Getting a 401 from requests.get, but not when logging in via the browser.

dcwhatthe at gmail.com dcwhatthe at gmail.com
Mon Apr 20 16:56:36 EDT 2020 

On Monday, April 20, 2020 at 3:56:46 PM UTC-4, dcwh... at gmail.com wrote:
> On Monday, April 20, 2020 at 3:18:59 PM UTC-4, Eli the Bearded wrote:
> > In comp.lang.python,  dc wrote:
> > > However, one of them immediately returns a 401.  I'm using the exact
> > > same credentials to check this site, as when loggin in.
> > > 
> > > Also, interestingly, it returns the 401 right away.  I tried setting the
> > > timeout value for a ridiculously long time, but it passes the 401 return
> > > immediately.
> > 
> > The timeout presumably is how long to wait for a reply. When the
> > site replies 401 immediately, it's never even bumping up to the
> > timeout.
> > 
> > > Am I misunderstanding the meaning of the timeout parameter?
> > 
> > What do you think it is doing?
> > 
> > > The line in question is 
> > > request = requests.get(ip_s,timeout=5000, verify = False, auth
> > > =HTTPBasicAuth( user_id_s, pw_s))
> > 
> > Are you sure the site is using HTTPBasicAuth()? Because if it's not,
> > that would explain how the same credentials can fail. (It could also
> > be something else, like a site returning "401 Unauthorized" because
> > it doesn't like your User-Agent.)
> > 
> > I use "AuthType Digest" on some of my websites. It's not great, but
> > it's TONS better than basic auth, which sends passwords basically
> > in the clear.
> > 
> > https://en.wikipedia.org/wiki/Digest_access_authentication
> > 
> > In my browser, Digest authentication looks the same GUI-wise as Basic
> > authentication. The differences are all under the hood.
> > 
> > Elijah
> > ------
> > digest auth is not as well supported by clients or servers
> 
> 
> "What do you think it is doing?"
> 
> I thought the timeout was waiting for a successful connection.
> 
> 
> "Are you sure the site is using HTTPBasicAuth()? Because if it's not,
> that would explain how the same credentials can fail. (It could also
> be something else, like a site returning "401 Unauthorized" because
> it doesn't like your User-Agent.)"
> 
> Yes, that's what I'm getting.
> 
> No, I don't know if it's using Basic Authentication.  If I log in through the browser, then it pops up for an id and password.
> 
> How do I find out what type of Authentication is applicable?  
> 
> I'll go ahead and try the AuthType that you recommended, for now.
> 
> 
> Thanks and regards,

HTTPDigestAuth() was easy enough to use, same syntax.  But also, same result.  Just a 401 Unauthorized

More information about the Python-list mailing list