我正在学习 Apigility ( Apigility docu -> REST Service Tutorial) 并尝试通过 cURL 发送带有基本身份验证的 POST 请求:
$ curl -X POST -i -H "Content-Type: application/hal+json" -H "Authorization: Basic YXBpdXNlcjphcGlwd2Q=" http://apigilityhw.sandbox.loc/status
YXBpdXNlcjphcGlwd2Q= 是带有我的凭据 apiuser:apiwd 的 base 64 编码字符串。凭据保存在 /data/htpasswd 中(apiuser:$apr1$3J4cyqEw$WKga3rQMkxvnevMuBaekg/)。
看起来像这样:
HTTP/1.1 401 Unauthorized
Server: nginx/1.4.7
Date: Mon, 22 Sep 2014 07:48:47 GMT
Content-Type: application/problem+json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.12-1~dotdeb.1
WWW-Authenticate: Basic realm="api"
这里哪里错了?如何让它发挥作用?
最佳答案
curl -u username:password http://
curl -u username http://
来自文档页面:
-u, --user <user:password>
Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional.
If you simply specify the user name, curl will prompt for a password.
The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still.
When using Kerberos V5 with a Windows based server you should include the Windows domain name in the user name, in order for the server to succesfully obtain a Kerberos Ticket. If you don't then the initial authentication handshake may fail.
When using NTLM, the user name can be specified simply as the user name, without the domain, if there is a single domain and forest in your setup for example.
To specify the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and user@example.com respectively.
If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate, NTLM or Digest authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this option: "-u :".
If this option is used several times, the last one will be used.
http://curl.haxx.se/docs/manpage.html#-u
请注意,您不需要 --basic标记为默认值。
关于http - 如何正确定义使用 cURL 的基本 HTTP 身份验证?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25969196/