My servers have Kerberos Authentication. A sample curl command would look like below.
curl --negotiate -u : <url>
Now I need to load test this with Apache Bench. How do I pass the "--negotiate -u :" to ab ?
Related
I am trying also to disable HTTPS, based on a stackoverflow question, an Answer was
to
docker exec -it {contaierID} bash
cd keycloak/bin
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
./kcadm.sh update realms/master -s sslRequired=NONE
but after executing the third command I am getting the error of HTTPS Required
Image
Version 19.0.2 of Keycloak
I need to use POST method for a REST API.It's working perfectly in SOAP UI while i select "Preemptive Authentication" , I need to assemble this authentication option in Curl.
At Web service , preemptive properties has not set. It has only Basic authentication system with username & password.
I have tried --anyauth , it's not working. I have below command.
curl -X POST -H "content-type:application/json" --verbose -u username:password http://example.net:1234/api/Flows/UpdateStatus -d '{"EventId": "123","Status": "success"}'
I am always getting below error.
{"Message":"Authorization has been denied for this request."}
I had tried with providing base64 encoded value of user & password at header section instead of providing user & password under user section ,and it got worked for me.
curl -X POST -H "content-type:application/json" --verbose -H "Authorization: Basic Base64_encoded_value_of_user_&_password" http://example.net:1234/api/Flows/UpdateStatus -d '{"EventId": "123","Status": "success"}'
I have a Scala rest service on Finatra and would like to authenticate users accessing my rest service using Azure Active Directory.
Currently, I can do a curl to get the access token:
curl -s -X POST https://login.microsoftonline.com/tenant id/oauth2/token -d grant_type=password -d username=$username -d password=$pass -d resource=$resID -d client_id=$id -d client_secret=$key
But it requires the user to pass his password as a parameter which is a security concern.
Is there a way to authenticate the user using Azure AD with taking in the password (I am pretty sure this is not possible) or asking him to sign in?
It is not recommended to use your user and password to login Azure account. You had better create service principal to sign in your Azure account. Please refer to this link: Use portal to create an Azure Active Directory application and service principal that can access resources.
Also, you could use Azure CLI 2.0 to create this.
az ad sp create-for-rbac --name {appId} --password "{strong password}"
Example:
az ad sp create-for-rbac --name shuiexample --password "Password012!!"
You could get result like below:
{
"appId": "bca24913-026d-4020-b9f1-add600bf9045",
"displayName": "shuiexample1234",
"name": "http://shuiexample1234",
"password": "*******",
"tenant": "*******"
}
Sign in using the service principal.
APPID="bca24913-026d-4020-b9f1-add600bf9045"
PASSWORD="******"
TENANTID="*******"
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=$APPID&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=$PASSWORD&grant_type=client_credentials' 'https://login.microsoftonline.com/$TENANTID/oauth2/token'
I'm trying to use IBM Watson Natural language Classifier but I can't proceed and load my answers. For some reason, username and password aren't working all the time.
This one executed fine:
curl -u username:password -F training_data=#questions.csv -F
training_metadata="{\"language\":\"en\",\"name\":\"my_classifier\"}"
"https://url/v1/classifiers"
But when I try to execute the following command, it doesn't work:
curl -u username:password -X POST -H "Content-Type: application/json"
-d #questions-with-classifier-ega-war/target/classes/answers.json http://yourAppName.mybluemix.net/api/v1/manage/answer
It just asks for the user and password again and again. It is the same password that just worked in the first curl command.
Thanks in advance!
I think you are confusing the service credentials (the one you use in the first command) with the credentials used to manage the database in one of the sample applications "Questions on Classifier" (see pom.xml).
In order to run your second command make sure you use the credentials from the pom.xml in your root directory
I am using Curl.exe in an application to send emails. I need to support most major email servers. GMail exposes the following ports and Authentication methods.
TLS/STARTTLS (sometimes called Explicit TLS): uses port 587
SSL (sometimes called Implicit TLS): uses port 465
I have gotten the Explicit TLS to work using the following command line:
C:\>curl smtp://smtp.gmail.com:587 -v --mail-from "my.mail#gmail.com" --mail-rcpt
"your.mail#x.com" --ssl -u my.mail#gmail.com:password -T "c:\test.txt" -k --anyauth
I have tried the following to get ImplicitTLS to work, but it is not.
C:\>curl smtp://smtp.gmail.com:465 -v --mail-from "my.mail#gmail.com" --mail-rcpt
"your.mail#x.com" --ssl -u my.mail#gmail.com:password -T "c:\test.txt" -k --anyauth
What are the proper command line parameters to get SSL/Implicit TLS to work?
Use smtps:// for SMTPS (i.e. SMTP on top of an existing SSL/TLS connection).
This works:
curl smtps://smtp.gmail.com:465 -v
I would also use --ssl-reqd for the explicit STARTTLS connection to make sure SSL/TLS is used when you expect it to be (downgrade attacks would be possible otherwise).
Don't use -k either, check the server certificate: see http://curl.haxx.se/docs/sslcerts.html
well i just tried the following and it works fine:
curl smtps://smtp.gmail.com:465 -v --mail-from "xxx#gmail.com" --mail-rcpt "yyy#gmail.com" --ssl -u xxx#gmail.com:password -T "test.txt" -k --anyauth
hope it helps!
Your can try this..
curl --url "smtps://smtp.gmail.com:465" --ssl-reqd --mail-from "sender#gmail.com" --mail-rcpt "recepient#gmail.com" --upload-file /var/scripts/mail.txt --user "sender#gmail.com:senderGmailPassword"
You can test using this command:
curl -v --url "smtps://smtp.gmail.com:465" --ssl-reqd --mail-from "sender#gmail.com" --user "sender#gmail.com" --mail-rcpt "sender#gmail.com"
You will have to create a new 16 digits password specific for this application and simply change the account password to this new secure app password. Now you can create one password for each app. It will keep your account password safe and manage app passwords separately.
Login to your account to create it:
https://myaccount.google.com/apppasswords
You must enable the 2-Step Verification (https://myaccount.google.com/signinoptions/two-step-verification) to access this feature.
To help keep your account secure, from May 30, 2022, Google no
longer supports the use of third-party apps or devices which ask you
to sign in to your Google Account using only your username and
password.
https://support.google.com/accounts/answer/6010255