Home > Articles > Programming

Automating HTTP Authentication with Scripting

  • Print
  • + Share This
Network appliances (routers, wireless access points, and more) exist on almost every network, commercial and home alike. For ease of use, these devices have a built-in web interface; for security's sake, that interface is protected by a password. To write a script that can deal with the password and automate changes on the device, you have to understand the basics of HTTP and how to send HTTP-Auth headers. Steve Schafer teaches just that in this, the first of a two-part series.

Editor's Note: Read Part 2 of this series here.
Like this article? We recommend

Like this article? We recommend

The Problem with HTTP Headers

Network appliances—such as broadband routers, wireless access points, and network-attached storage adapters—are ubiquitous in today’s home network. In my network, as an example, I have all three types of appliances:

  • A broadband router connects my consumer DSL line to my home network.
  • A separate access point serves up the wireless connectivity.
  • A network-attached storage (NAS) adapter provides the machines on the network with ample backup and archive storage space.

Each of these devices provides a web-enabled control and configuration interface (as shown in Figure 1) that makes setting up and administering the device quite easy.

Figure 1

Figure 1 Web configuration screen for a Netgear wireless access point.

The internal web server that provides the web interface is fairly basic, but behaves almost exactly like any other web server on the Internet. (In fact, most of the devices use the Apache server for their web services.)

Thankfully, such devices also make use of HTTP authentication (HTTP-Auth) to protect their interfaces from uninvited guests. HTTP-Auth provides a simple, yet effective username-and-password authentication scheme to keep out intruders. For example, when first connecting to my Netgear access point, I’m greeted with the dialog box shown in Figure 2.

Figure 2

Figure 2 The standard HTTP-Auth dialog box.

However, sometimes the HTTP-Auth protection can get in the way, such as when you try to script a configuration or control utility in order to access a device through its web interface.

  • + Share This
  • 🔖 Save To Your Account