473,387 Members | 2,436 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > basic authentication problem

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Basic Authentication problem

Hi,

I've written my first attempt at basic authentication and it doesn't
work. I thought I understood the specs, but I must be missing something
obvious. Can anyone give me a hint as to what might be going wrong. I
know the username and password are correct because I can log into the
site manually. Below is the code (with my customer's site-specific
stuff X'ed out) :

Thanks,
--gary

$fh = fsockopen('XXXXXXXXX.com', 80, $errno, $errstr, 30);
if($fh) {
$body =
'service=RemoveProspect&modifiers[responder]='.$group;
$body .= '&modifiers[email]='.$_POST['email'];
$body .= '&modifiers[ip]='.$ip_addr;
$request = 'POST /XXX/Webservice/PostServer/
HTTP/1.1'."\r\n"
.'Authorization: Basic
'.base64_encode("username:password")."\r\n"
.'Host: XXXXXXXXX.com'."\r\n"
.'Referer:
http://'.$_SERVER['SERVER_NAME']."\r\n"
."Content-Type:
application/x-www-form-urlencoded\r\n"
.'Content-length: '.strlen($body)."\r\n"
.'Connection: close'."\r\n\r\n"
.$body;
fwrite($fh, $request);
$response = '';
while(!feof($fh)) {
$response .= fread($fh, 1024);
}
fclose($fh);

The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.

Jun 27 '06 #1
6 2444
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW
Jun 27 '06 #2

Janwillem Borleffs wrote:
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW


Good thought. I just tired your suggestion but it didn't help. :-(

Thanks,
--gary

Jun 27 '06 #3

fiziwig wrote:
Janwillem Borleffs wrote:
fiziwig wrote:
The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.


Perhaps the host expects a User-Agent; try to provide one.
JW


Good thought. I just tired your suggestion but it didn't help. :-(

Thanks,
--gary


Another oddity: I changed the URL in the fsockopen to point to a
different server (also changing the password and username) and the same
code works fine on my own server but not on the customer's server.
Hmmm.

--gary

Jun 27 '06 #4
fiziwig wrote:
Another oddity: I changed the URL in the fsockopen to point to a
different server (also changing the password and username) and the
same code works fine on my own server but not on the customer's
server. Hmmm.


Try manual entry with FireFox and the Live HTTP Headers extension enabled
(http://livehttpheaders.mozdev.org/) and see where the communication
consists of.

Perhaps one uses IIS and the other Apache and there's a difference in
handling these requests...
JW
Jun 27 '06 #5
fiziwig wrote:
Hi,

I've written my first attempt at basic authentication and it doesn't
work. I thought I understood the specs, but I must be missing something
obvious. Can anyone give me a hint as to what might be going wrong. I
know the username and password are correct because I can log into the
site manually. Below is the code (with my customer's site-specific
stuff X'ed out) :

Thanks,
--gary

$fh = fsockopen('XXXXXXXXX.com', 80, $errno, $errstr, 30);
if($fh) {
$body =
'service=RemoveProspect&modifiers[responder]='.$group;
$body .= '&modifiers[email]='.$_POST['email'];
$body .= '&modifiers[ip]='.$ip_addr;
$request = 'POST /XXX/Webservice/PostServer/
HTTP/1.1'."\r\n"
.'Authorization: Basic
'.base64_encode("username:password")."\r\n"
.'Host: XXXXXXXXX.com'."\r\n"
.'Referer:
http://'.$_SERVER['SERVER_NAME']."\r\n"
."Content-Type:
application/x-www-form-urlencoded\r\n"
.'Content-length: '.strlen($body)."\r\n"
.'Connection: close'."\r\n\r\n"
.$body;
fwrite($fh, $request);
$response = '';
while(!feof($fh)) {
$response .= fread($fh, 1024);
}
fclose($fh);

The variable strings are OK because I can cut and paste them into the
URL when I log in manually and they are accepted. But the above code
always returns a 403, Not Authorized.

'Authorization: Basic '.base64_encode("username:password")."\r\n"

Are you putting your real username and password in here?

Also, don't know if it makes a difference - but I normally put the authorization
header just before the content type.

If you're running Firefox, you can get the Live HTTP Headers extension for it.
Print out your header and compare it to what you get when you try to access the
page with Firefox. You should be able to see what the difference is.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jun 27 '06 #6

Jerry Stuckle wrote:
<snip>

'Authorization: Basic '.base64_encode("username:password")."\r\n"

Are you putting your real username and password in here?

Also, don't know if it makes a difference - but I normally put the authorization
header just before the content type.

If you're running Firefox, you can get the Live HTTP Headers extension for it.
Print out your header and compare it to what you get when you try to access the
page with Firefox. You should be able to see what the difference is.


Yes, I am using the real username and password.

FWIW: This alternate approach DID work:

$url = 'http://XXXXXXX.com/ModWebservice/PostServer/';
$url .= '?service=AddProspect&modifiers[responder][0]='.$list_name;
$url .= '&modifiers[email]='.$email;
$url .= '&modifiers[name]='.urlencode($first_name.' '.$last_name);
$url .= '&modifiers[ip]='.$ip;
$ch = curl_init();
// set URL and other appropriate options
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_USERPWD, "username:password");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// grab URL and pass it to the browser
$response=curl_exec($ch);

// close CURL resource, and free up system resources
curl_close($ch);

Thanks for all the suggestions.

--gary

Jun 29 '06 #7
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
HTTP - basic authentication example.
by: Michael Foord | last post by:
#!/usr/bin/python -u # 15-09-04 # v1.0.0 # auth_example.py # A simple script manually demonstrating basic authentication. # Copyright Michael Foord # Free to use, modify and relicense. #...
Python
4
Setting timeout for basic authentication
by: Joseph | last post by:
I have an intranet application that I setup using windows authentication through IIS basic authentication. Is there a way to set a timeout, so that after ten minutes the user will be prompted...
C# / C Sharp
2
ASP.Net Forms authentication with basic authentication popup
by: Brett Porter | last post by:
Relatively new to ASP.Net but have a strange problem. My site uses forms authentication for a large administration section however after the user logs in each page they subsequently click on...
ASP.NET
4
Basic Authentication problem
by: Barry | last post by:
The MS fix for IE broke how users access our site (if they patch their browsers), so I need a solution to get users logged onto our site transparently. Basically we used to log on to the site...
ASP.NET
3
problems with windows basic authentication
by: sefe dery | last post by:
hi ng, i try to create a asp.net 1.0 website on windows server 2003(Servername: ServerX) with iis 6.0. PROBLEM: The user should login with his windows credentials in basic.aspx and...
ASP.NET
13
Basic Authentication ... solution seems a mystery?
by: Pete | last post by:
I'm cross posting from mscom.webservices.general as I have received no answer there: There has been a number of recent posts requesting how to satisfactorily enable BASIC authorization at the...
.NET Framework
3
Setting up HttpListener basic authentication
by: Martin | last post by:
How does one set up basic authentication on an HttpListener? I know I need to set the HttpListener.AuthenticationSchemes to AuthenticationSchemes.Basic but then I'm unsure how and against what...
.NET Framework
1
.NET based SOAP proxy and HTTP Basic Authentication
by: Tony Stephens | last post by:
Hi, I've created a small forms based application in c# to test a vendor's product and the web service interface that it exposes. We have deployed two instances of the vendor product one which...
.NET Framework
3
Authentication Q - Cant use basic or windows
by: arun.hallan | last post by:
Hi, I'm having problems with authentication. I have a set of users that are allowed to use a webpage. They are in domain A. My goal is to get the username of these users and then check them...
ASP.NET
0
VBA (Acces2000): Basic Authentication SoapClient to SoapServer
by: =?Utf-8?B?UHZkYl9CQQ==?= | last post by:
Hi all, I have a problem with accessing a webservice from Access2000 (=VBA). I hope I can place this question in this group. If no, please give me an better place it. So, i'm try to connect...
.NET Framework
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!