curl-users
Question - curl HTTPS and autentication
From: Farah Rouhanizadeh <farahz_at_cisco.com>
Date: Fri, 19 Sep 2003 10:35:00 -0700
Hi Curl Users,
I am very new using curl command and I hope someone out there can help me.
I am sending HTTPS requests from a host that is located behind Firewall to a server on the outside.
Cisco PIX Firewall is configured for ACS authentication command.
This is how I am using the command. I do not get my actual HTTPS page, instead I get below page.
[
[snoopy@iLinux]# curl -u test2:cisco1 https://10.132.28.30
<HTML><HEAD><TITLE>Authentication Proxy Login Page</TITLE><script language="Java
Script"><!-- Begin
var pxypromptwindow1;var pxysubmitted = false;function doreload() {if(pxypromptw
indow1.closed) {window.location.reload(true);} else {reloadtimeout=setTimeout("d
oreload()", 500);}}function submitreload() {if(pxysubmitted == false) {pxyprompt
window1=window.open('', 'pxywindow1','resizable=no,width=300,height=300,scrollba
rs=yes');reloadtimeout=setTimeout("doreload()", 1000);pxysubmitted = true;return
true;} else {alert("This page can not be submitted twice.");return false;}}// -
->
</script>
</HEAD>
<BODY onLoad="document.AuthenForm.uname.focus()" BGCOLOR="#FFFFFF" LINK="#ffcc00
" ALINK="#ffffff" VLINK="#ffcc00" ><H1> <BR><BR> <BR><BR><p><FORM name="AuthenF
orm" method=post action="https://10.132.28.30:443" target="pxywindow1"><input ty
pe=hidden name=au_pxytimetag value="242250150">Username: <input type=text name=u
name><BR><BR>Password: <input type=password name=pwd><BR><BR><input type=submit
name=ok value=OK onClick="return submitreload()"></H1></FORM></script></BODY></H
TML>
curl: (18) transfer closed with 34 bytes remaining to read
[snoopy@iLinux]#
If I use the same command but do not use authentication, I see my page.
[snoopy@iLinux]#curl https://10.132.28.30
<html>
<head>
<title>
Welcome to the Java(TM) 2 Platform
</title>
</head>
<body>
<h2>Welcome to the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> 2 Platform</h2>
<p>
Welcome to the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> 2 Standard Edition Runtime
Environment. This
provides complete runtime support for Java 2 applications.
<p>
The runtime environment includes the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> Plug
-in product which supports
running the Java 2 environment inside web browsers.
<h3>References</h3>
<p>
See the <a href=http://java.sun.com/j2se/1.4.1/docs/guide/plugin/index.html>Java
Plug-in</a> product
documentation for more information on using the Java Plug-in product.
<p>
See the <a href=http://java.sun.com/j2se>Java 2 Platform</a> web site
for more information on the Java 2 Platform.
<hr>
<font size="-2">Copyright 2002 Sun Microsystems, Inc., 4150 Network Circle,
Santa Clara, California 95054, U.S.A.<BR>All rights reserved.</font>
<p>
</body>
</html>
[snoopy@iLinux]#
I can also successfully tsend HTTP requests with authentication.
Command such as:
curl -u test2:cisco1 www.intel.com works fine.
Question: Why in case of HTTPS request, curl does not by pass authentication automatically and show me the
actual page?
Thanks a bunch for your help,
-farah
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf Received on 2003-09-21
Date: Fri, 19 Sep 2003 10:35:00 -0700
Hi Curl Users,
I am very new using curl command and I hope someone out there can help me.
I am sending HTTPS requests from a host that is located behind Firewall to a server on the outside.
Cisco PIX Firewall is configured for ACS authentication command.
This is how I am using the command. I do not get my actual HTTPS page, instead I get below page.
[
[snoopy@iLinux]# curl -u test2:cisco1 https://10.132.28.30
<HTML><HEAD><TITLE>Authentication Proxy Login Page</TITLE><script language="Java
Script"><!-- Begin
var pxypromptwindow1;var pxysubmitted = false;function doreload() {if(pxypromptw
indow1.closed) {window.location.reload(true);} else {reloadtimeout=setTimeout("d
oreload()", 500);}}function submitreload() {if(pxysubmitted == false) {pxyprompt
window1=window.open('', 'pxywindow1','resizable=no,width=300,height=300,scrollba
rs=yes');reloadtimeout=setTimeout("doreload()", 1000);pxysubmitted = true;return
true;} else {alert("This page can not be submitted twice.");return false;}}// -
->
</script>
</HEAD>
<BODY onLoad="document.AuthenForm.uname.focus()" BGCOLOR="#FFFFFF" LINK="#ffcc00
" ALINK="#ffffff" VLINK="#ffcc00" ><H1> <BR><BR> <BR><BR><p><FORM name="AuthenF
orm" method=post action="https://10.132.28.30:443" target="pxywindow1"><input ty
pe=hidden name=au_pxytimetag value="242250150">Username: <input type=text name=u
name><BR><BR>Password: <input type=password name=pwd><BR><BR><input type=submit
name=ok value=OK onClick="return submitreload()"></H1></FORM></script></BODY></H
TML>
curl: (18) transfer closed with 34 bytes remaining to read
[snoopy@iLinux]#
If I use the same command but do not use authentication, I see my page.
[snoopy@iLinux]#curl https://10.132.28.30
<html>
<head>
<title>
Welcome to the Java(TM) 2 Platform
</title>
</head>
<body>
<h2>Welcome to the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> 2 Platform</h2>
<p>
Welcome to the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> 2 Standard Edition Runtime
Environment. This
provides complete runtime support for Java 2 applications.
<p>
The runtime environment includes the Java<SUP><FONT SIZE=-2>TM</FONT></SUP> Plug
-in product which supports
running the Java 2 environment inside web browsers.
<h3>References</h3>
<p>
See the <a href=http://java.sun.com/j2se/1.4.1/docs/guide/plugin/index.html>Java
Plug-in</a> product
documentation for more information on using the Java Plug-in product.
<p>
See the <a href=http://java.sun.com/j2se>Java 2 Platform</a> web site
for more information on the Java 2 Platform.
<hr>
<font size="-2">Copyright 2002 Sun Microsystems, Inc., 4150 Network Circle,
Santa Clara, California 95054, U.S.A.<BR>All rights reserved.</font>
<p>
</body>
</html>
[snoopy@iLinux]#
I can also successfully tsend HTTP requests with authentication.
Command such as:
curl -u test2:cisco1 www.intel.com works fine.
Question: Why in case of HTTPS request, curl does not by pass authentication automatically and show me the
actual page?
Thanks a bunch for your help,
-farah
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf Received on 2003-09-21