vADC Forum

Reply
New Contributor
Posts: 4
Registered: ‎11-24-2016
Accepted Solution

HTTP Basic Authentication

Hello,

 

I'm trying to set Basic authentication on a virtual server.

 

It's basically working as expected using a ldap autenticator and querying it in a rule:

 

$authheader = http.getHeader( "Authorization" );

if( string.startsWith( $authheader, "Basic " ) ) {
 $encuserpasswd = string.skip( $authheader, 6 );
 $userpasswd = string.base64decode($encuserpasswd);
 $i = string.find( $userpasswd, ":" );
 $user = string.substring( $userpasswd, 0, $i-1 );
 $password = string.skip( $userpasswd, $i+1 );
}

# Verify the user's password using an LDAP
# authenticator called 'ldap'
$auth = auth.query( "ldap", $user, $password );
#log.info($user . ": ".lang.dump($auth));
if( $auth['Error'] ) {
 log.error(
 "Error with authenticator 'ldap': " .
 $auth['Error']
 );
 connection.discard();
} else if( !$auth['OK'] ) {
 # Unauthorised
 http.sendResponse( "403 Permission Denied",
 "text/html", "Incorrect username or password",
 ""
 );
}

 

My problem is that it's only working by calling a curl command but this is not prompting a user/password form in a browser - I would not  expect the above code to do so as it is  - but is there any way to force prompting a login form with vTM ?

 

vTM version 10.4

 

Best Regards,

Arnaud

 

Brocadian
Posts: 13
Registered: ‎07-07-2016

Re: HTTP Basic Authentication

Hi Arnaud,

 

You should return a 401 if you can't find a Authorization header, as a 'else' to the first 'if'.

 

Baptiste

Highlighted
New Contributor
Posts: 4
Registered: ‎11-24-2016

Re: HTTP Basic Authentication

Hi Baptiste,

 

Yes indeed ! Thanks for the solution.

 

I was already sarting to look at Java Extension for that, but this solution is simpler.

 

If anyone needs it, here is the edited part:

 

$authheader = http.getHeader( "Authorization" );
if( string.startsWith( $authheader, "Basic " ) ) {
 $encuserpasswd = string.skip( $authheader, 6 );
 $userpasswd = string.base64decode($encuserpasswd);
 $i = string.find( $userpasswd, ":" );
 $user = string.substring( $userpasswd, 0, $i-1 );
 $password = string.skip( $userpasswd, $i+1 );
} else {
  http.sendResponse( "401 Authorization required",
   "text/html", "Please login\n",  
   "WWW-Authenticate: Basic realm=\"authentication\""
  );
}

Merci

Arnaud

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Download FREE NVMe eBook