Hi,
I have some secure websites that I would like to monitor. I can get an answer "host is alive" whether I provide credentials or not. 1) How can I make sure that I (= the test) have logged in to make sure the site is functional? It does work interactively... 2) If I check the button "Check contents" and I provide some text from the page, I always get a "bad content" reply. I cannot get this solved. Is there any logging available?
I tried for URL and HTTP as well, same result.
HM 5.66, enterprise lic. on W2K3 server, in gui. Thanks for any help.
Peter
Check contents in URL or HTTP test
Re: Check contents in URL or HTTP test
I assume, when you did not provide credentials, you were getting page with HTTP Error 401.2 "You are not authorized to view this page" or "Forbidden" or something like that. In such case status "host is alive" is correct.pvdc wrote:I have some secure websites that I would like to monitor. I can get an answer "host is alive" whether I provide credentials or not.
pvdc wrote:1) How can I make sure that I (= the test) have logged in to make sure the site is functional? It does work interactively...
There are no such log. What you see if you are trying to run this URL in web browser?
I think, problem is you have no access to that page and web server gave you foregoing pages ('not authorized' or "forbidden")pvdc wrote:2) If I check the button "Check contents" and I provide some text from the page, I always get a "bad content" reply. I cannot get this solved. Is there any logging available?
What authentification method is used on these secure websites? Basic? NT integrated?
Could you provide here one of those urls?
Regards,
Yoorix
Thanks for your quick reply!
Hi Yoorix,
1) if I don't provide any credentials, I get a page where I can input them...
Further, it is not possible to type an address of a customized page into the address bar, because it needs the credentials to define what that page should be.
2) I mean by this: can I see whether the result of a test is different if I provide incorrect credentials.
3) If you mean some kind of a login page, I agree. But there is no error or security warning.
I do have more info and URLs, but I would (should) rather not publish it. Can I provide them to you in another way?
Thanks for your help. Peter
1) if I don't provide any credentials, I get a page where I can input them...
Further, it is not possible to type an address of a customized page into the address bar, because it needs the credentials to define what that page should be.
2) I mean by this: can I see whether the result of a test is different if I provide incorrect credentials.
3) If you mean some kind of a login page, I agree. But there is no error or security warning.
I do have more info and URLs, but I would (should) rather not publish it. Can I provide them to you in another way?
Thanks for your help. Peter
Re: Thanks for your quick reply!
Ah-ha. Now I understand. You have implemented your own security(e.g cookie based) and you get page with html form you have to input credentials. Am I right? If yes, I do not think HM is able to fill HTML forms and posts them.pvdc wrote:1) if I don't provide any credentials, I get a page where I can input them...
Further, it is not possible to type an address of a customized page into the address bar, because it needs the credentials to define what that page should be.
If you provided wrong credentials, HM would show "Bad" status. But it works regarding standard authentification methosd. In your case status always will be "Host is alive".pvdc wrote:2) I mean by this: can I see whether the result of a test is different if I provide incorrect credentials.
If my guessing is right, I do not need URL. I can suggest you to check not this url exactly, but action of html form. If built-in html form uses GET method, you should compose URL using html syntax, e.g http://www.somesite.com/check_credentia ... sword=testpvdc wrote:I do have more info and URLs, but I would (should) rather not publish it. Can I provide them to you in another way?
It might help.
Regards,
Yoorix
You got it!
Hi,
1) correct
2) correct
3) correct, good hint. I'll contact our development team to verify and see if I can arrange a test.
Thanks for your help! Peter
1) correct
2) correct
3) correct, good hint. I'll contact our development team to verify and see if I can arrange a test.
Thanks for your help! Peter
If your web server uses custom made authentication, then "Password protected page" option of the test will not work. This option designed for standard web authentication.
Yoorix is right, if you are using form, you should send parameters in different way:
- use URL string to send parameters if your web form and script uses GET method
- use HTTP test method and "Post data" option if your web form uses POST method
Regards
Alex
Yoorix is right, if you are using form, you should send parameters in different way:
- use URL string to send parameters if your web form and script uses GET method
- use HTTP test method and "Post data" option if your web form uses POST method
Regards
Alex
similar page to test with
Hi,
I found an URL that works similar to the page I want to use. But I don't have a clue what the syntax of my HTTP POST test should be. Could you pls give me a hint using this url?
https://www.commvault.com/mainadv.asp?r ... /index.asp
Thanks a lot,
Peter
I found an URL that works similar to the page I want to use. But I don't have a clue what the syntax of my HTTP POST test should be. Could you pls give me a hint using this url?
https://www.commvault.com/mainadv.asp?r ... /index.asp
Thanks a lot,
Peter
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
You should set HTTP test up.
URL: https://www.commvault.com/mainadv.asp
Request: POST
Check "Folow Redirect"
Post Data: reason=denied_empty&script_name=/mainadv/index.asp&path_info=/mainadv/index.asp
Also you shoud enable "Allow per-session cookies", I suppose.
Regards,
Max
URL: https://www.commvault.com/mainadv.asp
Request: POST
Check "Folow Redirect"
Post Data: reason=denied_empty&script_name=/mainadv/index.asp&path_info=/mainadv/index.asp
Also you shoud enable "Allow per-session cookies", I suppose.
Regards,
Max
what about login confirmation?
Hi Max,
thanks for your quick answer. Next part is: can I use a userid and a password to send along (in this syntax), and than let the test decide if this combination could login, by verifying some content on the next (=login-confirmation) page?
Thanks, Peter
thanks for your quick answer. Next part is: can I use a userid and a password to send along (in this syntax), and than let the test decide if this combination could login, by verifying some content on the next (=login-confirmation) page?
Thanks, Peter
-
- Posts: 2832
- Joined: Tue May 16, 2006 4:41 am
- Contact:
Re: what about login confirmation?
I think, you should read following post http://www.ks-soft.net/cgi-bin/phpBB/vi ... t+url+httppvdc wrote:can I use a userid and a password to send along (in this syntax), and than let the test decide if this combination could login, by verifying some content on the next (=login-confirmation) page?
Regards,
Max