Which HTTP Authentication used?

1

I need a way to find out which HTTP Auth mechanism is used for a particular website/web-server, which is responding to my HTTP request. I am open to use any browser, or any other tool (like Wireshark). But I am not sure if Auth header would be visible. If yes, how?

Ajay

Posted 2014-11-05T07:22:08.957

Reputation: 702

Answers

2

You can use any tool that will get HTTP headers. Example in curl you should see the server respond with WWW-Authenticate: Basic realm="xxx" if it is using basic auth.

If digest it will look like the following.

WWW-Authenticate: Digest realm="testrealm@host.com",
                        qop="auth,auth-int",
                        nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
                        opaque="5ccc069c403ebaf9f0171e9517f40e41"

This is how to see the headers in curl.

$ curl -v http://a.b.c.d/
* About to connect() to a.b.c.d port 80 (#0)
*   Trying a.b.c.d...
* Adding handle: conn: 0x7f8e0a008c00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7f8e0a008c00) send_pipe: 1, recv_pipe: 0
* Connected to a.b.c.d (a.b.c.d) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: a.b.c.d
> Accept: */*
>
< HTTP/1.1 401 Authorization Required
< Date: Wed, 05 Nov 2014 07:27:40 GMT
* Server Apache is not blacklisted
< Server: Apache
< WWW-Authenticate: Basic realm="xxx"
< Content-Length: 463
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache Server at a.b.c.d Port 80</address>
</body></html>

f01

Posted 2014-11-05T07:22:08.957

Reputation: 334

From what I know Curl wont capture traffic, it will only (facilitate) send and receive by itself. How about Wireshark? – Ajay – 2014-11-05T07:46:18.137

Yes that is correct. Curl is like any browser. If you want to capture traffic you can use wireshark or tcpdump. You should see the same set of HTTP headers. – f01 – 2014-11-05T07:47:46.277

1Thanks anyway, I found excellent tool: Fiddler (Windows). – Ajay – 2014-11-05T09:19:04.890

1Just for update. Fiddler won't capture traffic from Service processes. So, I had to use Network Monitor from MS, excellent tool, though need to tweak it a bit to get HTTP only traffic. – Ajay – 2014-11-07T09:37:48.070

Asked: 2014-11-05T07:22:08.957

Viewed: 221 times

Active: 2014-11-05T07:43:13.823