SyntaxFix

[http] How to define the basic HTTP authentication using cURL correctly?

I'm learning Apigility (Apigility docu -> REST Service Tutorial) and trying to send a POST request with basic authentication via cURL:

$ curl -X POST -i -H "Content-Type: application/hal+json" -H "Authorization: Basic YXBpdXNlcjphcGlwd2Q=" http://apigilityhw.sandbox.loc/status

YXBpdXNlcjphcGlwd2Q= is the base 64 encoded string with my credentials apiuser:apipwd. The credentials are saved in the /data/htpasswd (apiuser:$apr1$3J4cyqEw$WKga3rQMkxvnevMuBaekg/).

The looks like this:

HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 22 Sep 2014 07:48:47 GMT
Content-Type: application/problem+json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.12-1~dotdeb.1
WWW-Authenticate: Basic realm="api"

Where is the mistake here? How to get it work?

This question is related to http curl authorization basic-authentication laminas-api-tools

The answer is

curl -u username:password http://
curl -u username http://

From the documentation page:

-u, --user <user:password>

Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional.

If you simply specify the user name, curl will prompt for a password.

The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.

When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to succesfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.

When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.

To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and [email protected] respectively.

If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".

If this option is used several times, the last one will be used.

http://curl.haxx.se/docs/manpage.html#-u

Note that you do not need --basic flag as it is the default.

as header

AUTH=$(echo -ne "$BASIC_AUTH_USER:$BASIC_AUTH_PASSWORD" | base64 --wrap 0)

curl \
  --header "Content-Type: application/json" \
  --header "Authorization: Basic $AUTH" \
  --request POST \
  --data  '{"key1":"value1", "key2":"value2"}' \
  https://example.com/

Source: Stackoverflow.com

Examples related to http

Access blocked by CORS policy: Response to preflight request doesn't pass access control check Axios Delete request with body and headers? Read response headers from API response - Angular 5 + TypeScript Android 8: Cleartext HTTP traffic not permitted Angular 4 HttpClient Query Parameters Load json from local file with http.get() in angular 2 Angular 2: How to access an HTTP response body? What is HTTP "Host" header? Golang read request body Angular 2 - Checking for server errors from subscribe

Examples related to curl

What is the incentive for curl to release the library for free? curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number Converting a POSTMAN request to Curl git clone error: RPC failed; curl 56 OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 10054 How to post raw body data with curl? Curl : connection refused How to use the curl command in PowerShell? Curl to return http status code along with the response How to install php-curl in Ubuntu 16.04 curl: (35) SSL connect error

Examples related to authorization

How to send custom headers with requests in Swagger UI? How do you create a custom AuthorizeAttribute in ASP.NET Core? ASP.NET Web API : Correct way to return a 401/unauthorised response How to get http headers in flask? How to define the basic HTTP authentication using cURL correctly? basic authorization command for curl MongoDB "root" user How to use basic authorization in PHP curl How to get user name using Windows authentication in asp.net? Python requests library how to pass Authorization header with single token

Examples related to basic-authentication

Use Invoke-WebRequest with a username and password for basic authentication on the GitHub API How to define the basic HTTP authentication using cURL correctly? Spring Security exclude url patterns in security annotation configurartion Basic HTTP and Bearer Token Authentication HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers Calling a rest api with username and password - how to What is the "realm" in basic authentication How to prevent browser to invoke basic auth popup and handle 401 error using Jquery? Proxy Basic Authentication in C#: HTTP 407 error What is the difference between Digest and Basic Authentication?

Examples related to laminas-api-tools

How to define the basic HTTP authentication using cURL correctly?

Tags

Materialized-path-pattern Event-id Compound-key Mysqlimport Jdedwards Image-scaling Common-lisp Caret Dataset Boundcolumn Google-maps-markers Dss Icallbackeventhandler Advanceddatagrid Lazy-evaluation User-preferences Applicationsettingsbase Flyway Trim Icecast Osworkflow Thrust Merb Navigateurl Servicestack Tcollection Mdf Tabview Wcfserviceclient Yui2 Double-underscore Git-gui Linkage Key-bindings Wx.textctrl Master-pages Django-pyodbc Aspbutton Textrange Performance Freeform Controller Font-embedding Lucene.net Output-clause Fbrequest-form Glrotate Xilinx Decltype Vb6 Vb.net Pmd Equals Android-location Multiple-interface-implem Source-code-protection Virtual-address-space Pg-restore Spacecraft-operator Custom-view Data-mining Linq-to-lucene Do.call Many-to-many Line-endings Linqpad Geshi Xpsviewer Selenium-grid Service-operations Scikits Latex-suite Dynamic-allocation Cfhttp Spring-ide Stdole Amazon-rds Predicates Page-layout Function-literal Pdf-extraction Chromium Msbuild-task Gambas Hijri Design-decisions Stackalloc Queue Named-scopes And-operator Static-resource Itil Java.util.date Vsm Asp.net-session Apache-poi Cfdump Backtrace Outer-join Windows-identity