Can't get authentication to work with uri module
2,250 views
Skip to first unread message
Brenda Bell
Apr 28, 2015, 8:19:21 PM4/28/15
to ansible...@googlegroups.com
I can ssh to the server and curl successfully with authentication:
But when I try to use Ansible to get the same url with the same credentials, it fails to authenticate. My task looks like this:
I'm definitely using the correct username and password in both places.
$ curl --user user:password http://localhost:8080/api/v1/clusters
{
"href" : "http://localhost:8080/api/v1/clusters",
"items" : [ ]
}
But when I try to use Ansible to get the same url with the same credentials, it fails to authenticate. My task looks like this:
- uri:
url: http://localhost:8080/api/v1/clusters
method: GET
user: "user"
password: "password"
I get an authentication error from my web service:
failed: [172.98.1.129] => {"content": "{\n \"status\": 403,\n \"message\": \"Full authentication is required to access this resource\"\n}", "content_length": "91", "content_type": "text/plain;charset=ISO-8859-1", "failed": true, "redirected": false, "server": "Jetty(7.6.7.v20120910)", "set_cookie": "AMBARISESSIONID=7ek08rb33476kg9z8jyiw40y;Path=/", "status": 403}
msg: Status code was not [200]
I'm definitely using the correct username and password in both places.
So my question is how does the uri module's authentication differ from curl?
Mirko Friedenhagen
Apr 29, 2015, 1:42:47 AM4/29/15
to ansible-project
Just a guess:
Curl uses preemptive authentication, i.e. sends the Authorization header on the first contact.
URL first goes to the resource and only sends authorization data on a second call, after it received http/401 on the first call.
My suggestion: use curl here. IIRR, there is already a PR for preemptive authorization.
Regards
Mirko
--
Sent from my mobile
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/466ad95e-f2b8-4ffe-8919-31191f47ad32%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Matt Martz
Apr 29, 2015, 7:31:13 AM4/29/15
to ansible...@googlegroups.com
You need to specify the force_basic_auth option with a value of yes/true and things should start working
--
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/466ad95e-f2b8-4ffe-8919-31191f47ad32%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Joaquin Menchaca
Apr 3, 2017, 9:51:19 PM4/3/17
to Ansible Project
force_basic auth did not work, getting 401:
- name: Get License
uri:
url: http://{{ ansible_host }}:{{ artifactory_port }}/artifactory/api/system/licenses
method: GET
user: "{{ artifactory_admin.user }}"
passwd: "{{ artifactory_admin.password }}"
force_basic_auth: yes
return_content: yes
But, this works fine:
- name: Get License
uri:
url: http://{{ artifactory_admin.user }}:{{ artifactory_admin.password }}@{{ ansible_host }}:{{ artifactory_port }}/artifactory/api/system/licenses
method: GET
return_content: yes
Anyway to get user and password to work?
- name: Get License
uri:
url: http://{{ ansible_host }}:{{ artifactory_port }}/artifactory/api/system/licenses
method: GET
user: "{{ artifactory_admin.user }}"
passwd: "{{ artifactory_admin.password }}"
force_basic_auth: yes
return_content: yes
But, this works fine:
- name: Get License
uri:
url: http://{{ artifactory_admin.user }}:{{ artifactory_admin.password }}@{{ ansible_host }}:{{ artifactory_port }}/artifactory/api/system/licenses
method: GET
return_content: yes
Anyway to get user and password to work?
On Wednesday, April 29, 2015 at 4:31:13 AM UTC-7, Matt Martz wrote:
You need to specify the force_basic_auth option with a value of yes/true and things should start working
On Tuesday, April 28, 2015, Brenda Bell <beebe...@gmail.com> wrote:
I can ssh to the server and curl successfully with authentication:--
{
"href" : "http://localhost:8080/api/v1/clusters",
"items" : [ ]
}
But when I try to use Ansible to get the same url with the same credentials, it fails to authenticate. My task looks like this:
url: http://localhost:8080/api/v1/clusters
method: GET
user: "user"
password: "password"I get an authentication error from my web service:
msg: Status code was not [200]
I'm definitely using the correct username and password in both places.So my question is how does the uri module's authentication differ from curl?
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/466ad95e-f2b8-4ffe-8919-31191f47ad32%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages