Mechanize users - Sep 2011 - Mechanize authentication

Hello,
I''m trying to access authenticated web using mechanize 2.0.1.
Hopefully, Im not mistaken somewhere else, Im not really an IT expert,
so I''ll be verbose, just to be sure.

I was able to break through what I believe is BASIC AUTHENTICATON with
this code:
require "rubygems"
require ''mechanize''
agent = Mechanize.new
agent.basic_auth(''admin:'', ''kloktat5x'')
agent.get(''http://10.0.0.138:8080/'')

it''s accessing my router administration and it works fine.
Where I have problems is with web-based or cookie-based
authentication, it is this kind where you enter your usename and
password into a html form and hit some process or submit button.

Well, my code is this:
(please mind confidentiality of my personal information and be so kind
and do not misuse it)

require ''rubygems''
require ''logger''
require ''mechanize''

agent = Mechanize.new {|a| a.log = Logger.new(STDERR) }
#agent.set_proxy(''a-proxy'', ''8080'')
page = agent.get ''http://www.hofyland.cz/''


form = page.forms.first
form.hlnick = ''skurt''
form.hlpsw = ''sptnkn34''

page = agent.submit form

output = File.open("output.html", "w") { |file|  file
<< page.body }

and you can try what the output.html will look like afterwards, It''ll
be body of the login page - the script doesnt authenticate against the
web, it simply reloads the page and saves the body.

Is someone who have similar experiences, who may be able to solve this
kind of problem out there?

With my best regars
Jan Kadera

Hey Jan,

This isn''t an answer, but you should know this is a public mailing list
that anyone can subscribe to. You just sent your password out to the world --
you should change it as soon as possible.


On Sep 17, 2011, at 2:01 AM, Skurt <skurt.holding at gmail.com> wrote:
> Hello,
> I''m trying to access authenticated web using mechanize 2.0.1.
> Hopefully, Im not mistaken somewhere else, Im not really an IT expert,
> so I''ll be verbose, just to be sure.
> 
> I was able to break through what I believe is BASIC AUTHENTICATON with
> this code:
> require "rubygems"
> require ''mechanize''
> agent = Mechanize.new
> agent.basic_auth(''admin:'', ''kloktat5x'')
> agent.get(''http://10.0.0.138:8080/'')
> 
> it''s accessing my router administration and it works fine.
> Where I have problems is with web-based or cookie-based
> authentication, it is this kind where you enter your usename and
> password into a html form and hit some process or submit button.
> 
> Well, my code is this:
> (please mind confidentiality of my personal information and be so kind
> and do not misuse it)
> 
> require ''rubygems''
> require ''logger''
> require ''mechanize''
> 
> agent = Mechanize.new {|a| a.log = Logger.new(STDERR) }
> #agent.set_proxy(''a-proxy'', ''8080'')
> page = agent.get ''http://www.hofyland.cz/''
> 
> 
> form = page.forms.first
> form.hlnick = ''skurt''
> form.hlpsw = ''sptnkn34''
> 
> page = agent.submit form
> 
> output = File.open("output.html", "w") { |file|  file
<< page.body }
> 
> and you can try what the output.html will look like afterwards,
It''ll
> be body of the login page - the script doesnt authenticate against the
> web, it simply reloads the page and saves the body.
> 
> Is someone who have similar experiences, who may be able to solve this
> kind of problem out there?
> 
> With my best regars
> Jan Kadera
> _______________________________________________
> Mechanize-users mailing list
> Mechanize-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mechanize-users

I know, thats why I chosed to send you my password to a page I don''t
mind the security of that much.
And hopefully someone will help soon and Ill be able to change it :)

Best regards
Jan Kadera


2011/9/18 James Harrison <oscartheduck at
gmail.com>:
> Hey Jan,
>
> This isn''t an answer, but you should know this is a public mailing
list that anyone can subscribe to. You just sent your password out to the world
-- you should change it as soon as possible.
>
>
> On Sep 17, 2011, at 2:01 AM, Skurt <skurt.holding at gmail.com>
wrote:
>
>> Hello,
>> I''m trying to access authenticated web using mechanize 2.0.1.
>> Hopefully, Im not mistaken somewhere else, Im not really an IT expert,
>> so I''ll be verbose, just to be sure.
>>
>> I was able to break through what I believe is BASIC AUTHENTICATON with
>> this code:
>> require "rubygems"
>> require ''mechanize''
>> agent = Mechanize.new
>> agent.basic_auth(''admin:'',
''kloktat5x'')
>> agent.get(''http://10.0.0.138:8080/'')
>>
>> it''s accessing my router administration and it works fine.
>> Where I have problems is with web-based or cookie-based
>> authentication, it is this kind where you enter your usename and
>> password into a html form and hit some process or submit button.
>>
>> Well, my code is this:
>> (please mind confidentiality of my personal information and be so kind
>> and do not misuse it)
>>
>> require ''rubygems''
>> require ''logger''
>> require ''mechanize''
>>
>> agent = Mechanize.new {|a| a.log = Logger.new(STDERR) }
>> #agent.set_proxy(''a-proxy'', ''8080'')
>> page = agent.get ''http://www.hofyland.cz/''
>>
>>
>> form = page.forms.first
>> form.hlnick = ''skurt''
>> form.hlpsw = ''sptnkn34''
>>
>> page = agent.submit form
>>
>> output = File.open("output.html", "w") { |file|
?file << page.body }
>>
>> and you can try what the output.html will look like afterwards,
It''ll
>> be body of the login page - the script doesnt authenticate against the
>> web, it simply reloads the page and saves the body.
>>
>> Is someone who have similar experiences, who may be able to solve this
>> kind of problem out there?
>>
>> With my best regars
>> Jan Kadera
>> _______________________________________________
>> Mechanize-users mailing list
>> Mechanize-users at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/mechanize-users
> _______________________________________________
> Mechanize-users mailing list
> Mechanize-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mechanize-users
>


-- 
S p??n?m p?kn?ho dne
Jan Kadera

I figured one thing. What I'' trying to authenticate against is session
based authentication (requiring cookies if I''m not mistaken), can this
be where I''m failing. Am I supposed to managing cookies with mechanize
somehow?

My best regards
Jan Kadera


2011/9/18 Skurt <skurt.holding at gmail.com>:
> I know, thats why I chosed to send you my password to a page I
don''t
> mind the security of that much.
> And hopefully someone will help soon and Ill be able to change it :)
>
> Best regards
> Jan Kadera
>
>
> 2011/9/18 James Harrison <oscartheduck at gmail.com>:
>> Hey Jan,
>>
>> This isn''t an answer, but you should know this is a public
mailing list that anyone can subscribe to. You just sent your password out to
the world -- you should change it as soon as possible.
>>
>>
>> On Sep 17, 2011, at 2:01 AM, Skurt <skurt.holding at gmail.com>
wrote:
>>
>>> Hello,
>>> I''m trying to access authenticated web using mechanize
2.0.1.
>>> Hopefully, Im not mistaken somewhere else, Im not really an IT
expert,
>>> so I''ll be verbose, just to be sure.
>>>
>>> I was able to break through what I believe is BASIC AUTHENTICATON
with
>>> this code:
>>> require "rubygems"
>>> require ''mechanize''
>>> agent = Mechanize.new
>>> agent.basic_auth(''admin:'',
''kloktat5x'')
>>> agent.get(''http://10.0.0.138:8080/'')
>>>
>>> it''s accessing my router administration and it works fine.
>>> Where I have problems is with web-based or cookie-based
>>> authentication, it is this kind where you enter your usename and
>>> password into a html form and hit some process or submit button.
>>>
>>> Well, my code is this:
>>> (please mind confidentiality of my personal information and be so
kind
>>> and do not misuse it)
>>>
>>> require ''rubygems''
>>> require ''logger''
>>> require ''mechanize''
>>>
>>> agent = Mechanize.new {|a| a.log = Logger.new(STDERR) }
>>> #agent.set_proxy(''a-proxy'',
''8080'')
>>> page = agent.get ''http://www.hofyland.cz/''
>>>
>>>
>>> form = page.forms.first
>>> form.hlnick = ''skurt''
>>> form.hlpsw = ''sptnkn34''
>>>
>>> page = agent.submit form
>>>
>>> output = File.open("output.html", "w") { |file|
?file << page.body }
>>>
>>> and you can try what the output.html will look like afterwards,
It''ll
>>> be body of the login page - the script doesnt authenticate against
the
>>> web, it simply reloads the page and saves the body.
>>>
>>> Is someone who have similar experiences, who may be able to solve
this
>>> kind of problem out there?
>>>
>>> With my best regars
>>> Jan Kadera
>>> _______________________________________________
>>> Mechanize-users mailing list
>>> Mechanize-users at rubyforge.org
>>> http://rubyforge.org/mailman/listinfo/mechanize-users
>> _______________________________________________
>> Mechanize-users mailing list
>> Mechanize-users at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/mechanize-users
>>
>
>
>
> --
> S p??n?m p?kn?ho dne
> Jan Kadera
>


-- 
S p??n?m p?kn?ho dne
Jan Kadera