[Melbourne-pm] SSO authentication

Toby Wintermute tjc at wintrmute.net
Fri May 23 03:59:06 PDT 2014 

The hint is present in the output - where it says unsupported auth type,
NTLM.
That's not "basic" auth, that's a proprietary Microsoft method.
Searching metacpan for ntlm brings up at least three modules that look like
they handle it. Look into those further?
On 23/05/2014 8:09 pm, "Mithun Radhakrishnan" <mithunr2003 at gmail.com> wrote:

> Thanks Jarrod and Toby for your comments.
>
> I installed Mozilla::CA module from cpan and that error went away. But
> then I get below authentication error when I ran the same script with same
> credentials.
>
> HTTP/1.1 401 Unauthorized
> Date: Fri, 23 May 2014 09:03:40 GMT
> Server: Microsoft-IIS/7.5
> WWW-Authenticate: Negotiate
> WWW-Authenticate: NTLM
> Content-Length: 1293
> Content-Type: text/html
> Client-Date: Fri, 23 May 2014 09:03:40 GMT
> Client-Peer: 173.38.9.38:443
> Client-Response-Num: 1
> Client-SSL-Cert-Issuer: /O=Company Systems/CN=Company SSCA2
> Client-SSL-Cert-Subject: /C=US/ST=California/L=San Jose/O=Company
> Technology, Inc./CN=server.domain.com
> Client-SSL-Cipher: RC4-SHA
> Client-SSL-Socket-Class: IO::Socket::SSL
> Client-Warning: Unsupported authentication scheme 'ntlm'
> Title: 401 - Unauthorized: Access is denied due to invalid credentials.
>
> URL that I am using is not available in internet. It is an intranet one.
> When I use the same URL from browser, it redirects to a SSL server and then
> prompts for password and once authenticated it redirects to the URL which I
> requested actually and gives me the proper XML response.
>
> I don't know how to automate these kind of  authentication mechanism. Can
> you suggest some other way of authentication in LWP
>
> Regards
> Mithun
>
>
> On Fri, May 23, 2014 at 2:16 PM, Toby Wintermute <tjc at wintrmute.net>wrote:
>
>> You've blanked out the actual URL you're trying to GET, so we can't
>> check.. but are you sure that it's not redirecting to an HTTPS URL,
>> and thus triggering the SSL-related comments from LWP?
>>
>> I don't suppose you've tried following the hints given to you by LWP,
>> that you quoted in your post?
>> ie. Either installing the Mozilla CA package, or pointing to an
>> existing CA package, or disabling CA verification altogether.
>>
>> On 23 May 2014 00:09, Mithun Radhakrishnan <mithunr2003 at gmail.com> wrote:
>> >
>> > I need to do a SSO authentication and do a HTTP GET request for a web
>> > service.
>> >
>> > I get the below response content on doing a basic authentication using
>> LWP.
>> > I am trying to automate the testing of some of the web services. But the
>> > basic authentication using Mozilla(browser) REST client works properly
>> and
>> > it is giving the expected response.
>> >
>> > Do we need to do a different authentication mechanism in LWP for SSO?
>> >
>> >
>> > "Can't verify SSL peers without knowning which Certificate Authorities
>> to
>> > trust
>> >
>> > This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE
>> > envirionment variable or by installing the Mozilla::CA module.
>> >
>> > To disable verification of SSL peers set the
>> PERL_LWP_SSL_VERIFY_HOSTNAME
>> > envirionment variable to 0.  If you do this you can't be sure that you
>> > communicate with the expected peer.
>> > "
>> >
>> >
>> >
>> -------------------------------------------------------------------------------------------
>> > my $method = 'GET';
>> > my $uri    = 'http://xxxx';
>> > my $username = 'xxx';
>> > my $password = 'xxxx';
>> >
>> > my $cookie_location = "/tmp/cookie";    # This must be read/write
>> > my $ua = LWP::UserAgent->new(keep_alive => 1);
>> > $ua->default_header( 'Accept' => '*/*' );
>> > $ua->cookie_jar(
>> >     {
>> >         file           => $cookie_location,
>> >         autosave       => 1,
>> >         ignore_discard => 1
>> >     }
>> > );
>> >
>> > my $request = HTTP::Request->new( $method, $uri );
>> > $request->authorization_basic( $username, $password );
>> > my $response = $ua->request($request);
>> >
>> >
>> ---------------------------------------------------------------------------------
>> >
>> >
>> > Regards
>> > Mithun
>> >
>> > _______________________________________________
>> > Melbourne-pm mailing list
>> > Melbourne-pm at pm.org
>> > http://mail.pm.org/mailman/listinfo/melbourne-pm
>>
>>
>>
>> --
>> Turning and turning in the widening gyre
>> The falcon cannot hear the falconer
>> Things fall apart; the center cannot hold
>> Mere anarchy is loosed upon the world
>> _______________________________________________
>> Melbourne-pm mailing list
>> Melbourne-pm at pm.org
>> http://mail.pm.org/mailman/listinfo/melbourne-pm
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/melbourne-pm/attachments/20140523/bf35f0d6/attachment.html>

More information about the Melbourne-pm mailing list