I'm learning Apigility (Apigility docu -> REST Service Tutorial) and trying to send a POST request with basic authentication via cURL:
$ curl -X POST -i -H "Content-Type: application/hal+json" -H "Authorization: Basic YXBpdXNlcjphcGlwd2Q=" http://apigilityhw.sandbox.loc/status
YXBpdXNlcjphcGlwd2Q=
is the base 64 encoded string with my credentials apiuser:apipwd
. The credentials are saved in the /data/htpasswd
(apiuser:$apr1$3J4cyqEw$WKga3rQMkxvnevMuBaekg/
).
The looks like this:
HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 22 Sep 2014 07:48:47 GMT
Content-Type: application/problem+json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.12-1~dotdeb.1
WWW-Authenticate: Basic realm="api"
Where is the mistake here? How to get it work?
curl -u username:password http://
curl -u username http://
From the documentation page:
-u, --user <user:password>
Specify the user name and password to use for server authentication.
Overrides -n, --netrc and --netrc-optional.
If you simply specify the user name, curl will prompt for a password.
The user name and passwords are split up on the first colon, which
makes it impossible to use a colon in the user name with this option.
The password can, still.
When using Kerberos V5 with a Windows based server you should include
the Windows domain name in the user name, in order for the server to
succesfully obtain a Kerberos Ticket. If you don't then the initial
authentication handshake may fail.
When using NTLM, the user name can be specified simply as the user
name, without the domain, if there is a single domain and forest in
your setup for example.
To specify the domain name use either Down-Level Logon Name or UPN
(User Principal Name) formats. For example, EXAMPLE\user and
user@example.com respectively.
If you use a Windows SSPI-enabled curl binary and perform Kerberos V5,
Negotiate, NTLM or Digest authentication then you can tell curl to
select the user name and password from your environment by specifying
a single colon with this option: "-u :".
If this option is used several times, the last one will be used.
http://curl.haxx.se/docs/manpage.html#-u
Note that you do not need --basic
flag as it is the default.
When using OAuth or other authentication services you can often also send your access token in a query string instead of in an authorization header, so something like:
GET https://www.example.com/v1/users/1?access_token=abcdefghijklmnopqrstuvwxyz1234567890ABCD
as header
AUTH=$(echo -ne "$BASIC_AUTH_USER:$BASIC_AUTH_PASSWORD" | base64 --wrap 0)
curl \
--header "Content-Type: application/json" \
--header "Authorization: Basic $AUTH" \
--request POST \
--data '{"key1":"value1", "key2":"value2"}' \
https://example.com/