UtahSysAdmin.com

I know this is available other places, but I needed one place to keep track of everything:

Basic HTTP (telnet hostname.com 80):

GET / HTTP/1.1
host: hostname.com
- additional carriage return -

HTTPS (openssl s_client -connect hostname.com:443):

GET / HTTP/1.1
host: hostname.com
- additional carriage return -

HTTPS with Basic Authentication (openssl s_client -connect hostname.com:443):

GET / HTTP/1.1
host: hostname.com
Authorization: Basic cGVyyyyblahyyyyrJtYx4h
- additional carriage return -

This is how you would come up with the Base64 Encoded string for basic Authentication:

(This is supposed to work, but it didn’t work for me. I ended up running a sniffer on an unencrypted page that used my credentials (of course, internally) and pulled it out of the headers. If you know what I am doing wrong here, please let me know.)

perl -e 'print "username:", crypt("password","tR"), "\n"'
==> username:tR40ZxFCZTntI
perl -MMIME::Base64 -e'print encode_base64("username:tR40ZxFCZTntI")'
==> dXNlcm5hbWU6dFI0MFp4RkNaVG50SQ==

So technically you should put:

Authorization: Basic dXNlcm5hbWU6dFI0MFp4RkNaVG50SQ==

(Thanks to Brandon Checketts for the openssl replacement of telnet for https connections.)

Please VOTE for this page at: | | | | | | | | | | | |

This entry was posted on Thursday, November 8th, 2007 @ 4:05 pm on the category Technical.You can follow any responses to this entry through the RSS 2.0 You can leave a response, or trackback from your own site.