monit-general
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Connection testing via Basic Authorization not working (was: Not usi

From: Martin Pala
Subject: Re: Connection testing via Basic Authorization not working (was: Not using method "HEAD" for connection testing)
Date: Thu, 4 Aug 2016 13:51:04 +0200 
Hello Marcus,

the configuration is correct, no space is required in the Authorization header 
past the ":" character.

I think the problem can be either the "Host:" header value (i.e. trying to 
authenticate to different virtual host ... the Host header value is omitted 
from your tcpdump snip) or the target HTTP server rejects the request when the 
HEAD method was used (the example configuration from your email with monit 
5.17.1 should use HEAD method).

Best regards,
Martin


>> GET /LOG0/FAULT/mod_cmd.xml?cmd=xml-alarms HTTP/1.1
> ...
>> User-Agent: Monit/5.17.1
>> Authorization:Basic d2lraTpwZWRpYQ==



> On 02 Aug 2016, at 17:56, Marcus Mülbüsch <address@hidden> wrote:
> 
> Hello list,
> 
>   I want to check a remote host which uses Authorization for access. However, 
> monit always gets an 401 response.
> 
>   I changed my configuration to port 80 so I can tcpdump the traffic. I 
> changed username and password to wiki:pedia, because the German Wikipedia 
> uses this pair to demonstrate base64 encoding.
> 
>   My config thus is:
> 
>> check host PBX-Alarms with address 11.22.33.44
>>        if failed
>>                port 80
>>                protocol http
>>                request "/LOG0/FAULT/mod_cmd.xml?cmd=xml-alarms"
>>                use http headers [Authorization: "Basic d2lraTpwZWRpYQ=="] # 
>> "wiki:pedia"
>>        then alert
> 
>   When using links as browser from the same machine I see the request
> 
>> GET /LOG0/FAULT/mod_cmd.xml?cmd=xml-alarms HTTP/1.1
> ...
>> User-Agent: Links (2.8; Linux 3.10.40-vs2.3.6.8 x86_64; GNU C 4.6.4; text)
> ...
>> Authorization: Basic d2lraTpwZWRpYQ==
> 
>   and the server responds with:
> 
>> HTTP/1.1 200 OK
> 
>   Using monit, the request is:
> 
>> GET /LOG0/FAULT/mod_cmd.xml?cmd=xml-alarms HTTP/1.1
> ...
>> User-Agent: Monit/5.17.1
>> Authorization:Basic d2lraTpwZWRpYQ==
> 
>   and the response is:
> 
>> HTTP/1.1 401 Unauthorized
> 
>   I'm not quite sure whether the missing space between "Authorization:" and 
> "Basic" is mandated by RFC 2616, but that seems to be the only functional 
> difference.
> 
>   Is this a monit bug? Or a server bug? Or is my configuration wrong?
> 
>   Thank you,
> 
> Marcus
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]