HTTP Basic authentication for Python

Source: Internet
Author: User
Tags base64

First, the Basic authentication of http:

During the communication of the HTTP protocol, the HTTP protocol defines the Basic authentication process to allow the HTTP server to authenticate the user to the Web browser, and when a client makes data requests to the HTTP server, if the client is not authenticated, The HTTP server verifies the client's user name and password through the Basic authentication process to determine whether the user is legitimate.

After receiving the authentication request of the HTTP server, the client prompts the user to enter the user name and password, then encrypts the user name and password with BASE64, and the encrypted ciphertext will be appended to the request information, such as the user name is Paul, the password is: 123456, the client will use the username and password ":" Merge and encrypt the merged string into ciphertext with BASE64, and append the ciphertext to the request header each time the data is requested. When the HTTP server receives the request packet each time, according to the protocol to the client additional user information, unpack the package, after the user name and password verification, if correct, according to user needs, return the data required by the client; otherwise, an error code 401 is returned, requiring the user to re-supply the user name and password.

Second, the BSAIC certification process:

1. the client requests data from the server, the requested content may be a Web page or an additional MIME type, at which point the client provides the following request to the server, assuming that the client has not been authenticated:


         get/index.html http/1.0         Host:www.baidu.com

2. The server sends the authentication request code 401 to the client, which is probably the following data returned by the server:


        http/1.0 401 Unauthorised        server:sokevo/1.0        www-authenticate:basic realm= "google.com"        Content-Type: text/html        content-length:xxx

3.When a client (such as Ie,firefox) that complies with the HTTP1.0 or 1.1 specification receives a 401 return value, a login window is automatically ejected, requiring the user to enter a user name and password.

4.After the user enters the user name and password, encrypts the user name and password in BASE64 encryption, and puts the ciphertext into the previous request message, the first request message sent by the client becomes the following:
    
        get/index.html http/1.0        Host:www.google.com        authorization:basic xxxxxxxxxxxxxxxxxxxxxxxxxxxx

5.After the server receives the above request information, the user information after the authorization field is taken out and decrypted, the decrypted username and password are compared with the user database for verification, such as the user name and password are correct, and the server sends the requested resources to the client according to the request.

Third, the shortcomings of the basic certification:

The goal of HTTP Basic authentication is to provide simple user authentication function, the authentication process is simple and clear, suitable for the security requirements of the system and equipment, such as router configuration page authentication, almost all take this way. Its disadvantage is that there is no flexible and reliable authentication policy, such as the inability to provide domain authentication function, in addition, BASE64 encryption strength is very bottom, can say only to prevent Sohu search. Of course, HTTP Basic authentication can also be combined with SSL to achieve a higher security authentication system.

Iv. Python URLLIB2 Basic Certification:

1.This is done by adding an HTTP header:

         Import URLLIB2 from         base64 import encodestring         url = ' Http://XXX.XXX. x.xx '         user = ' a '         passwd = ' AA '          req = urllib2. Request (URL)         basestr = encodestring ('%s:%s '% (USER,PASSWD)) [: -1]         req.add_header (' Authorization ', ' Basic%s ') % basestr)         f = urllib2.urlopen (req)

2.Through the handler to achieve:

       Import urllib2        url = ' Http://XXX.XXX. x.xx '        user = ' a '        passwd = ' AA '        HDLR = urllib2. Httpbasicauthhandler ()        hdlr.add_password (' Hello ', url,user,passwd)  # #此处需添入realm        opener = Urllib2.build_opener (HDLR)        Urllib2.install_opener (opener)        f = urllib2.urlopen (URL)    In order to be more generic we use Httppasswordmgrwithdefaultrealm Password Manager to implement:        import urllib2        url = ' Http://XXX.XXX. x.xx '        user = ' a '        passwd = ' AA '        psmg = urllib2. Httppasswordmgrwithdefaultrealm ()         Psmg.add_password (none,url,user,passwd)        HDLR = Urllib2. Httpbasicauthhandler (PSMG)        opener = Urllib2.build_opener (HDLR)        Urllib2.install_opener (opener)        f = Urllib2.urlopen (URL)

Reference:
Http://www.csdn123.com/html/itweb/20131011/161459.htm

http://blog.itpub.net/23071790/viewspace-709367/


HTTP Basic authentication for Python

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.