On 02-01-19 10:39, Daniel Kong wrote:
Hi Alan,
I get status 401 (unauthorized) is because the site is protected. By disabling the rest security on the 3rd party application, it can successfully send the request and get the response, which I have posted previously by including the username and password for http basic authentication.
connect_uri = "http://10.18.6.22:8081/apps" authenticate { uri = "${..connect_uri}/user/%{User-Name}/%{User-Password}" method = "get" force_to = "json" * require_auth = yes* * auth = "basic"* * username = "test"* * password = "password123"* tls = ${..tls} }
Since by specifying those required attributes is not working, so I have tried to include REST-HTTP-Header, but it doesn't work as well.
connect_uri = "http://10.18.6.22:8081/apps" authenticate { uri = "${..connect_uri}/user/%{User-Name}/%{User-Password}" method = "get" force_to = "json" * REST-HTTP-Header = "Authorization: Basic aW5ldHVzZXI6cGFzc3dvcmQxYXBw"* tls = ${..tls} }
I am also getting a 401 while trying to send the request. Where is the problem?
Since the connection is made via HTTP without TLS: have you tried tcpdump/wireshark to inspect the HTTP headers? If the Authz header is added and the request is rejected by the webserver, the problem is probably in the web server, not the RADIUS server. -- Herwin Weststrate