Here's how to do http authentication with the tcl Http package:
Basic http authentication is very simple. The userid and password are sent along with every request (or url) in an encoded format. The userid and password live in the http header (this is where cookies and other nice things you don't see go).
Tcl lets you send http headers using the "-headers" option of the ::http::geturl command. Your sample geturl request might look like:
set hp [http::geturl $url -headers $]where extraHeadersList is a list of headers and their values (see the Http man page for details).
So, all you have to do is use the -headers option each time you use geturl, and put your authentication information into the list extraHeadersList.
Now, what do you put in extraHeadersList? Something like:
set extraHeadersList "Authorization {Basic gqQls2l0daE60Gq9a39sBGE=}"
Note that if you're using proxy authentication you may need to do something like:
set extraHeadersList "Proxy-Authorization {Basic gqQls2l0daE60Gq9a39sBGE=}"
The magic string that goes after 'Basic' is the userid and password
in base64 encoded format. One easy way to find it is to intercept a request
from your regular browser (netscape/ie/whatever) and see what it sends.
Another is to base64 encode your userid and password with a ":"
between them (ie. base64 encode userid:password).
To base64 encode your userid and password, use the base64.tcl package along with http_pwd_encode.tcl. To get the encoded string, call
encode_idpwd userid password
To intercept the actual request from your browser, go to the password protected page from your browser and type in your userid and password. Once you're authorized and can see the site, go to your browser's proxy settings and set the http proxy to a machine and port you control (eg. localhost:9999). Listen in on the socket you specified the proxy to be at - if you don't know how to do this copy the program below, setting the listen_port to the appropriate number, and run it from the commandline. Now reload the password protected page from your browser. Hit stop on the browser. Look at the output of the socket listener program. There you go - your encoded userid/passwd, along with other junk.
--- Socket listener program -------------------
#!/usr/local/bin/tclsh
set listen_port 9999
proc set_channel {channel_name client_address client_port} {
global ch_name
set ch_name $channel_name
}
set sp [socket -server set_channel $listen_port]
vwait ch_name
set all [read $ch_name]
puts $all
close $ch_name
close $sp
--- End of Socket listener program -------------