Basic Auth Failures

Please paste the permalink to the page in question below:

https://synthetics.newrelic.com/accounts/918250/monitors/7c32bb53-97f7-44a2-86fc-1007da7121cd

If asking about a particular script please copy your script or relevant snippet below:

Please share your question/describe your issue below. Include any screenshots that may help us understand your question:

You have a synthetic running which keeps failing because of Basic Auth failures.

we have our canary or health check URL configured like below for basic auth.
https://username:password@canaryurl

But in our health check server we see there are request where two requests are made. One is with out Basic auth and other with Basic Auth. The first request with out Authorization header always fails . Can we know how to basic a basic auth request which doesn’t fail.

@chandra.d.kasiraju I took a look at your monitor, and it appears that this may be an issue related to your application. Reviewing the errors they appear to be occurring inconsistently, and are a mixture of 401, 404, 500, and network timeout errors over the last 48 hours. If you have instrumented this application with APM you should be able to dig a bit further into these errors using the error analytics feature.

Note that with the basic auth on PING monitors, if you’re using basic auth realms this can cause issues with the authentication negotiation. If you are using this feature of basic auth, you should look into using a Simple Browser monitor as that can handle more authentication configurations.

ok . Basically there is nothing at our server end which causes the basic auth problem . we have a basic auth service at our end . Assuming switching to Simple Browse monitor fixes this i created a new monitor. For that i don’t see any way to configure the basic auth other than using specifying the URL as before .

https://username:password@canaryurl

How can i configure the basic auth in a better way for this Simple Browser monitor.

Hi @chandra.d.kasiraju - The Simple Browser monitor type is able to handle a bit more authentication configurations on the target endpoint (server-side), compared to Ping monitors. Though, you will still need to use the http://{USERNAME:PASSWORD}@{URL} URL format when configuring the Simple Browser monitor to use basic auth.

That said, are you still seeing intermittent monitor failures when using a Simple Browser monitor to target this endpoint?

Hello ,
i tried the Simple browser with the basic auth you mentioned. I still get a request which is incorrect and then corrects itself again. These are not logged in the monitor since it was able to authenticate itself , but in the service where monitor is hitting, we see lot of noise which are basically bad requests from new relic monitor. I masked the host with *** for security purpose since it is a public forum.

lvl":“eror”,“msg”:“credentials error error:credentials not provided in the correct format request:GET /eventhub/canary/status HTTP/1.1\r\nHost: ****\r\nConnection: close\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8\r\nAccept-Encoding: gzip, deflate, sdch\r\nAccept-Language: en-US,en;q=0.8\r\nConnection: close\r\nDnt: 1\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36\r\nX-Abuse-Info: Request sent by a New Relic Synthetics Monitor (https://docs.newrelic.com/docs/synthetics/new-relic-synthetics/administration/identify-synthetics-requests-your-app) - monitor id: 2512631a-b668-4942-8607-e4a1ae61be4a | account id: 918250\r\nX-Cf-Applicationid: 767685e0-06fb-4818-a761-6c4273e36446\r\nX-Cf-Instanceid: fb7da072deb64a5fad263bd27bc572fc0952a775ba15482a88184a37ce55c0a4\r\nX-Forwarded-For: 52.11.47.12, 10.128.38.9\r\nX-Forwarded-Proto: https\r\nX-Newrelic-Synthetics: PwcbWFdbCgYASEMDAghWUgUEUB5QVltaHVYKWgoVDFQEVxRRCVcABAAHVlMCBwERHEYEWwJSAARTUhtVV15RTwQGW1sVWgVUBEhcUQNVAVcGDlZUUlsaHxJWVFMFBwRXBRxUBVReTlYJVgpPAA4EBR4ADQAAAFZUVVRSVQdBZQ==\r\nX-Request-Start: 1483644370712\r\nX-Vcap-Request-Id: b6911d84-c507-4701-5a1e-842cd336899a\r\n\r\n”,“t”:“2017-01-05T19:26:10.716996031Z”}

@chandra.d.kasiraju - So if I’m understanding your question, you are seeing paired 401 and 200 http calls in your server logs when your Synthetics monitor runs and would like to configure Synthetics to not generate the initial 401 response, is that correct?

If so, I believe your only option will be to use a Script API or Script Browser type of monitor. This is unfortunately due to the behavior of Chrome where it will always attempt to make a http request without the Authorization header and then only add that header when it receives a 401 response back when doing basic authorization.

With a scripted monitor, you can instead add the header directly for a scripted Browser monitor type vs the URL encoded credentials or with the Script API monitor, there is an option sendImmediately available under the auth section of the http request configuration (see https://github.com/request/request#http-authentication for more details)

If I’ve misunderstood what you were trying to accomplish, please add some additional clarifying detail about what you are trying to accomplish via your Synthetics monitor.

Yes our problem is we are getting both 401 and 200 in our server logs. So If i use another browser for making a simple browser synthetic it will work. If yes i can remake the synthetic.

I will try the scripted browser monitor and see if that works.

var request = require(‘request’);
request.get(‘https://canaryurl’).auth(‘username’, ‘password’, true);

I created a scripted monitor with this script . But if fails with “NetworkError: Monitor produced no traffic”

what am i doing wrong ?

You used a scripted browser test to perform an API call instead of a scripted API test.

With the browser tests you would use the $browser and $driver objects.

I am new to this scripted browser example. But seems like from the above discussion i have to use that. I need a script for Basic Auth in this scripted browser.

can you please provide a simple code snippet to do that .

You can review my sample script to get an idea of how to approach this or read the documentation. There are some examples and a reference guide.

1 Like