Help Needed | Web Authentication

Herb J. nagios at herb-j.com
Wed Aug 18 22:28:06 CEST 2010


Basic HTTP authentication is what you would use if you were password 
protecting a web page using an .htaccess file. Since Facebook does not 
use basic HTTP authentication, Facebook is ignoring the login and 
password you are sending it and is just displaying the standard login 
page (in this situation the check_http plugin will not work with the 
parameters you are sending it). To verify login access to a site like 
Facebook you will need to configure the check to run the same way that 
the browser would. That means you must get the variable names from the 
login form (view the source code and get *all* of the form parameters 
that are contained in the login form, including the hidden ones) and 
populate them with the required values. Those parameters then need to be 
sent by either a "GET" request and/or a "POST" request (using key=value 
pairs joined by an "&", e.g. "login=myfbusername&pass=myfbpassword"), 
depending on how Facebook's login page is configured. (You will need to 
be aware that if the names of the form fields ever change you must 
update your check to match them.) For "GET" requests, use the "-u" 
parameter to populate the fields, and for "POST" requests, use the "-P" 
parameter.

Also, if you are monitoring a Facebook login/pass by repeatedly logging 
into it, it is possible that you might set off a warning flag in some 
Facebook internal system that monitors for automated logins. If it is 
for some other site, make sure that the code on that site will not have 
any problems with constantly repeating logins.


On 08/18/2010 03:56 PM, Himanshu Arora wrote:
> It would be really appreciated if somone can help me out setting up 
> nagios monitoring for a website or a secured website.
>
> I just wanted to match the string after the website is authenticated.
> for eg: i am trying to setup the monitoring for facebook.com 
> <http://facebook.com>, and the command i am using for this is-
>
> ./check_http -H facebook.com <http://facebook.com> -u 
> "http://www.facebook.com" -a myfbusername:myfbpassword -s "Facebook 
> helps you connect" -f follow
>
> Plugin responds back --- HTTP OK: HTTP/1.1 200 OK - 27441 bytes in 
> 2.614 second response time |time=2.613975s;;;0.000000 size=27441B;;;0
>
> even if the password is incorrect i gives me same response because it 
> is verifying the string and responds back correctly.
>
> So i need to know what am i doing wrong here or may be i am not using 
> the right plugin to do so because as i know its not the "basic 
> authentication" that i am going through.
>
> Need your help, trying to get this done from couple of days now... but 
> not getting it solved.
>
> Please help or suggest... Thanks
>
>
> Himanshu
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by
>
> Make an app they can't live without
> Enter the BlackBerry Developer Challenge
> http://p.sf.net/sfu/RIM-dev2dev
>
>
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20100818/ea9d83f7/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


More information about the Users mailing list