Comments (5)
It should be passed into the URI as part of the join()
function.
If you're connecting to the server over HTTP, can you capture the stream using fiddler or wireshark? That should give you more info on what exactly is getting sent over the wire.
from cpprestsdk.
ras0219-msft:
Yes, I see that now, and the result of the call to Join() is apparently what's passed to WinHttpOpenRequest() at line ~500 in http_client_winhttp.cpp. However, after much experimentation and largely unproductive Web searching I've not managed to make Casablanca actually send the credentials. Experimenting with wget I've determined that it always sends its first request without credentials (which is the behavior I get from Casablanca). The server's 401 response to that request contains a header, Www-Authenticate: Basic realm="Application"
, the the presence of which causes wget retry the request, this time including the user name and password in the request, like this:
POST /sms HTTP/1.1
User-Agent: Wget/1.16.1 (linux-gnu)
Accept: */*
Accept-Encoding: identity
Host: domain.top
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
It appears that the Www-Authenticate
header returned by the server tells the client (wget) what kind of authentication it will accept. I see nothing in Casablanca's API that looks like a "use Basic authentication" flag so I don't see how to make use of the server's request. That Casablanca (really MS's WinHttp) ignores the credentials I give it the first place was such unlikely behavior that it took me a long time to accept that's what's happening.
I'm stumped at the moment.
-evan
from cpprestsdk.
Since you know the website is expecting basic auth, you can manually add the authorization header:
std::vector<unsigned char> vec_basic_auth_buf;
// fill vec_basic_auth_buf with the text: "username:password"
request.headers().add(header_names::authorization, U("Basic ")
+ utility::conversions::to_base64(vec_basic_auth_buf);
from cpprestsdk.
I took a more thorough look at Casablanca's sending of requests and found that it does have code to retry connections that fail due to authentication challenges. At least it does in Windows (http/client/http_client_winhttp.cpp). Knowing this I started setting up an environment where I could watch it work and see where it failed. Before I did so, I tried again, just be sure I still had a problem. Of course, it worked that time.
While I "know" that I was seeing only one attempt by Casablanca and two by wget, I didn't save those Wireshark captures, so I have no proof. Between the failures and eventual success, the vendor whose site I was accessing fixed my account so I could actually authenticate, which may have some bearing, but wget tried twice and failed twice before the credentials were valid; now it tries twice and succeeds on the second try, so if the credential fix made the difference, is not obvious how.
ras0219-msft, thanks for your help. I will try your hand-made headers idea, as the eventual production implementation will be making thousands of connections a day, and providing credentials on the first connection will save half of them.
-evan
from cpprestsdk.
I confirm @eburkitt's original finding that uri::user_info
is not used by either http_client_asio or http_client_winhttp, Basic Auth is actually only possible via the client config credentials
object or manual creation of an Authorization
header. Very confusing.
from cpprestsdk.
Related Issues (20)
- Documentation Bug in CMake File
- Why do I get these errors when cross-compiling?
- EOF error
- Printing a json-array without sorting the keys
- How to set timeout for the socket connection HOT 1
- Periodic drop in throughput in inter-(linux N/W namespace) communications HOT 1
- Static version of the nugget for Visual Studio Express 2013 for Windows Desktop
- The web_proxy doesn't work when set proxy with uri
- Charset support gbk...
- utility::details::str_iless(str1, str2);
- [MSVC] websocketsclient_test failed due to CHECK_EQUAL(ret_msg.length(), body_str.length()) where ret_msg.length()=32 and body_str.length()=5 HOT 1
- ../lib/libstdc++.so.6: version `GLIBCXX_3.4.30' not found HOT 2
- async http client post/get request demo?
- nable to add both a file stream and key-value pairs to the body of the request simultaneously
- error: building cpprestsdk:x64-linux failed with: BUILD_FAILED HOT 1
- [http_client] CN checking against caller-specified Host header doesn't strip a port number
- using cpprest and segmentation fault on ubuntu 22.04 HOT 1
- hey dont worry about
- Need to double confirm if cpprestsdk supports HTTP proxy server secured by TLS
- vcpkg install should deploy ThirdPartyNotices.txt
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cpprestsdk.