Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

check_http return 401 UNAUTHORIZED basic auth

https://support.nagios.com/forum/viewtopic.php?t=34141

Page 1 of 1

check_http return 401 UNAUTHORIZED basic auth

Posted: Tue Aug 11, 2015 2:37 pm
by brdr
Hello,

I'm using the standard check_http plugin on Nagiox XI 2014R2.7 against a site with SSL. I've have tried many different variations of parameters from the command line (wasting lots of time) using the plugin with no luck, and could certainly welcome any suggestions. :D

The site uses TLS (--ssl=1), and searches for specific text with basic authentication (-a). Note, when I don't use the search it still returns 401. I have used 'openssl s_client connect' and successfully connect but when I use 'GET /url' i get 401. Question, have you encountered an issue with this plugin when passing meta characters that exist in the passwd? We have ipMonitor (Solarwinds) running the check just fine but can't figure out how to make this plugin succeed.

Code: Select all

# ./check_http -H x.x.x.x -u /url -f ok -p 443 --ssl=1 -a user:passwd -s "SEARCH TEXT" -v

GET /ipMonitor/Home.aspx HTTP/1.1
User-Agent: check_http/v2.0.3 (nagios-plugins 2.0.3)
Connection: close
Host: x.x.x.x=
Accept: */*
Authorization: Basic dixkeyhafdfdfilm/


https:/x.x.x.x:443/url is 551 characters
STATUS: HTTP/1.1 401 Unauthorized
**** HEADER ****
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.5
SPRequestGuid: 0e03239d-f32e-40c7-ad10-7fdddddd4b9b
request-id: 0e03239d-f32e-40c7-ad10-7sdsddsfdf4b9b
X-FRAME-OPTIONS: SAMEORIGIN
SPRequestDuration: 2
SPIisLatency: 0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 15.0.0.4569
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
Date: Tue, 11 Aug 2015 18:27:05 GMT
Connection: close
Content-Length: 16
**** CONTENT ****
401 UNAUTHORIZED
HTTP CRITICAL: HTTP/1.1 401 Unauthorized - string 'SEARCH TEXT' not found on 'https://x.x.x.x/url' - 551 bytes in 0.012 second response time |time=0.012349s;;;0.000000 size=551B;;;0

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Tue Aug 11, 2015 7:23 pm
by tmcdonald
Does it actually say Host: x.x.x.x= in the first part of the output?

Have you tried with -I instead of -H?

What meta-characters are in the password?

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Wed Aug 12, 2015 6:16 am
by brdr
I masked the IP in the post as x.x.x.x. No, it is not he IP. I've tried variations of -H and -I. THe metacharacters in the passwd are / and ?

Thx

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Wed Aug 12, 2015 9:52 am
by tgriep
Try putting the username:password in double quotes like this and see if that works for you.

Code: Select all

-a "username:password"

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Wed Aug 12, 2015 10:16 am
by brdr
yeah, thx. I tried quotes around user:pwd as well as quotes around URL. Does 'openssl s_client -connect IP:443' have a way to pass in the user:pwd. I know the user and passwd works because if I remote into the server, with user:pwd, it works fine when I access the URL from there.

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Wed Aug 12, 2015 4:08 pm
by hsmith
brdr wrote:yeah, thx. I tried quotes around user:pwd as well as quotes around URL. Does 'openssl s_client -connect IP:443' have a way to pass in the user:pwd. I know the user and passwd works because if I remote into the server, with user:pwd, it works fine when I access the URL from there.
This is a sharepoint site, correct?

I found a plugin here if that is the case. Doing some searching around, it sounds like sharepoint has some issues with basic auth.

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Thu Aug 13, 2015 12:16 pm
by brdr
Thx hsmith. I also came across this yesterday as well. I've not tried it yet, was reluctant because it says doesn't support Sharepoint 2013 yet. Yes, it is sharepoint :-). I agree it has everything to do with authentication as we have no issue using the plugin against internal sites that don't require authenitication. I'm aslo workig with mweber in attempt to use 'curl' as well.

Will let you know what I find. Thx again.

Re: check_http return 401 UNAUTHORIZED basic auth

Posted: Thu Aug 13, 2015 12:20 pm
by hsmith
brdr wrote:Thx hsmith. I also came across this yesterday as well. I've not tried it yet, was reluctant because it says doesn't support Sharepoint 2013 yet. Yes, it is sharepoint :-). I agree it has everything to do with authentication as we have no issue using the plugin against internal sites that don't require authenitication. I'm aslo workig with mweber in attempt to use 'curl' as well.

Will let you know what I find. Thx again.
Thanks for the reply! Let us know, so we can figure out what to do with this in the future. Sharepoint is a pretty popular product, and it would be nice to have a proper solution!
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited