cURL / Mailing Lists / curl-library / Single Mail

curl-library

Digest authentication fails

From: Georg Hubik <curllib_at_gmail.com>
Date: Mon, 25 Jun 2007 14:52:05 +0200

I use libcurl based program for obtaining some web statistics. The server
require authentication.

When I do request using browser, everything go well. I get the following
headers:

=== begin ====
http://10.1.0.106/Login

GET /SIT HTTP/1.1
Host: 10.1.0.106
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.1.0.106/

HTTP/1.x 401 Authorization Required
WWW-Authenticate: Digest realm="xyz",
nonce="f23d6a498e17d0a970b17f91edf75f99",
opaque="9710567d3be8ad3befc60d183e06c499", stale=FALSE, algorithm=MD5,
qop="auth"
Content-Type: text/html
----------------------------------------------------------
http://10.1.0.106/Login

GET /Login HTTP/1.1
Host: 10.1.0.106
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.1.0.106/
Authorization: Digest username="admin", realm="xyz",
nonce="f23d6a498e17d0a970b17f91edf75f99", uri="/Login", algorithm=MD5,
response="7ac25805356b0b3a06649a1c5eee9099",
opaque="9710567d3be8ad3befc60d183e06c499", qop=auth, nc=00000001,
cnonce="6e8b04b13e198402"
HTTP/1.x 302 RD
Location: http://10.1.0.106/monitoring
...
...
=== end ===

but when I use my program, authentication fails. The same result I get using
cutl from the command line:

=== begin ====
# curl --anyauth -u 'admin:admin' -e http://10.1.0.106 -v
http://10.1.0.106/Login
* About to connect() to 10.1.0.106 port 80
* Connected to 10.1.0.106 (10.1.0.106) port 80
> GET /Login HTTP/1.1
User-Agent: curl/7.11.1 (i386-redhat-linux-gnu) libcurl/7.11.1
OpenSSL/0.9.7a ipv6 zlib/1.2.1.1
Host: 10.1.0.106
Pragma: no-cache
Accept: */*
Referer: http://10.1.0.106

< HTTP/1.1 401 Authorization Required
< WWW-Authenticate: Digest realm="xyz",
nonce="579ae9f89188b5205af03691c1df3c99",
opaque="71db4226ea2bfcf7b1194903791d5799", stale=FALSE, algorithm=MD5,
qop="auth"
< Content-Type: text/html
* Ignoring the response-body
* Connection #0 left intact
* Issue another request to this URL: 'http://10.1.0.106/Login'
* Connection 0 seems to be dead!
* Closing connection #0
* About to connect() to 10.1.0.106 port 80
* Connected to 10.1.0.106 (10.1.0.106) port 80
* Server auth using Digest with user 'admin'
> GET /Login HTTP/1.1
Authorization: Digest username="admin", realm="xyz",
nonce="579ae9f89188b5205af03691c1df3c99", uri="/Login",
response="16164f00ca36768b79547642a4f4da99"
User-Agent: curl/7.11.1 (i386-redhat-linux-gnu) libcurl/7.11.1
OpenSSL/0.9.7a ipv6 zlib/1.2.1.1
Host: 10.1.0.106
Pragma: no-cache
Accept: */*
Referer: http://10.1.0.106
< HTTP/1.1 401 Authorization Required
* Authentication problem. Ignoring this.
< WWW-Authenticate: Digest realm="xyz",
nonce="7924ce5562bbe26fa7ba504ab4186b99",
opaque="c546a74726c7bae7f431f134c472cd99", stale=FALSE, algorithm=MD5,
qop="auth"
...
=== end ===

Any idea what is wrong in here?

Thanks for any suggestions!

Georg
Received on 2007-06-25