1、场景
1)用户输入完网址后,浏览器直接弹出需要输入用户名/密码
PS:此时输入用户名密码即可登录,或者直接带着用户名密码访问网站。
假设url为http://xxx.yyy.zzz
用户名为admin
密码为123456
则访问的网址应该为http://admin:123456@xxx.yyy.zzz【http://username:password@url】
直接访问改网址即可
2)利用requests.get(url)返回状态码为401
# -*- encoding=utf-8 -*- import requests if __name__ == \'__main__\': url = \'http://xxxxx.yyyyyy\' response = requests.get(url=url) status_code = response.status_code print status_code text = response.text print text
运行
401
<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\">
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type=\"text/css\">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:\"trebuchet MS\", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id=\"header\"><h1>Server Error</h1></div>
<div id=\"content\">
<div class=\"content-container\"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
2、HTTP基础验证
这是一种简单的身份认证,它是通过http的authorization请求头中,携带经过base64加密的用户名和密码而实现的一种认证
# -*- encoding=utf-8 -*- import requests from requests.auth import HTTPBasicAuth if __name__ == \'__main__\': url = \'http://xxx.yyy.zzz\' user = \'admin\' password = \'123456\' response = requests.get(url=url, auth=HTTPBasicAuth(user, password)) # 或者 # response = requests.get(url=url, auth=(user, password)) print response.status_code
3、摘要式身份认证
# -*- encoding=utf-8 -*- import requests from requests.auth import HTTPDigestAuth if __name__ == \'__main__\': url = \'http://xxx.yyy.zzz\' user = \'admin\' password = \'123456\' response = requests.get(url, auth=HTTPDigestAuth(user, password)) print response.status_code
如果2和3都不行,还是返回401,此时可以试试第4种
使用2和3依旧返回401,此时可以print出response.headers看一下
# -*- encoding=utf-8 -*- import requests from requests.auth import HTTPDigestAuth if __name__ == \'__main__\': url = \'http://xxx.yyy.zzz\' user = \'admin\' password = \'123456\' response = requests.get(url, auth=HTTPDigestAuth(user, password)) print response.status_code print response.headers
运行
401
{\’Content-Length\’: \’1293\’, \’X-Powered-By\’: \’ASP.NET\’, \’Server\’: \’Microsoft-IIS/7.5\’, \’Date\’: \’Fri, 05 Jun 2020 05:36:23 GMT\’, \’Content-Type\’: \’text/html\’, \’WWW-Authenticate\’: \’Negotiate, NTLM\’}
打印后可看到headers中带有字样\’WWW-Authenticate\’: \’Negotiate, NTLM\’,表示需要ntlm验证,此时尝试使用第4种[/code]
4、ntlm验证
# -*- encoding=utf-8 -*- import requests from requests_ntlm import HttpNtlmAuth if __name__ == \'__main__\': url = \'http://xxx.yyy.zzz\' user = \'admin\' password = \'123456\' response = requests.get(url, auth=HttpNtlmAuth(user, password)) print response.status_code print response.headers
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持自学编程网。
