如何在 Ruby 中通过 HTTP 进行基本身份验证?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13822555/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to do basic authentication over HTTPs in Ruby?
提问by Eduardo Yá?ez Parareda
After looking a lot, I've found some solutions that seem working, but not for me...
看了很多之后,我发现了一些似乎有效的解决方案,但不适合我......
For example, I have this script:
例如,我有这个脚本:
require 'net/http'
require "net/https"
@http=Net::HTTP.new('www.xxxxxxx.net', 443)
@http.use_ssl = true
@http.verify_mode = OpenSSL::SSL::VERIFY_NONE
@http.start() {|http|
req = Net::HTTP::Get.new('/gb/PastSetupsXLS.asp?SR=31,6')
req.basic_auth 'my_user', 'my_password'
response = http.request(req)
print response.body
}
When I run it, it gives me a page that requests for authentication, but if I write the following URL in the browser, I get into the website without problems:
当我运行它时,它给了我一个请求身份验证的页面,但是如果我在浏览器中写入以下 URL,我可以毫无问题地进入该网站:
https://my_user:[email protected]/gb/PastSetupsXLS.asp?SR=31,6
I have also tried with open-uri:
我也尝试过使用 open-uri:
module OpenSSL
module SSL
remove_const :VERIFY_PEER
end
end
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
def download(full_url, to_here)
writeOut = open(to_here, "wb")
writeOut.write(open(full_url, :http_basic_authentication=>["my_user", "my_password"]).read)
writeOut.close
end
download('https://www.xxxxxxx.net/gb/PastSetupsXLS.asp?SR=31,6', "target_file.html")
But the result is the same, the site is asking for user authentication. Any tips of what am I doing wrong?. Must I encode the password in Base 64?
但结果是一样的,该站点要求用户身份验证。我做错了什么的任何提示?我必须在 Base 64 中对密码进行编码吗?
回答by Matt
I wrote a piece of code based on examples given in the Net::HTTP docsand tested it on my local WAMP server - it works fine. Here's what I have:
我根据Net::HTTP 文档中给出的示例编写了一段代码,并在我的本地 WAMP 服务器上对其进行了测试 - 它工作正常。这是我所拥有的:
require 'net/http'
require 'openssl'
uri = URI('https://localhost/')
Net::HTTP.start(uri.host, uri.port,
:use_ssl => uri.scheme == 'https',
:verify_mode => OpenSSL::SSL::VERIFY_NONE) do |http|
request = Net::HTTP::Get.new uri.request_uri
request.basic_auth 'matt', 'secret'
response = http.request request # Net::HTTPResponse object
puts response
puts response.body
end
And my .htaccessfile looks like this:
我的.htaccess文件如下所示:
AuthName "Authorization required"
AuthUserFile c:/wamp/www/ssl/.htpasswd
AuthType basic
Require valid-user
My .htpasswdis just a one liner generated with htpasswd -c .htpasswd mattfor password "secret". When I run my code I get "200 OK" and contents of index.html. If I remove the request.basic_authline, I get 401 error.
我.htpasswd的只是htpasswd -c .htpasswd matt为密码“secret”生成的一个班轮。当我运行我的代码时,我得到“200 OK”和 index.html 的内容。如果我删除该request.basic_auth行,则会收到 401 错误。
UPDATE:
更新:
As indicated by @stereoscott in the comments, the :verify_modevalue I used in the example (OpenSSL::SSL::VERIFY_NONE) is not safe for production.
正如@stereoscott 在评论中指出的那样,:verify_mode我在示例中使用的值 ( OpenSSL::SSL::VERIFY_NONE) 对生产不安全。
All available options listed in the OpenSSL::SSL::SSLContextdocs are: VERIFY_NONE, VERIFY_PEER, VERIFY_CLIENT_ONCE, VERIFY_FAIL_IF_NO_PEER_CERT, out of which (according to the OpenSSL docs) only the first two ones are used in the client mode.
OpenSSL::SSL::SSLContext文档中列出的所有可用选项是:VERIFY_NONE、VERIFY_PEER、VERIFY_CLIENT_ONCE、VERIFY_FAIL_IF_NO_PEER_CERT,其中(根据OpenSSL 文档)只有前两个用于客户端模式。
So VERIFY_PEERshould be used on production, which is the defaultbtw, so you can skip it entirely.
所以VERIFY_PEER应该在生产中使用,这是默认的btw,所以你可以完全跳过它。
