Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

keepalive script ap-kal-httpauth

Hi,

I am trying to acheive a reliable keepalive mechanism which mimics a HTTP user authenticating with the service, but the service port is 7002.

I have looked at the above script (port 80), what do I need to do to enable this to happen under the 'service' configuration and the script itself (ie do I just need to change script to reflect port 7002 as apposed to 80 etc).

For example:

server ip address: 10.10.10.10

port: 7002

webpage: webserver/loginpage.do

Username fred, password test

regards

Mark

5 REPLIES
Bronze

Re: keepalive script ap-kal-httpauth

Hi Mark,

You need to modify the script ap-kal-httpauth in order to make this work. FTP the script off the CSS.

Go to the line: 'socket connect host ${HostName} port 80 tcp 2000' and change the port from 80 to 7002.

Upload the script on the script directory of the CSS. Then, use this config on the service:

keepalive type script ap-kal-httpauth "Hostname WebPage Username:Password"

Try it and let me know how it goes. Thanks!

Regards,

Jose Quesada.

Bronze

Re: keepalive script ap-kal-httpauth

Hi Mark,

The config on your service should look like this: keepalive type script ap-kal-httpauth "10.10.10.10 /loginpage.do fred:test"

Thanks & Regards,

Jose.

New Member

Re: keepalive script ap-kal-httpauth

Hi Jose,

Thanks again for responses.

I changed script and uploaded ok. When the script is part of the keepalive it appears to work.

However, to check authentication was working okay, I changed the username:password to something random (therefore should have failed and marked service as down), but the service is still alive. No matter what I change this value to, as long as it is in the same format ie x:y then its alive. If I omit the username:password field altogether then service is never alive (ie always down), so it appears to be looking at this field.

Have you any idea why this is?

regards

Mark

Bronze

Re: keepalive script ap-kal-httpauth

Hi Mark,

If the keepalive works regardless of the username:password you use, it means that the server is sending a positive answer to the CSS when the keepalive request is made.

If the server doesn't sends an authentication failure, then the keepalive won't fail and the CSS will maintain the service as alive.

The best way to analyze this is by taking two sniffer traces on the server, one while using the correct username:password on the keepalive and another trace with different credentials. Thanks!

Regards,

Jose.

New Member

Re: keepalive script ap-kal-httpauth

use a sniffer and see if anonymous is getting through for authentication. Normally a web browser will try to use an anonymouse access first and if your server authentication is letting it through this would be why you are still not failing. A sniffer will show this.

311
Views
0
Helpful
5
Replies
CreatePlease to create content