Re: http-client egg and authentication
Dear All, so I found this recent StackOverflow issue: https://stackoverflow.com/questions/72904388/how-do-i-use-http-basic-auth-with-http-client based on which I tried to use `make-uri` and pass the URI record (including credentials) to the http-client. This also gives a 403 reply from the server. I also tried manually encoding `"myuser:mypass"` as base64 without use. As a sidenote, using `uri-common`, I was not able to get a slash between port and path from `make-uri`; I had to use `(update-uri (uri-reference ...) ...)`. @Vasilij: Thanks for testing and explaining. Best Christian Christian Himpe schrieb am 2022-09-25: > Dear All, > I am exploring the use of the http-client egg ( > http://wiki.call-cc.org/eggref/5/http-client ) for communicating with a > database server. For this I need some basic authentication, which I did not > get to work. I tried including: > (determine-username/password (lambda (uri realm) (values "myuser" "mypass"))) > (see http://wiki.call-cc.org/eggref/5/http-client#authentication-support ), > which returns a 403 (Forbidden). However, authenticated communication works > with the server from the shell with "curl" using the argument "--user > myuser:mypass" ( https://curl.se/docs/manpage.html#-u ). > I assume I am missing, overlooking or doing something wrong here. Does > somebody have experience with this, or know some sample code? > Thank You > Christian
Re: http-client egg and authentication
Hello Christian, I've experimented by setting up a listener with `nc -nlvp 12345` and firing requests against localhost:12345 curl: GET / HTTP/1.1 Host: localhost:12345 Authorization: Basic bXl1c2VyOm15cGFzcw== User-Agent: curl/7.85.0 Accept: */* http-client: GET / HTTP/1.1 Host: localhost:12345 User-Agent: http-client/1.2 (CHICKEN Scheme HTTP-client) This confirms what you've seen. However, if you look at the documentation of `determine-username/password`, the following jumps at me: > The procedure in this parameter is called whenever the remote host > requests authentication via a 401 Unauthorized response. Since the listener does not request authentication, the procedure is never invoked. If you want to unconditionally set this header, pass it explicitly. Vasilij signature.asc Description: PGP signature
http-client egg and authentication
Dear All, I am exploring the use of the http-client egg ( http://wiki.call-cc.org/eggref/5/http-client ) for communicating with a database server. For this I need some basic authentication, which I did not get to work. I tried including: (determine-username/password (lambda (uri realm) (values "myuser" "mypass"))) (see http://wiki.call-cc.org/eggref/5/http-client#authentication-support ), which returns a 403 (Forbidden). However, authenticated communication works with the server from the shell with "curl" using the argument "--user myuser:mypass" ( https://curl.se/docs/manpage.html#-u ). I assume I am missing, overlooking or doing something wrong here. Does somebody have experience with this, or know some sample code? Thank You Christian