Well... we have that in STATUS:
* It would be nice if a url in a urllist could handle basic
authentication.
...and now looks like people really need that. So here's quick'n'dirty
patch for RBC. Following URL uses basic auth:
<url user="Aladdin" password="open
sesame">http://localhost:8080/auth</url>
I can also prepare round-robin-auth.xml, but it would then require
public resource protected (?) with well-known username and password.
Maybe somebody can setup such a beast on www.apache.org? ;) To be honest
I was thinking about http://httpd.apache.org/test/flood/test/ (yeah...
this url is stupid... it is supposed to be just a proof of concept) with
a bunch of files there. We could then demonstrate anything flood is
capable of (regexp matches, failures, auth and this kind of stuff). With
such setup changes in google responses wouldn't be that bad ;))
BTW: This patch kinda suck. The proper way to do this would be to define
realms like this:
<realm>
<name>test</name>
<user>foo</user>
<password>bar</password>
<!-- if somebody want to simulate typing -->
<delay>10</delay>
</realm>
...and react to WWW-Authenticate header just like browsers and other
tiny clients (like wget) do. And I think we want to mimic browser
behaviour. OTOH this brings up other issue -- an url list where we can
insert new urls in realtime (like is planned for 3xx responses), which
needs a bit more work...
regards,
--
Jacek Prucia
7bulls.com S.A.
http://www.7bulls.com/
Wspólne podkatalogi: flood.orig/build i flood/build
diff -uN flood.orig/config.h.in flood/config.h.in
--- flood.orig/config.h.in 2002-07-23 20:44:07.000000000 +0200
+++ flood/config.h.in 2002-09-04 17:49:31.000000000 +0200
@@ -28,6 +28,8 @@
#define XML_URLLIST_PREDELAYPRECISION "predelayprecision"
#define XML_URLLIST_POSTDELAY "postdelay"
#define XML_URLLIST_POSTDELAYPRECISION "postdelayprecision"
+#define XML_URLLIST_USER "user"
+#define XML_URLLIST_PASSWORD "password"
#define XML_URLLIST_NAME "name"
#define XML_PROFILE "profile"
#define XML_PROFILE_COUNT "count"
Wspólne podkatalogi: flood.orig/CVS i flood/CVS
Wspólne podkatalogi: flood.orig/examples i flood/examples
diff -uN flood.orig/flood_round_robin.c flood/flood_round_robin.c
--- flood.orig/flood_round_robin.c 2002-08-02 00:25:35.000000000 +0200
+++ flood/flood_round_robin.c 2002-09-04 17:49:39.000000000 +0200
@@ -60,6 +60,7 @@
#include <apr_uri.h>
#include <apr_lib.h>
#include <apr_hash.h>
+#include <apr_base64.h>
#if APR_HAVE_STRINGS_H
#include <strings.h> /* strncasecmp */
@@ -115,6 +116,8 @@
char *responsetemplate;
char *responsename;
int responselen;
+ char *user;
+ char *password;
} url_t;
typedef struct cookie_t {
@@ -245,6 +248,7 @@
{
round_robin_profile_t *p;
char *cookies;
+ char *new_credit, *credit;
cookie_t *cook;
p = (round_robin_profile_t*)profile;
@@ -271,6 +275,16 @@
else
cookies = "";
+ if (p->url[p->current_url].user) {
+ if (!p->url[p->current_url].password) {
+ apr_file_printf(local_stderr, "missing password for user '%s'\n",
p->url[p->current_url].user);
+ return APR_EGENERAL;
+ } else {
+ credit = apr_pstrcat(r->pool, p->url[p->current_url].user, ":",
p->url[p->current_url].password, NULL);
+ apr_base64_encode(new_credit, credit, strlen(credit));
+ }
+ }
+
switch (r->method)
{
case GET:
@@ -278,12 +292,14 @@
"GET %s%s%s HTTP/1.1" CRLF
"User-Agent: Flood/" FLOOD_VERSION CRLF
"Connection: %s" CRLF
+ "Authorization: Basic %s" CRLF
"Host: %s" CRLF
"%s" CRLF,
r->parsed_uri->path,
r->parsed_uri->query ? "?" : "",
r->parsed_uri->query ? r->parsed_uri->query :
"",
r->keepalive ? "Keep-Alive" : "Close",
+ new_credit ? new_credit : "",
r->parsed_uri->hostinfo,
cookies);
r->rbuftype = POOL;
@@ -294,12 +310,14 @@
"HEAD %s%s%s HTTP/1.1" CRLF
"User-Agent: Flood/" FLOOD_VERSION CRLF
"Connection: %s" CRLF
+ "Authorization: Basic %s" CRLF
"Host: %s" CRLF
"%s" CRLF,
r->parsed_uri->path,
r->parsed_uri->query ? "?" : "",
r->parsed_uri->query ? r->parsed_uri->query :
"",
r->keepalive ? "Keep-Alive" : "Close",
+ new_credit ? new_credit : "",
r->parsed_uri->hostinfo,
cookies);
r->rbuftype = POOL;
@@ -312,6 +330,7 @@
"POST %s%s%s HTTP/1.1" CRLF
"User-Agent: Flood/" FLOOD_VERSION CRLF
"Connection: %s" CRLF
+ "Authorization: Basic %s" CRLF
"Host: %s" CRLF
"Content-Length: %d" CRLF
"Content-type:
application/x-www-form-urlencoded" CRLF
@@ -321,6 +340,7 @@
r->parsed_uri->query ? "?" : "",
r->parsed_uri->query ? r->parsed_uri->query
: "",
r->keepalive ? "Keep-Alive" : "Close",
+ new_credit ? new_credit : "",
r->parsed_uri->hostinfo,
r->payloadsize,
cookies,
@@ -330,6 +350,7 @@
"POST %s%s%s HTTP/1.1" CRLF
"User-Agent: Flood/" FLOOD_VERSION CRLF
"Connection: %s" CRLF
+ "Authorization: Basic %s" CRLF
"Host: %s" CRLF
"%s" CRLF "",
@@ -337,6 +358,7 @@
r->parsed_uri->query ? "?" : "",
r->parsed_uri->query ? r->parsed_uri->query
: "",
r->keepalive ? "Keep-Alive" : "Close",
+ new_credit ? new_credit : "",
r->parsed_uri->hostinfo,
cookies);
}
@@ -469,6 +491,16 @@
url->responsename = (char*)attr->value;
url->responselen = strlen((char*)attr->value);
}
+ else if (strncasecmp(attr->name,
+ XML_URLLIST_USER,
+ FLOOD_STRLEN_MAX) == 0) {
+ url->user = (char*)attr->value;
+ }
+ else if (strncasecmp(attr->name,
+ XML_URLLIST_PASSWORD,
+ FLOOD_STRLEN_MAX) == 0) {
+ url->password = (char*)attr->value;
+ }
attr = attr->next;
}
}
