when using htpasswd with api , get Unauthorized #401

yosefy · 2021-02-21T13:57:28Z

using htpasswd username to login via UI work great

but

when running
curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start

we get

HTTP/1.1 401 Unauthorized
Server: TornadoServer/6.0.3
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Feb 2021 13:50:28 GMT
X-Frame-Options: DENY
Content-Length: 12
Vary: Accept-Encoding

Unauthorized

what do you say?

thanks

The text was updated successfully, but these errors were encountered:

bugy · 2021-02-21T14:17:45Z

Hi, I'm afraid this is not supported. You still have to use the old flow: when you log in first, and then auth info is stored in cookies yosefy <[email protected]> schrieb am So., 21. Feb. 2021, 14:57:

…

hi @bugy <https://github.com/bugy> using htpasswd username to login via UI work great but when running curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start we get HTTP/1.1 401 Unauthorized Server: TornadoServer/6.0.3 Content-Type: text/html; charset=UTF-8 Date: Sun, 21 Feb 2021 13:50:28 GMT X-Frame-Options: DENY Content-Length: 12 Vary: Accept-Encoding Unauthorized what do you say? thanks — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#401>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ> .

yosefy · 2021-02-21T15:53:12Z

thanks do you think it will work with nginx htpasswd setup?

…

On Sun, Feb 21, 2021 at 4:18 PM Iaroslav Shepilov ***@***.***> wrote: Hi, I'm afraid this is not supported. You still have to use the old flow: when you log in first, and then auth info is stored in cookies yosefy ***@***.***> schrieb am So., 21. Feb. 2021, 14:57: > hi @bugy <https://github.com/bugy> > > using htpasswd username to login via UI work great > > but > > when running > curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F > 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start > > we get > > HTTP/1.1 401 Unauthorized > Server: TornadoServer/6.0.3 > Content-Type: text/html; charset=UTF-8 > Date: Sun, 21 Feb 2021 13:50:28 GMT > X-Frame-Options: DENY > Content-Length: 12 > Vary: Accept-Encoding > > Unauthorized > > what do you say? > > thanks > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <#401>, or unsubscribe > < https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ > > . > — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#401 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADCXF3JGJSKJ5NRZDCM5UMLTAEIZZANCNFSM4X7AIYTQ> .

bugy · 2021-02-21T18:01:19Z

Yes, basic auth via nginx would work yosefy <[email protected]> schrieb am So., 21. Feb. 2021, 16:53:

…

thanks do you think it will work with nginx htpasswd setup? On Sun, Feb 21, 2021 at 4:18 PM Iaroslav Shepilov < ***@***.***> wrote: > Hi, I'm afraid this is not supported. You still have to use the old flow: > when you log in first, and then auth info is stored in cookies > > yosefy ***@***.***> schrieb am So., 21. Feb. 2021, 14:57: > > > hi @bugy <https://github.com/bugy> > > > > using htpasswd username to login via UI work great > > > > but > > > > when running > > curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F > > 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start > > > > we get > > > > HTTP/1.1 401 Unauthorized > > Server: TornadoServer/6.0.3 > > Content-Type: text/html; charset=UTF-8 > > Date: Sun, 21 Feb 2021 13:50:28 GMT > > X-Frame-Options: DENY > > Content-Length: 12 > > Vary: Accept-Encoding > > > > Unauthorized > > > > what do you say? > > > > thanks > > > > — > > You are receiving this because you were mentioned. > > Reply to this email directly, view it on GitHub > > <#401>, or unsubscribe > > < > https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ > > > > . > > > > — > You are receiving this because you authored the thread. > Reply to this email directly, view it on GitHub > <#401 (comment) >, > or unsubscribe > < https://github.com/notifications/unsubscribe-auth/ADCXF3JGJSKJ5NRZDCM5UMLTAEIZZANCNFSM4X7AIYTQ > > . > — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#401 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAJXPJPZZNWBRFIKPXBENFDTAET7ZANCNFSM4X7AIYTQ> .

bugy · 2023-02-18T15:48:51Z

Done, now basic auth can be used for htpassw and ldap auth.
In this case username + password should be provided for every request

bugy added the feature label Feb 25, 2021

bugy added this to the 1.18.0 milestone Sep 3, 2021

bugy added a commit that referenced this issue Feb 18, 2023

#401 added possibility to use on-fly basic auth for API calls

ed9f744

bugy added the resolved label Feb 18, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

when using htpasswd with api , get Unauthorized #401

when using htpasswd with api , get Unauthorized #401

yosefy commented Feb 21, 2021

bugy commented Feb 21, 2021 via email

yosefy commented Feb 21, 2021 via email

bugy commented Feb 21, 2021 via email

bugy commented Feb 18, 2023

when using htpasswd with api , get Unauthorized #401

when using htpasswd with api , get Unauthorized #401

Comments

yosefy commented Feb 21, 2021

bugy commented Feb 21, 2021 via email

yosefy commented Feb 21, 2021 via email

bugy commented Feb 21, 2021 via email

bugy commented Feb 18, 2023