HTTP基本身份验证似乎不能在python中使用urllib2

时间:2011-02-27 04:12:23

标签: python urllib2 basic-authentication http-basic-authentication

我正在尝试使用urllib2下载受基本身份验证保护的页面。我正在使用python 2.7,但我也在另一台使用python 2.5的计算机上尝试过它,并遇到了完全相同的行为。我尽可能地遵循this guide中给出的示例,这是我生成的代码:

import urllib2

passman = urllib2.HTTPPasswordMgrWithDefaultRealm()
passman.add_password(None, "http://authenticationsite.com/', "protected", "password")
authhandler = urllib2.HTTPBasicAuthHandler(passman)
opener = urllib2.build_opener(authhandler)

f = opener.open("http://authenticationsite.com/content.html")
print f.read()
f.close()

不幸的是服务器不是我的,所以我无法分享细节;我把它们从上面和下面换了出来。当我运行它时,我得到以下Traceback:

  File
"/usr/lib/python2.7/urllib2.py", line
397, in open
response = meth(req, response)   File "/usr/lib/python2.7/urllib2.py",
line 510, in http_response
'http', request, response, code, msg, hdrs)   File
"/usr/lib/python2.7/urllib2.py", line
435, in error
return self._call_chain(*args)   File "/usr/lib/python2.7/urllib2.py",
line 369, in _call_chain
result = func(*args)   File "/usr/lib/python2.7/urllib2.py", line
518, in http_error_default
raise HTTPError(req.get_full_url(), code,
msg, hdrs, fp) urllib2.HTTPError: HTTP
Error 401: Authorization Required

现在,有趣的部分是当我使用ngrep监视计算机上的tcp流量时:

ngrep host 74.125.224.49 interface:
wlan0 (192.168.1.0/255.255.255.0)
filter: (ip) and ( host 74.125.224.49
)
#### T 192.168.1.74:34366 -74.125.224.49:80 [AP]   GET /content.html
HTTP/1.1..Accept-Encoding:
identity..Host:
authenticationsite.com..Connection:
close..User-Agent:
Python-urllib/2.7.... 

## T 74.125.224.49:80 -192.168.1.74:34366 [AP]   HTTP/1.1 401 Authorization Required..Date: Sun, 27
Feb 2011 03:39:31 GMT..Server:
Apache/2.2.3 (Red
Hat)..WWW-Authenticate: Digest
realm="protected",
nonce="6NSgTzudBAA=ac585d1f7ae0632c4b90324aff5e39e0f1fc25
05", algorithm=MD5,
qop="auth"..Content-Length:
486..Connection: close..Content-Type: text/html;
charset=iso-8859-1....<!DOCTYPE HTML
PUBLIC "-//IETF//DTD HTML
2.0//EN">.<html><head>.<title>401 Authorization   
Required</title>.</head><body>.<h1>Authorization
Required</h1>.<p>This server could not
verify that you.are authorized to
access the document.requested.  Either
you supplied the wrong.credentials
(e.g., badpassword), or
your.browser doesn't understand how to
supply.the credentials
required.</p>.<hr>.<address>Apache/2.2.3
(Red Hat) Server at
authenticationsite.com Port
80</address>.</body></html>.  

####

看起来好像urllib2在获得初始401错误后甚至没有尝试提供凭据就抛出异常。

比较一下,当我在网络浏览器中进行身份验证时,这是ngrep的输出:

ngrep host 74.125.224.49 interface:
wlan0 (192.168.1.0/255.255.255.0)
filter: (ip) and ( host 74.125.224.49
)
#### T 192.168.1.74:36102 -74.125.224.49:80 [AP]   GET /content.html HTTP/1.1..Host:
authenticationsite.com..User-Agent:
Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.2.12) Gecko/20101027
Firefox/3.6.12..Accept: text  
/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language:
en-us,en;q=0.5..Accept-Encoding:
gzip,deflate..Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7..Keep-Alive:
115..Connection: keep-   alive....  
## T 74.125.224.49:80 -192.168.1.74:36102 [AP]   HTTP/1.1 401 Authorization Required..Date: Sun, 27
Feb 2011 03:43:42 GMT..Server:
Apache/2.2.3 (Red
Hat)..WWW-Authenticate: Digest
realm="protected",
nonce="rKCfXjudBAA=0c1111321169e30f689520321dbcce37a1876b
be", algorithm=MD5,
qop="auth"..Content-Length:
486..Connection: close..Content-Type: text/html;
charset=iso-8859-1....<!DOCTYPE HTML
PUBLIC "-//IETF//DTD HTML
2.0//EN">.<html><head>.<title>401 Authorization   
Required</title>.</head><body>.<h1>Authorization
Required</h1>.<p>This server could not
verify that you.are authorized to
access the document.requested.  Either
you supplied the wrong.credentials
(e.g., badpassword), or
your.browser doesn't understand how to
supply.the credentials
required.</p>.<hr>.<address>Apache/2.2.3
(Red Hat) Server at
authenticationsite.com Port
80</address>.</body></html>.  

######### T 192.168.1.74:36103 -74.125.224.49:80 [AP]   GET /content.html HTTP/1.1..Host:
authenticationsite.com..User-Agent:
Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.2.12) Gecko/20101027
Firefox/3.6.12..Accept: text  
/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-Language:
en-us,en;q=0.5..Accept-Encoding:
gzip,deflate..Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7..Keep-Alive:
115..Connection: keep-   alive..Authorization: Digest
username="protected",
realm="protected",
nonce="rKCfXjudBAA=0c1111199162342689520550dbcce37a1876bbe",
uri="/content.html", algorithm=   MD5,
response="3b65dadaa00e1d6a1892ffff49f9f325",
qop=auth, nc=00000001,
cnonce="7636125b7fde3d1b".... 

##

然后是网站的内容。

我已经玩了一段时间并且无法弄清楚我做错了什么。如果有人可以帮助我,我将非常感激!

3 个答案:

答案 0 :(得分:9)

我认为这是由此造成的:

WWW-Authenticate: Digest

看来资源是使用Digest而不是Basic进行身份验证的。这意味着您应该使用urllib2.HTTPDigestAuthHandler代替。

代码可能是

import urllib2

passman = urllib2.HTTPPasswordMgrWithDefaultRealm()
passman.add_password(None, "http://authenticationsite.com/", "protected", "password")

# use HTTPDigestAuthHandler instead here
authhandler = urllib2.HTTPDigestAuthHandler(passman)
opener = urllib2.build_opener(authhandler)

res = opener.open("http://authenticationsite.com/content.html")
print res.read()
res.close()

答案 1 :(得分:0)

你必须使用python NTLM模块:

来自ntlm import HTTPNtlmAuthHandler

import urllib2

user =“Your_username”

password =“your_Passwrd”

passman = urllib2.HTTPPasswordMgrWithDefaultRealm()

passman.add_password(无,“http://your_Home_location/”,用户,密码)

auth_NTLM = HTTPNtlmAuthHandler.HTTPNtlmAuthHandler(passman)

opener = urllib2.build_opener(auth_NTLM)

urllib2.install_opener(开启器)

url =“http://Your_home_location/sub_locations

response = urllib2.urlopen(url)

headers = response.info()

print(“headers:{}”。format(headers))

body = response.read()

打印(“回复:”+正文)

答案 2 :(得分:-1)

import urllib2
# Create an OpenerDirector with support for Basic HTTP Authentication...
auth_handler = urllib2.HTTPBasicAuthHandler()
auth_handler.add_password(realm='PDQ Application',
                          uri='https://mahler:8092/site-updates.py',
                          user='klem',
                          passwd='kadidd!ehopper')
opener = urllib2.build_opener(auth_handler)
# ...and install it globally so it can be used with urlopen.
urllib2.install_opener(opener)
urllib2.urlopen('http://www.example.com/login.html')

- http://docs.python.org/library/urllib2.html#examples