Cant use basic or windows
by: arun.hallan | last post by:
Hi, I'm having problems with authentication. I have a set of users that are allowed to use a webpage. They are in domain A. My goal is to get the username of these users and then check them against my list. The webpage is hosted under a username in domain B. I cannot change any settings on the domains.
ASP.NET
0
1964
VBA (Acces2000): Basic Authentication SoapClient to SoapServer
by: =?Utf-8?B?UHZkYl9CQQ==?= | last post by:
Hi all, I have a problem with accessing a webservice from Access2000 (=VBA). I hope I can place this question in this group. If no, please give me an better place it. So, i'm try to connect to a webservice with an Soapcall to exchange info with it. I think that the problem is the Basic Authentication (an other call to an
.NET Framework
0
9706
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9582
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10335
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
7621
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6854
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5525
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
5652
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4301
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3821
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us