[Melbourne-pm] SSO authentication

Mithun Radhakrishnan mithunr2003 at gmail.com
Fri May 23 03:09:06 PDT 2014 

Thanks Jarrod and Toby for your comments.

I installed Mozilla::CA module from cpan and that error went away. But then
I get below authentication error when I ran the same script with same
credentials.

HTTP/1.1 401 Unauthorized
Date: Fri, 23 May 2014 09:03:40 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
Content-Length: 1293
Content-Type: text/html
Client-Date: Fri, 23 May 2014 09:03:40 GMT
Client-Peer: 173.38.9.38:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /O=Company Systems/CN=Company SSCA2
Client-SSL-Cert-Subject: /C=US/ST=California/L=San Jose/O=Company
Technology, Inc./CN=server.domain.com
Client-SSL-Cipher: RC4-SHA
Client-SSL-Socket-Class: IO::Socket::SSL
Client-Warning: Unsupported authentication scheme 'ntlm'
Title: 401 - Unauthorized: Access is denied due to invalid credentials.

URL that I am using is not available in internet. It is an intranet one.
When I use the same URL from browser, it redirects to a SSL server and then
prompts for password and once authenticated it redirects to the URL which I
requested actually and gives me the proper XML response.

I don't know how to automate these kind of  authentication mechanism. Can
you suggest some other way of authentication in LWP

Regards
Mithun


On Fri, May 23, 2014 at 2:16 PM, Toby Wintermute <tjc at wintrmute.net> wrote:

> You've blanked out the actual URL you're trying to GET, so we can't
> check.. but are you sure that it's not redirecting to an HTTPS URL,
> and thus triggering the SSL-related comments from LWP?
>
> I don't suppose you've tried following the hints given to you by LWP,
> that you quoted in your post?
> ie. Either installing the Mozilla CA package, or pointing to an
> existing CA package, or disabling CA verification altogether.
>
> On 23 May 2014 00:09, Mithun Radhakrishnan <mithunr2003 at gmail.com> wrote:
> >
> > I need to do a SSO authentication and do a HTTP GET request for a web
> > service.
> >
> > I get the below response content on doing a basic authentication using
> LWP.
> > I am trying to automate the testing of some of the web services. But the
> > basic authentication using Mozilla(browser) REST client works properly
> and
> > it is giving the expected response.
> >
> > Do we need to do a different authentication mechanism in LWP for SSO?
> >
> >
> > "Can't verify SSL peers without knowning which Certificate Authorities to
> > trust
> >
> > This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
> > envirionment variable or by installing the Mozilla::CA module.
> >
> > To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME
> > envirionment variable to 0.  If you do this you can't be sure that you
> > communicate with the expected peer.
> > "
> >
> >
> >
> -------------------------------------------------------------------------------------------
> > my $method = 'GET';
> > my $uri    = 'http://xxxx';
> > my $username = 'xxx';
> > my $password = 'xxxx';
> >
> > my $cookie_location = "/tmp/cookie";    # This must be read/write
> > my $ua = LWP::UserAgent->new(keep_alive => 1);
> > $ua->default_header( 'Accept' => '*/*' );
> > $ua->cookie_jar(
> >     {
> >         file           => $cookie_location,
> >         autosave       => 1,
> >         ignore_discard => 1
> >     }
> > );
> >
> > my $request = HTTP::Request->new( $method, $uri );
> > $request->authorization_basic( $username, $password );
> > my $response = $ua->request($request);
> >
> >
> ---------------------------------------------------------------------------------
> >
> >
> > Regards
> > Mithun
> >
> > _______________________________________________
> > Melbourne-pm mailing list
> > Melbourne-pm at pm.org
> > http://mail.pm.org/mailman/listinfo/melbourne-pm
>
>
>
> --
> Turning and turning in the widening gyre
> The falcon cannot hear the falconer
> Things fall apart; the center cannot hold
> Mere anarchy is loosed upon the world
> _______________________________________________
> Melbourne-pm mailing list
> Melbourne-pm at pm.org
> http://mail.pm.org/mailman/listinfo/melbourne-pm
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/melbourne-pm/attachments/20140523/7c60128c/attachment-0001.html>

More information about the Melbourne-pm mailing list