webinject Login authenticate is not working

[Amit_Alone]

Hi,

I'm trying to monitor the web page using webinject. However, while performing authentication check it is not working as expected.

We are planning to monitor the multiple checks but on authentication itself it is getting failed. For now I have created the two case Id one it will check connection with the login application which is working as expected and second to check the authentication status.

Below is the testdata.xml data.

Code: Select all

<testcases repeat="1">

<case
    id="1"
    description1="Connecting to Appication"
    url="https://10.173.8.69/ngetpaid?solutionInstanceGuid=gptest"
    verifypositive="200"
    errormessage="Unable to connect to the login page of Application"
/>

<case
    id="2"
    description1="Authentication on Application"
    method="post"
    url="https://10.173.8.69/ngetpaid/#/login"
    postbody="user=MonitorUser&password=***************"
    verfypositive="MonitorUser"
    verifynegative="User unknown"
    errormessage="Unable to authenticate MonitorUser in Application"
/>

</testcases>

Could you please assist me where I'm doing incorrect.

[benjaminsmith]

HI @Amit_Alone,

I tested out that second case here and it does work. I believe there's an error in either the URL or the username/password. I would double-check those settings

On that second test case, it wouldn't hurt to just test the authentication first and then add back the verifypositive and veriftynegative to help narrow the scope.

Let us if that's the issue or not, please post any relevant error messages or screenshots.

--Benjamin

[Amit_Alone]

I'm not sure about the error in URL. However, we have ask to hit this URL https://10.173.8.69/ngetpaid?solutionIn ... uid=gptest then it's getting redirect to the URL page https://10.173.8.69/ngetpaid/#/login.

Below error message may be helpfull.

Code: Select all

[e5613751@avgdlnxvp127 webinject]$ /usr/local/nagios/libexec/check_webinject.sh GASPCRLWINVT314__Web_Transaction_config.xml -v
WebInject CRITICAL - Unable to authenticate MonitorUser in Application

Test: GASPCRLWINVT314__Web_Transaction_testdata.xml - 1
Desc: Connecting to Appication
GET Request: https://10.173.8.69/ngetpaid?solutionInstanceGuid=gptest
Passed HTTP Response Code Verification (not in error range)
Verify: '200'
Passed Positive Verification
TEST CASE PASSED
Response Time = 0.547 sec
-------------------------------------------------------
Test: GASPCRLWINVT314__Web_Transaction_testdata.xml - 2
Desc: Authentication on Application
POST Request: https://10.173.8.69/ngetpaid/#/login
Failed HTTP Response Code Verification (HTTP/1.1 405 Method Not Allowed)
Verify Negative: 'User unknown'
Passed Negative Verification
TEST CASE FAILED : Unable to authenticate MonitorUser in Application
Response Time = 0.075 sec
-------------------------------------------------------

Test Cases Run: 2
Test Cases Passed: 1
Test Cases Failed: 1
Verifications Passed: 3
Verifications Failed: 1
|time=0.669s;0;30;0;0 case1=0.547s;0;0;0;0 case2=0.075s;0;0;0;0

I have PM the testdata file request you to please assist me on the same.

[benjaminsmith]

Hi @Amit_Alone,

The output is helpful, the following error is a 405 error, which indicates the method used is known (POST) by the server but not supported.

Code: Select all

POST Request: https://10.173.8.69/ngetpaid/#/login
Failed HTTP Response Code Verification (HTTP/1.1 405 Method Not Allowed)

Please post or review the server-side logs for error messages as it will help narrow this down. Additionally, I would verify or post the web server configuration to make sure the HTTP POST method is not disabled.

--Benjamin

[Amit_Alone]

Hi Benjamin,

I went through the server log and didn't observed any suspected error in logs.

However, did you verify the cases at your end.

Thanks,
Amit

[benjaminsmith]

Hi @Amit,

I tested both cases here and they do work. Can you try running a simple post command against the address and let me know if you get a response back?

Code: Select all

curl -v -X POST https://10.173.8.69/ngetpaid/#/login

You can also try authenticating, it should prompt you for the password.

Code: Select all

curl -v -X POST -u username  https://10.173.8.69/ngetpaid/#/login

--Benjamin

[Amit_Alone]

Hi @Benjamin,

Shared command won't work with the 443 port so I have added the -k option in the cmd.

Below is the o/p of the requested cmd.

Code: Select all

[e5613751@avgdlnxvp127 ~]$ curl -k -v -X POST https://10.173.8.69/ngetpaid/#/login
* About to connect() to 10.173.8.69 port 443 (#0)
*   Trying 10.173.8.69...
* Connected to 10.173.8.69 (10.173.8.69) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
*       subject: CN=*.avantgardportal.com,OU=Corporate Liquidity and Bank Treasury,O="Fidelity National Information Services, Inc.",STREET=601 Riverside Ave,L=Jacksonville,ST=Florida,postalCode=32204,C=US
*       start date: May 12 00:00:00 2020 GMT
*       expire date: May 12 23:59:59 2022 GMT
*       common name: *.avantgardportal.com
*       issuer: CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
> POST /ngetpaid/ HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 10.173.8.69
> Accept: */*
>
< HTTP/1.1 411 Length Required
< Content-Type: text/html; charset=us-ascii
< Server: Microsoft-HTTPAPI/2.0
< Date: Fri, 11 Dec 2020 09:50:09 GMT
< Connection: close
< Content-Length: 344
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Length Required</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Length Required</h2>
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
</BODY></HTML>
* Closing connection 0

Below o/p is for password prompt.

Code: Select all

[e5613751@avgdlnxvp127 ~]$ curl -k -v -X POST -u MonitorUser  https://10.173.8.69/ngetpaid/#/login
Enter host password for user 'MonitorUser':
* About to connect() to 10.173.8.69 port 443 (#0)
*   Trying 10.173.8.69...
* Connected to 10.173.8.69 (10.173.8.69) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
*       subject: CN=*.avantgardportal.com,OU=Corporate Liquidity and Bank Treasury,O="Fidelity National Information Services, Inc.",STREET=601 Riverside Ave,L=Jacksonville,ST=Florida,postalCode=32204,C=US
*       start date: May 12 00:00:00 2020 GMT
*       expire date: May 12 23:59:59 2022 GMT
*       common name: *.avantgardportal.com
*       issuer: CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
* Server auth using Basic with user 'MonitorUser'
> POST /ngetpaid/ HTTP/1.1
> Authorization: Basic TW9uaXRvclVzZXI6TmFnaW9zUGFzcyMyNDA2
> User-Agent: curl/7.29.0
> Host: 10.173.8.69
> Accept: */*
>
< HTTP/1.1 411 Length Required
< Content-Type: text/html; charset=us-ascii
< Server: Microsoft-HTTPAPI/2.0
< Date: Fri, 11 Dec 2020 09:51:31 GMT
< Connection: close
< Content-Length: 344
<
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Length Required</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Length Required</h2>
<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>
</BODY></HTML>
* Closing connection 0

[benjaminsmith]

HI,

In the output, it's now returing a HTTP 411 error. This looks to still be an issue with the settings on this server, even thought this is not showing up in the logs.

<hr><p>HTTP Error 411. The request must be chunked or have a content length.</p>

For more about the 411 error, take a look at the following Stack Exchange post.

Why I get 411 Length required error?

Try setting the Content-Length in the curl command and see if you get a valid reply back.

Code: Select all

curl -k -v -XPOST https://10.173.8.69/ngetpaid/#/login -u MonitorUser -d "Content-Length: 0" 

Also, the following page has some details on troubleshooting the 405 error that I found helpful.
405 Method Not Allowed: What It Is and How to Fix It

[Amit_Alone]

Hi,

Below is the o/p I have received from the shared cmd. I have ask the client that POST method is not allowed by the shared URL. Till the mean is it possible that from our end we can do something.

Code: Select all

[e5613751@avgdlnxvp127 ~]$ curl -k -v -XPOST https://10.173.8.69/ngetpaid/#/login -u MonitorUser -d "Content-Length: 0"
Enter host password for user 'MonitorUser':
* About to connect() to 10.173.8.69 port 443 (#0)
*   Trying 10.173.8.69...
* Connected to 10.173.8.69 (10.173.8.69) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
*       subject: CN=*.avantgardportal.com,OU=Corporate Liquidity and Bank Treasury,O="Fidelity National Information Services, Inc.",STREET=601 Riverside Ave,L=Jacksonville,ST=Florida,postalCode=32204,C=US
*       start date: May 12 00:00:00 2020 GMT
*       expire date: May 12 23:59:59 2022 GMT
*       common name: *.avantgardportal.com
*       issuer: CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
* Server auth using Basic with user 'MonitorUser'
> POST /ngetpaid/ HTTP/1.1
> Authorization: Basic TW9uaXRvclVzZXI6TmFnaW9zUGFzcyMyNDA2
> User-Agent: curl/7.29.0
> Host: 10.173.8.69
> Accept: */*
> Content-Length: 17
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 17 out of 17 bytes
< HTTP/1.1 405 Method Not Allowed
< Content-Length: 104
< Content-Type: text/html;charset=UTF-8
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policyy: default-src 'self' 'unsafe-inline' 'unsafe-eval' media-src 'self' blob:;
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
< Content-Security-Policy: default-src blob: 'self' https://www.scoreminer.com https://www.scoreminer.com/Scoreminer/AIT1  'unsafe-inline' 'unsafe-eval';  media-src 'self' blob:; img-src 'self' blob: data: ; style-src 'self' 'unsafe-inline'  'unsafe-eval' https://fonts.gstatic.com https://fonts.googleapis.com; font-src 'self'  'unsafe-inline'  'unsafe-eval'  https://fonts.gstatic.com; frame-ancestors 'self' https://www.scoreminer.com/Scoreminer/AIT1
< Set-Cookie: ;Secure;SameSite=None
< Date: Sat, 12 Dec 2020 15:41:54 GMT
<
* Connection #0 to host 10.173.8.69 left intact
<html><head><title>Error</title></head><body>HTTP method POST is not supported by this URL</body></html>[e5613751@avgdlnxvp127 ~]$

[benjaminsmith]

Hi,

It would be very helpful to enable POST on the server and test this out. However as far as other options, there are a number of other plugins on the Nagios Exchange for checking transactions, here's the listing.

https://exchange.nagios.org/directory/P ... ansactions

Benjamin