CC3000 and Basic HTTP Authentication

Breakout boards, sensors, other Adafruit kits, etc.

Moderators: adafruit_support_bill, adafruit

Please be positive and constructive with your questions and comments.
Locked
User avatar
mmacdougall
 
Posts: 8
Joined: Thu Oct 31, 2013 4:25 am

CC3000 and Basic HTTP Authentication

Post by mmacdougall »

I can't seem to figure out how to get a server to authenticate me when using the CC3000. Here's the message I get:

-------------------------------------
HTTP/1.1 400 Bad Request
Date: Thu, 31 Oct 2013 07:05:25 GMT
Server: Apache
WWW-Authenticate: Basic realm="manse"
Content-Length: 358
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<p>Additionally, a 401 Authorization Required
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>
-------------------------------------

Any thoughts?

Thanks!

User avatar
adafruit_support_mike
 
Posts: 67446
Joined: Thu Feb 11, 2010 2:51 pm

Re: CC3000 and Basic HTTP Authentication

Post by adafruit_support_mike »

There are two things going on there, so we'll have to break them apart to see where the actual problem is:

First, you might have a typo or some mis-formatting in the HTTP request you sent to the server. Second, you have browser-based password protection for the page in question, so you'll need to send username and password information along with the page request.

Post a copy of the request you're sending the server (replace the username/password with #s or something), and we'll see what we can find.

User avatar
mmacdougall
 
Posts: 8
Joined: Thu Oct 31, 2013 4:25 am

Re: CC3000 and Basic HTTP Authentication

Post by mmacdougall »

Apologies for not having enough information. The main issue is that I can't figure out how to send a username/password.
I'm using a barely-modified version of the adafruit WebClient example. Here's the relevant part (I think):

Adafruit_CC3000_Client www = cc3000.connectTCP(ip, 80);
if (http://www.connected()) {
http://www.fastrprint(F("GET "));
http://www.fastrprint(WEBPAGE);
http://www.fastrprint(F(" HTTP/1.0\r\n"));
http://www.fastrprint(F("Host: ")); http://www.fastrprint(WEBSITE); http://www.fastrprint(F("\n"));
http://www.fastrprint(F("Connection: close\n"));
http://www.fastrprint(F("\n"));
http://www.println();
} else {
Serial.println(F("Connection failed"));
return;
}

Thanks again!

User avatar
adafruit_support_mike
 
Posts: 67446
Joined: Thu Feb 11, 2010 2:51 pm

Re: CC3000 and Basic HTTP Authentication

Post by adafruit_support_mike »

Hmm.. did the forum software add all those 'http://'s? The code that appears above shouldn't even compile. If so, wrapping your code in CODE tags will preserve the original text and formatting.

What values do you have defined for the 'WEBPAGE' and 'WEBSITE' macros?

User avatar
mmacdougall
 
Posts: 8
Joined: Thu Oct 31, 2013 4:25 am

Re: CC3000 and Basic HTTP Authentication

Post by mmacdougall »

Yah, looks like the forum added those http:// 's. They're not there in the code I'm using. I really am using nearly unedited Adafruit code.
Last edited by mmacdougall on Wed Mar 26, 2014 8:06 pm, edited 1 time in total.

User avatar
tdicola
 
Posts: 1074
Joined: Thu Oct 17, 2013 9:11 pm

Re: CC3000 and Basic HTTP Authentication

Post by tdicola »

Check that your header lines end in \r\n and not just \n--the HTTP specs needs both the carriage return and newline (in that order). The very last line should be a \r\n and not just \n too. That should get you past the 400 bad request response (since the server likely sees the request as malformed without the carriage returns).

One thing you might run into next is getting a 401 not authorized response back. I mention this because the response has a WWW-Authenticate header (WWW-Authenticate: Basic realm="manse") which is a signal that you need to authenticate the request to continue. Take a look at this info on HTTP basic authentication to see what you need to do: http://en.wikipedia.org/wiki/Basic_acce ... entication It looks like you'll just need to concatenate the username, colon, password and then base64 encode the results and send in an Authorization header. The SendTweet CC3000 example does some base64 encoding when sending hashes so you might grab that as a quick and dirty base64 encoding snippet (although IIRC the SendTweet example assumes a fixed length of string to encode, so you might need to tweak it a bit--I'd be surprised if there wasn't a more general base64 encoding arduino library around somewhere that you could use instead too).

edit: Actually if you know your username and password won't change, you could just do the base64 encoding manually outside the Arduino sketch once and hardcode the result into the headers you send.

In general be careful with HTTP basic authentication if this is something you're exposing to the public internet. Anyone who sniffs the network traffic will see the authentication token and can use it directly to make authenticated calls against the website. I noticed from the URL it looks like you have a service to control a hot tub, so you probably don't want someone maliciously controlling the water temp--could make for a very annoying evening in the tub or worse!

User avatar
mmacdougall
 
Posts: 8
Joined: Thu Oct 31, 2013 4:25 am

Re: CC3000 and Basic HTTP Authentication

Post by mmacdougall »

Thanks so much, that worked perfectly!

Locked
Please be positive and constructive with your questions and comments.

Return to “Other Products from Adafruit”