Re: POST with basic auth and cookie from python?

From: Michael Foord (fuzzyman_at_gmail.com)
Date: 09/04/04 

Date: 4 Sep 2004 03:12:21 -0700

Dan Stromberg <strombrg@dcs.nac.uci.edu> wrote in message news:<pan.2004.09.03.20.30.52.790127@dcs.nac.uci.edu>...
> If I wanted to write a python script that performs basic auth, gets a
> cookie, and then does an http POST using the cookie for authentication,
> what would be the best python API to write to?
>
> Does someone already have example code that does something like this?
>
> Thanks.

Well... I know *part* of the solution ! I'm also struggling with http
authentiction from python. The cookie part is easy, ClientCookie (or
cookielib if you use Python 2.4) will automatically handle the cookies
for you.See http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/302930
 for details of how to do that part.

I have also sussed out how to do basic authentication the first time
round (get an error code 401 from the server, repeat the request with
the username and password encoded into the header).

My test CGI at http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/298336
has an example of how to do this.

req = reqfun(theurl, None, {'User-agent' : 'Mozilla/4.0 (compatible;
MSIE 5.5; Windows NT)'})
if data['name'] and data['pass']:
    import base64
    base64string = base64.encodestring('%s:%s' % (data['name'],
data['pass']))[:-1]
    req.add_header("Authorization", "Basic %s" % base64string)

(Which I took from another cookbook recipe I think).

After that it gets more complicated because that username/password is
valid for a whole 'realm' - and I've really struggled finding
documentation on http realms. I have the added problem that I'm doing
this all in a CGI - so any auth handlers I create aren't persistent
across consecutive page accesses - so I may need to save this
password/realm information between page accesses... yuck.

You might not have that problem and may be able to install an auth
handler with the realm information as part of your opener. If it's
really *just* the cookie providing authentication though you shouldn't
have a problem. In the meantime I've got a book on http on order from
amazon..........

Oh - if anyone can help on this it would be great !! What the heck is
a realm and how do they work !!

Regards,

Fuzzy

http://www.voidspace.org.uk/atlantibots/pythonutils.html

Relevant Pages

  • Re: Getting properties of file on web server without downloading it
    ... yes it's a HTTP server. ... I was issuing a HttpWebRequest for the file, ... Dim loginCookie as New Cookie ...
    (microsoft.public.inetsdk.programming.webbrowser_ctl)
  • Re: access HTTP request parameters?
    ... The applet lives in the same codebase as the web application, ... The "Cookie" header used for authentication is of course also set in the HTTP request used to load applet.jar to the client. ...
    (comp.lang.java.programmer)
  • Re: FormsAuthentication - Changes in .Net Framework 1.1 ?
    ... Set up an auth page in each project and use forms auth on a project by ... What we have found is the cookie name keys the forms auth in a single domain ... the Login-Mechanism an the redirect works fine. ... > Login-Project: ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: FormsAuthentication cookie refreshing
    ... Without altering the forms auth model, it only extends time when a page is ... you will have to refresh an actual page. ... I am trying to refresh the cookie to make sure the timeout is reset by ... understand how XMLHTTPRequest really works at all! ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: FormsAuthentication cookie refreshing
    ... 'Without altering the forms auth model, it only extends time when a page is ... how is using xmlhttp to hit the aspx page different to using a normal ... at which point the cookie may have expired. ... you will have to refresh an actual page. ...
    (microsoft.public.dotnet.framework.aspnet)