[checkmk-commits] mk_jolokia: added basic preemptive authentication mode

Module: check_mk Branch: master Commit: 90dee6c1c7d086305062da91f7d387e21e8c2e95 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=90dee6c1c7d086… Author: Sebastian Herbord <sh(a)mathias-kettner.de> Date: Fri Dec 4 13:41:15 2015 +0100 mk_jolokia: added basic preemptive authentication mode in this mode, the client will not wait for the server to request authentication, it will instead send its credentials with the first request --- agents/cfg_examples/jolokia.cfg | 3 +++ agents/plugins/mk_jolokia | 24 +++++++++++++++++++++++- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/agents/cfg_examples/jolokia.cfg b/agents/cfg_examples/jolokia.cfg index 75abc26..fb4ab60 100644 --- a/agents/cfg_examples/jolokia.cfg +++ b/agents/cfg_examples/jolokia.cfg @@ -30,6 +30,9 @@ # user = "monitoring" # password = None # mode = "digest" +# use "basic_preemptive" if server responds with 403 forbidden even +# though user/password are correct +# mode = "basic_preemptive" suburi = "jolokia" instance = None diff --git a/agents/plugins/mk_jolokia b/agents/plugins/mk_jolokia index ea94ab5..c36c323 100755 --- a/agents/plugins/mk_jolokia +++ b/agents/plugins/mk_jolokia @@ -24,10 +24,30 @@ # to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, # Boston, MA 02110-1301 USA. -import urllib2, sys, os, socket, pprint +import urllib2, sys, os, socket, pprint, base64 opt_debug = '--debug' in sys.argv + +class PreemptiveBasicAuthHandler(urllib2.HTTPBasicAuthHandler): + """ + sends basic authentication with the first request, + before the server even asks for it + """ + + def http_request(self, req): + url = req.get_full_url() + realm = None + user, pw = self.passwd.find_user_password(realm, url) + if pw: + raw = "%s:%s" % (user, pw) + auth = 'Basic %s' % base64.b64encode(raw).strip() + req.add_unredirected_header(self.auth_header, auth) + return req + + https_request = http_request + + def fetch_var(server, port, path, suburi, itemspec): url = "http://%s:%d/%s/%s" % (server, port, suburi, path) if opt_debug: @@ -124,6 +144,8 @@ def query_instance(inst): (inst["server"], inst["port"]), inst["user"], inst["password"]) if inst["mode"] == 'digest': authhandler = urllib2.HTTPDigestAuthHandler(passwdmngr) + elif inst["mode"] == "basic_preemptive": + authhandler = PreemptiveBasicAuthHandler(passwdmngr) else: authhandler = urllib2.HTTPBasicAuthHandler(passwdmngr) opener = urllib2.build_opener(authhandler)