Basic Authentication problem

Re: Basic Authentication problem

fiziwig wrote:[color=blue]
> The variable strings are OK because I can cut and paste them into the
> URL when I log in manually and they are accepted. But the above code
> always returns a 403, Not Authorized.
>[/color]

Perhaps the host expects a User-Agent; try to provide one.


JW

Re: Basic Authentication problem


Janwillem Borleffs wrote:[color=blue]
> fiziwig wrote:[color=green]
> > The variable strings are OK because I can cut and paste them into the
> > URL when I log in manually and they are accepted. But the above code
> > always returns a 403, Not Authorized.
> >[/color]
>
> Perhaps the host expects a User-Agent; try to provide one.
>
>
> JW[/color]

Good thought. I just tired your suggestion but it didn't help. :-(

Thanks,
--gary

Re: Basic Authentication problem


fiziwig wrote:[color=blue]
> Janwillem Borleffs wrote:[color=green]
> > fiziwig wrote:[color=darkred]
> > > The variable strings are OK because I can cut and paste them into the
> > > URL when I log in manually and they are accepted. But the above code
> > > always returns a 403, Not Authorized.
> > >[/color]
> >
> > Perhaps the host expects a User-Agent; try to provide one.
> >
> >
> > JW[/color]
>
> Good thought. I just tired your suggestion but it didn't help. :-(
>
> Thanks,
> --gary[/color]

Another oddity: I changed the URL in the fsockopen to point to a
different server (also changing the password and username) and the same
code works fine on my own server but not on the customer's server.
Hmmm.

--gary

Re: Basic Authentication problem

fiziwig wrote:[color=blue]
> Another oddity: I changed the URL in the fsockopen to point to a
> different server (also changing the password and username) and the
> same code works fine on my own server but not on the customer's
> server. Hmmm.
>[/color]

Try manual entry with FireFox and the Live HTTP Headers extension enabled
(http://livehttpheaders.mozdev.org/) and see where the communication
consists of.

Perhaps one uses IIS and the other Apache and there's a difference in
handling these requests...


JW

Re: Basic Authentication problem

fiziwig wrote:[color=blue]
> Hi,
>
> I've written my first attempt at basic authentication and it doesn't
> work. I thought I understood the specs, but I must be missing something
> obvious. Can anyone give me a hint as to what might be going wrong. I
> know the username and password are correct because I can log into the
> site manually. Below is the code (with my customer's site-specific
> stuff X'ed out) :
>
> Thanks,
> --gary
>
> $fh = fsockopen('XXXX XXXXX.com', 80, $errno, $errstr, 30);
> if($fh) {
> $body =
> 'service=Remove Prospect&modifi ers[responder]='.$group;
> $body .= '&modifiers[email]='.$_POST['email'];
> $body .= '&modifiers[ip]='.$ip_addr;
> $request = 'POST /XXX/Webservice/PostServer/
> HTTP/1.1'."\r\n"
> .'Authorization : Basic
> '.base64_encode ("username:pass word")."\r\n"
> .'Host: XXXXXXXXX.com'. "\r\n"
> .'Referer:
> http://'.$_SERVER['SERVER_NAME']."\r\n"
> ."Content-Type:
> application/x-www-form-urlencoded\r\n"
> .'Content-length: '.strlen($body) ."\r\n"
> .'Connection: close'."\r\n\r\ n"
> .$body;
> fwrite($fh, $request);
> $response = '';
> while(!feof($fh )) {
> $response .= fread($fh, 1024);
> }
> fclose($fh);
>
> The variable strings are OK because I can cut and paste them into the
> URL when I log in manually and they are accepted. But the above code
> always returns a 403, Not Authorized.
>[/color]


'Authorization: Basic '.base64_encode ("username:pass word")."\r\n"

Are you putting your real username and password in here?

Also, don't know if it makes a difference - but I normally put the authorization
header just before the content type.

If you're running Firefox, you can get the Live HTTP Headers extension for it.
Print out your header and compare it to what you get when you try to access the
page with Firefox. You should be able to see what the difference is.



--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

Re: Basic Authentication problem


Jerry Stuckle wrote:
<snip>[color=blue]
>
> 'Authorization: Basic '.base64_encode ("username:pass word")."\r\n"
>
> Are you putting your real username and password in here?
>
> Also, don't know if it makes a difference - but I normally put the authorization
> header just before the content type.
>
> If you're running Firefox, you can get the Live HTTP Headers extension for it.
> Print out your header and compare it to what you get when you try to access the
> page with Firefox. You should be able to see what the difference is.
>[/color]

Yes, I am using the real username and password.

FWIW: This alternate approach DID work:

$url = 'http://XXXXXXX.com/ModWebservice/PostServer/';
$url .= '?service=AddPr ospect&modifier s[responder][0]='.$list_name;
$url .= '&modifiers[email]='.$email;
$url .= '&modifiers[name]='.urlencode($f irst_name.' '.$last_name);
$url .= '&modifiers[ip]='.$ip;
$ch = curl_init();
// set URL and other appropriate options
curl_setopt($ch , CURLOPT_URL, $url);
curl_setopt($ch , CURLOPT_HEADER, false);
curl_setopt($ch , CURLOPT_USERPWD , "username:passw ord");
curl_setopt($ch , CURLOPT_HTTPAUT H, CURLAUTH_BASIC) ;
curl_setopt($ch , CURLOPT_RETURNT RANSFER, true);

// grab URL and pass it to the browser
$response=curl_ exec($ch);

// close CURL resource, and free up system resources
curl_close($ch) ;

Thanks for all the suggestions.

--gary