Re: wget digest authenication with apache. Please Help!

From: beeze (beeze_at_DELMEnewsfeeds.com)
Date: 03/04/04 

Date: Thu, 04 Mar 2004 11:53:53 +0000

On Wed, 3 Mar 2004 21:50:58 -0800, "ynotssor" <"ynotssor"> wrote:

>"beeze" <beeze@DELMEnewsfeeds.com> wrote in message
>news:f8tc401t78n1o5gvvgvs3r33o9bvacgfv5@4ax.com
>
>> In my (apache) ssl.log I alway get the following from the client...
>>
>> Digest: client used wrong authentication scheme `Basic':
>>
>> From reading wget manuals there is no specific way to tell wget
>> to use 'digest authentication' as opposed to 'Basic authentication'
>> (i.e. the .htaccess file). It would seem wget decides upon the
>> handshake with httpd. (my assumption).
>
>Are you using a proxy? If so you may wish to bypass it with your wget
>request if possible. From the man page:
>
>--http-user=user
>--http-passwd=password
> Specify the username user and password password on an HTTP server.
>According to the type of the challenge, Wget will encode them using either
>the `basic' (insecure) or the `digest' authentication scheme.
>
>--proxy-user=user
>--proxy-passwd=password
> Specify the username user and password password for authentication on a
>proxy server. Wget will encode them using the `basic' authentication
>scheme.
>
>
> tony

Hi Tony,

Thanks for the reply.

No proxy isn't this issue. I *do* have a firewall running on the
apache server. (iptables).

I do use a 3rd party for dns (www.dyndns.org) provide a free dynamic
dns service which I use to resolve my servers ip address.

Since the remote client can connect via a browser to my page it would
seem the firewall is OK. They authenticate themselves via the passwd
file I setup using 'htdigest' tool (comes with apache).

What I'd like to see is what type of challenge httpd is issuing when
wget makes a request.

>From the ssl.log wget sends Basic Auth - which in turn means httpd
issues a Basic_Auth challenge. This is in complete contrast to
connecting via a browser where the only authentication method is
Digest. I've disabled all .htaccess files with the "AllowOverride
None" directive in my http.conf file.

Patrick/

----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Relevant Pages

  • RE: [Full-Disclosure] JPEG GDI
    ... I downloaded a copy via wget, both my proxy AV and my desktop AV were ... > one was just found on an adult newsgroup. ... Indeed Barry, heres more information on that for you or others ...
    (Full-Disclosure)
  • Re: update freebsd through proxy
    ... You may want to try fetch or curl instead of wget. ... Would you share with us which proxy you are using? ...
    (comp.unix.bsd.freebsd.misc)
  • [SLE] Updating using YOU - problems (Also wget problems)
    ... internet by using this proxy through Linux. ... At the end of the message there is an example using wget. ... The "moved temporarily" occurs because Novell BorderManager could not ... automatically authenticate the user. ...
    (SuSE)
  • SLED 10: rpm --install beind a proxy
    ... I have an HTTP proxy on my network and have setup and tested this ... I can't get rpm --install to work, ... The wget command line does indeed work: ... Connecting to 10.1.1.2:8080... ...
    (alt.os.linux.suse)
  • Re: wget digest authenication with apache. Please Help!
    ... >> From reading wget manuals there is no specific way to tell wget ... >Are you using a proxy? ... > Specify the username user and password password on an HTTP server. ... Wget will encode them using the `basic' authentication ...
    (comp.os.linux)