如何正确定义使用 cURL 的基本 HTTP 身份验证? [英] How to define the basic HTTP authentication using cURL correctly?

问题描述

我正在学习 Apigility(Apigility docu -> REST 服务教程)并尝试通过 cURL 发送带有基本身份验证的 POST 请求:

I'm learning Apigility (Apigility docu -> REST Service Tutorial) and trying to send a POST request with basic authentication via cURL:

$ curl -X POST -i -H "Content-Type: application/hal+json" -H "Authorization: Basic YXBpdXNlcjphcGlwd2Q=" http://apigilityhw.sandbox.loc/status

YXBpdXNlcjphcGlwd2Q= 是带有我的凭据 apiuser:apipwd 的 base 64 编码字符串.凭据保存在 /data/htpasswd (apiuser:$apr1$3J4cyqEw$WKga3rQMkxvnevMuBaekg/) 中.

YXBpdXNlcjphcGlwd2Q= is the base 64 encoded string with my credentials apiuser:apipwd. The credentials are saved in the /data/htpasswd (apiuser:$apr1$3J4cyqEw$WKga3rQMkxvnevMuBaekg/).

看起来像这样:

HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 22 Sep 2014 07:48:47 GMT
Content-Type: application/problem+json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.12-1~dotdeb.1
WWW-Authenticate: Basic realm="api"

这里的错误在哪里?如何让它发挥作用?

Where is the mistake here? How to get it work?

推荐答案

curl -u username:password http://
curl -u username http://

来自文档页面:

-u, --user <用户:密码>

指定用于服务器身份验证的用户名和密码.覆盖 -n、--netrc 和 --netrc-optional.

Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional.

如果只指定用户名，curl 会提示输入密码.

If you simply specify the user name, curl will prompt for a password.

用户名和密码在第一个冒号处分开，即使用此选项无法在用户名中使用冒号.密码仍然可以.

The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.

在基于 Windows 的服务器上使用 Kerberos V5 时，您应该包括用户名中的 Windows 域名，以便服务器成功获得 Kerberos 票证.如果你不那么初始身份验证握手可能会失败.

When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to succesfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.

使用NTLM时，用户名可以简单地指定为user名称，不带域，如果有单个域和林例如您的设置.

When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.

要指定域名，请使用下级登录名或 UPN(用户主体名称)格式.例如，EXAMPLEuser 和user@example.com 分别.

To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLEuser and user@example.com respectively.

如果您使用支持 Windows SSPI 的 curl 二进制文件并执行 Kerberos V5，协商、NTLM 或摘要式身份验证，然后您可以告诉 curl通过指定从您的环境中选择用户名和密码带有此选项的单个冒号:-u :".

If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".

如果多次使用此选项，将使用最后一个.

If this option is used several times, the last one will be used.

http://curl.haxx.se/docs/manpage.html#-你

请注意，您不需要 --basic 标志，因为它是默认值.

Note that you do not need --basic flag as it is the default.

这篇关于如何正确定义使用 cURL 的基本 HTTP 身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！