0
我想在接收到身份驗證頭後發送HTTP GET請求並使用摘要方法進行身份驗證。即使我的代碼生成了與Firefox相同的身份驗證響應,並且在給定相同的身份驗證請求時發生了curl,我仍然收到401未授權響應。我已經嘗試了相同的結果流行的Nodejs模塊「請求」。這是兩個請求的tcpdump輸出。首先是從Firefox的競爭成功:nodejs摘要身份驗證失敗
15:18:03.615255 IP 192.168.18.1.33966 > 192.168.20.220.30005: tcp 0
....E..<[email protected]@.............u5K3........9..\.........
"`..........
15:18:03.634223 IP 192.168.20.220.30005 > 192.168.18.1.33966: tcp 0
....E..<[email protected]=...........u5......K3.................
.g.t"`......
15:18:03.634269 IP 192.168.18.1.33966 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5K3.........s.T.....
"`...g.t
15:18:03.735485 IP 192.168.18.1.33966 > 192.168.20.220.30005: tcp 290
[email protected]@.............u5K3.........s.v.....
"`...g.tGET/HTTP/1.1
Host: 192.168.20.220:30005
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
15:18:03.753943 IP 192.168.20.220.30005 > 192.168.18.1.33966: tcp 0
[email protected]=..2........u5......K3.1..
.g.."`..
15:18:03.762129 IP 192.168.20.220.30005 > 192.168.18.1.33966: tcp 228
[email protected]=..M........u5......K3.1..
.g.."`..HTTP/1.1 401 Unauthorized
Content-Length: 0
WWW-Authenticate: Digest realm="IgdAuthentication", domain="/", nonce="ZDE4NTY3ZmM6NmYyMzA3NjM6YmQ5NGY3YTA=", qop="auth", algorithm=MD5, opaque="5ccc09c403ebaf9f0171e9517f40e41"
15:18:03.762172 IP 192.168.18.1.33966 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5K3.1.......{.T.....
"`...g..
15:18:06.215945 IP 192.168.18.1.33966 > 192.168.20.220.30005: tcp 564
[email protected]@.............u5K3.1.......{.......
"`...g..GET/HTTP/1.1
Host: 192.168.20.220:30005
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Authorization: Digest username="admin", realm="IgdAuthentication", nonce="ZDE4NTY3ZmM6NmYyMzA3NjM6YmQ5NGY3YTA=", uri="/", algorithm=MD5, response="ae43f4fcaf71340f9c360877dad87c66", opaque="5ccc09c403ebaf9f0171e9517f40e41", qop=auth, nc=00000001, cnonce="9d1ea29022ec08d6"
15:18:06.244925 IP 192.168.20.220.30005 > 192.168.18.1.33966: tcp 38
....E[email protected]=..
........u5......K3.e.....Q.....
.g.."`..HTTP/1.1 200 OK
Content-Length: 0
二是從我的代碼失敗:
15:19:08.589647 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 0
....E..<[email protected]@.............u5a.........9..\.........
"`A.........
15:19:08.608304 IP 192.168.20.220.30005 > 192.168.18.1.33972: tcp 0
....E..<[email protected]=...........u5....#<a.......aN.........
.h.<"`A.....
15:19:08.608333 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5a.....#=...s.T.....
"`A..h.<
15:19:08.608872 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 70
[email protected]@.............u5a.....#=...s.......
"`A..h.<GET/HTTP/1.1
Host: 192.168.20.220:30005
Connection: keep-alive
15:19:08.626556 IP 192.168.20.220.30005 > 192.168.18.1.33972: tcp 0
[email protected]=..#........u5....#[email protected]
.h.O"`A.
15:19:08.631951 IP 192.168.20.220.30005 > 192.168.18.1.33972: tcp 228
[email protected]=..>........u5....#[email protected]
.h.Q"`A.HTTP/1.1 401 Unauthorized
Content-Length: 0
WWW-Authenticate: Digest realm="IgdAuthentication", domain="/", nonce="YmM4ZWY0YjE6MWY4ZjVkMmQ6IGIwNjdkZWI=", qop="auth", algorithm=MD5, opaque="5ccc09c403ebaf9f0171e9517f40e41"
15:19:08.631966 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5a.....$!...{.T.....
"`A".h.Q
15:19:08.634442 IP 192.168.18.1.33973 > 192.168.20.220.30005: tcp 0
....E..<[email protected]@.
...........u5...$......9..\.........
"`A#........
15:19:08.653166 IP 192.168.20.220.30005 > 192.168.18.1.33973: tcp 0
....E..<[email protected]=...........u5....~w...%....3..........
.h.i"`A#....
15:19:08.653201 IP 192.168.18.1.33973 > 192.168.20.220.30005: tcp 0
[email protected]@.
...........u5...%..~x...s.T.....
"`A'.h.i
15:19:08.653534 IP 192.168.18.1.33973 > 192.168.20.220.30005: tcp 524
[email protected] @[email protected]%..~x...s.`.....
"`A(.h.iGET/HTTP/1.1
Authorization: Digest username="admin", realm="IgdAuthentication", nonce="YmM4ZWY0YjE6MWY4ZjVkMmQ6IGIwNjdkZWI=", uri="/", algorithm=MD5, response="1d0539755e0e2ca204a9821027041e8b", qop=auth, nc=00000001, cnonce="MjMwMjkw", opaque="5ccc09c403ebaf9f0171e9517f40e41"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Host: 192.168.20.220:30005
Connection: keep-alive
15:19:08.672345 IP 192.168.20.220.30005 > 192.168.18.1.33973: tcp 0
[email protected]=...........u5....~x...1..
.h.|"`A(
15:19:10.633047 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5a.....$!...{.T.....
"`C..h.Q
15:19:10.651962 IP 192.168.20.220.30005 > 192.168.18.1.33972: tcp 0
[email protected][email protected]&.....
.h.8"`C.
15:19:10.651998 IP 192.168.18.1.33972 > 192.168.20.220.30005: tcp 0
[email protected]@.............u5a.....$"...{.T.....
"`C..h.8
15:19:10.653565 IP 192.168.18.1.33973 > 192.168.20.220.30005: tcp 0
....E..4.
@[email protected]
...........u5...1..~x...s.T.....
"`C..h.|
15:19:10.711119 IP 192.168.20.220.30005 > 192.168.18.1.33973: tcp 0
[email protected]=...........u5....~x...2..
.h.s"`C.
15:19:12.674799 IP 192.168.20.220.30005 > 192.168.18.1.33973: tcp 228
[email protected]=...........u5....~x...2..
.h.."`C.HTTP/1.1 401 Unauthorized
Content-Length: 0
WWW-Authenticate: Digest realm="IgdAuthentication", domain="/", nonce="YWU1ZjhkMWM6MzFmZjllMDA6YzAxNjY4MGM=", qop="auth", algorithm=MD5, opaque="5ccc09c403ebaf9f0171e9517f40e41"
什麼可能是導致這兩個請求之間有什麼不同?
請通過編輯問題來正確格式化問題。稱呼不是必需的,所以也刪除最後兩句。歡迎來到[如此]。 –
你可以發佈你的nodejs代碼嗎? – jeremy
也是,你有沒有看到這個問題? http://stackoverflow.com/questions/12850646/cant-get-digest-auth-to-work-with-node-js – jeremy