From 289ea7ccfbf5dac2cc159bd82885ade55d18548d Mon Sep 17 00:00:00 2001 From: cgagnaire Date: Mon, 30 Apr 2018 16:09:37 +0000 Subject: [PATCH] enhance http lib to handle hidden basic authent (#974) --- apps/protocols/http/mode/expectedcontent.pm | 29 +++++++++++++------- apps/protocols/http/mode/jsoncontent.pm | 29 +++++++++++++------- apps/protocols/http/mode/response.pm | 29 +++++++++++++------- apps/protocols/http/mode/soapcontent.pm | 30 +++++++++++++-------- centreon/plugins/http.pm | 8 ++++-- 5 files changed, 82 insertions(+), 43 deletions(-) diff --git a/apps/protocols/http/mode/expectedcontent.pm b/apps/protocols/http/mode/expectedcontent.pm index fe537d79b..9d3724dd5 100644 --- a/apps/protocols/http/mode/expectedcontent.pm +++ b/apps/protocols/http/mode/expectedcontent.pm @@ -42,7 +42,8 @@ sub new { "proto:s" => { name => 'proto' }, "urlpath:s" => { name => 'url_path' }, "credentials" => { name => 'credentials' }, - "ntlm" => { name => 'ntlm' }, + "basic" => { name => 'basic' }, + "ntlm" => { name => 'ntlm' }, # Deprecated "ntlmv2" => { name => 'ntlmv2' }, "username:s" => { name => 'username' }, "password:s" => { name => 'password' }, @@ -196,20 +197,28 @@ Set path to get Webpage (Default: '/') =item B<--credentials> -Specify this option if you access webpage over basic authentication +Specify this option if you access webpage with authentication + +=item B<--username> + +Specify username for authentication (Mandatory if --credentials is specified) + +=item B<--password> + +Specify password for authentication (Mandatory if --credentials is specified) + +=item B<--basic> + +Specify this option if you access webpage over basic authentication and don't want a '401 UNAUTHORIZED' error to be logged on your webserver. + +Specify this option if you access webpage over hidden basic authentication or you'll get a '404 NOT FOUND' error. + +(Use with --credentials) =item B<--ntlmv2> Specify this option if you access webpage over ntlmv2 authentication (Use with --credentials and --port options) -=item B<--username> - -Specify username for basic authentication (Mandatory if --credentials is specidied) - -=item B<--password> - -Specify password for basic authentication (Mandatory if --credentials is specidied) - =item B<--timeout> Threshold for HTTP timeout (Default: 5) diff --git a/apps/protocols/http/mode/jsoncontent.pm b/apps/protocols/http/mode/jsoncontent.pm index 9df0d7db7..fac3a7365 100644 --- a/apps/protocols/http/mode/jsoncontent.pm +++ b/apps/protocols/http/mode/jsoncontent.pm @@ -46,7 +46,8 @@ sub new { "proto:s" => { name => 'proto' }, "urlpath:s" => { name => 'url_path' }, "credentials" => { name => 'credentials' }, - "ntlm" => { name => 'ntlm' }, + "basic" => { name => 'basic' }, + "ntlm" => { name => 'ntlm' }, # Deprecated "ntlmv2" => { name => 'ntlmv2' }, "username:s" => { name => 'username' }, "password:s" => { name => 'password' }, @@ -393,20 +394,28 @@ Set path to get Webpage (Default: '/') =item B<--credentials> -Specify this option if you access webpage over basic authentication +Specify this option if you access webpage with authentication + +=item B<--username> + +Specify username for authentication (Mandatory if --credentials is specified) + +=item B<--password> + +Specify password for authentication (Mandatory if --credentials is specified) + +=item B<--basic> + +Specify this option if you access webpage over basic authentication and don't want a '401 UNAUTHORIZED' error to be logged on your webserver. + +Specify this option if you access webpage over hidden basic authentication or you'll get a '404 NOT FOUND' error. + +(Use with --credentials) =item B<--ntlmv2> Specify this option if you access webpage over ntlmv2 authentication (Use with --credentials and --port options) -=item B<--username> - -Specify username for basic authentication (Mandatory if --credentials is specidied) - -=item B<--password> - -Specify password for basic authentication (Mandatory if --credentials is specidied) - =item B<--timeout> Threshold for HTTP timeout (Default: 10) diff --git a/apps/protocols/http/mode/response.pm b/apps/protocols/http/mode/response.pm index 44bab4aef..48dd23455 100644 --- a/apps/protocols/http/mode/response.pm +++ b/apps/protocols/http/mode/response.pm @@ -42,7 +42,8 @@ sub new { "proto:s" => { name => 'proto' }, "urlpath:s" => { name => 'url_path' }, "credentials" => { name => 'credentials' }, - "ntlm" => { name => 'ntlm' }, + "basic" => { name => 'basic' }, + "ntlm" => { name => 'ntlm' }, # Deprecated "ntlmv2" => { name => 'ntlmv2' }, "username:s" => { name => 'username' }, "password:s" => { name => 'password' }, @@ -174,20 +175,28 @@ Set path to get webpage (Default: '/') =item B<--credentials> -Specify this option if you access webpage over basic authentication +Specify this option if you access webpage with authentication + +=item B<--username> + +Specify username for authentication (Mandatory if --credentials is specified) + +=item B<--password> + +Specify password for authentication (Mandatory if --credentials is specified) + +=item B<--basic> + +Specify this option if you access webpage over basic authentication and don't want a '401 UNAUTHORIZED' error to be logged on your webserver. + +Specify this option if you access webpage over hidden basic authentication or you'll get a '404 NOT FOUND' error. + +(Use with --credentials) =item B<--ntlmv2> Specify this option if you access webpage over ntlmv2 authentication (Use with --credentials and --port options) -=item B<--username> - -Specify username for basic authentication (Mandatory if --credentials is specidied) - -=item B<--password> - -Specify password for basic authentication (Mandatory if --credentials is specidied) - =item B<--proxyurl> Proxy URL diff --git a/apps/protocols/http/mode/soapcontent.pm b/apps/protocols/http/mode/soapcontent.pm index a08eb8c13..b3d92a97d 100644 --- a/apps/protocols/http/mode/soapcontent.pm +++ b/apps/protocols/http/mode/soapcontent.pm @@ -46,7 +46,8 @@ sub new { "proto:s" => { name => 'proto' }, "urlpath:s" => { name => 'url_path' }, "credentials" => { name => 'credentials' }, - "ntlm" => { name => 'ntlm' }, + "basic" => { name => 'basic' }, + "ntlm" => { name => 'ntlm' }, # Deprecated "ntlmv2" => { name => 'ntlmv2' }, "username:s" => { name => 'username' }, "password:s" => { name => 'password' }, @@ -64,7 +65,6 @@ sub new { "unknown-status:s" => { name => 'unknown_status' }, "warning-status:s" => { name => 'warning_status' }, "critical-status:s" => { name => 'critical_status' }, - "warning-numeric:s" => { name => 'warning_numeric' }, "critical-numeric:s" => { name => 'critical_numeric' }, "warning-string:s" => { name => 'warning_string' }, @@ -420,20 +420,28 @@ Set path to get Webpage (Default: '/') =item B<--credentials> -Specify this option if you access webpage over basic authentication +Specify this option if you access webpage with authentication + +=item B<--username> + +Specify username for authentication (Mandatory if --credentials is specified) + +=item B<--password> + +Specify password for authentication (Mandatory if --credentials is specified) + +=item B<--basic> + +Specify this option if you access webpage over basic authentication and don't want a '401 UNAUTHORIZED' error to be logged on your webserver. + +Specify this option if you access webpage over hidden basic authentication or you'll get a '404 NOT FOUND' error. + +(Use with --credentials) =item B<--ntlmv2> Specify this option if you access webpage over ntlmv2 authentication (Use with --credentials and --port options) -=item B<--username> - -Specify username for basic authentication (Mandatory if --credentials is specidied) - -=item B<--password> - -Specify password for basic authentication (Mandatory if --credentials is specidied) - =item B<--timeout> Threshold for HTTP timeout (Default: 10) diff --git a/centreon/plugins/http.pm b/centreon/plugins/http.pm index 37947b507..c64ac06bb 100644 --- a/centreon/plugins/http.pm +++ b/centreon/plugins/http.pm @@ -265,13 +265,17 @@ sub request { $req->content($uri_post->query); } } - + if (defined($request_options->{credentials}) && defined($request_options->{ntlmv2})) { centreon::plugins::misc::mymodule_load(output => $self->{output}, module => 'Authen::NTLM', error_msg => "Cannot load module 'Authen::NTLM'."); Authen::NTLM::ntlmv2(1); } + if (defined($request_options->{credentials}) && defined($request_options->{basic})) { + $req->authorization_basic($request_options->{username}, $request_options->{password}); + } + $self->set_proxy(request => $request_options, url => $url); if (defined($request_options->{cert_pkcs12}) && $request_options->{cert_file} ne '' && $request_options->{cert_pwd} ne '') { @@ -315,7 +319,7 @@ sub request { my $short_msg = $response->status_line; if ($short_msg =~ /^401/) { my ($authenticate) = $response->www_authenticate =~ /(\S+)/; - $short_msg .= ' (' . $authenticate . ' authentification expected)'; + $short_msg .= ' (' . $authenticate . ' authentication expected)'; } $self->{output}->output_add(long_msg => $response->content, debug => 1);