Ask Your Question

Revision history [back]

Digest auth code logs in from non-EC2, not from EC2

RETS URL: http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
try:
    import httplib
except ImportError:
    import http.client as httplib
finally:
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

logging.basicConfig(level=logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
     resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
else:
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

Digest auth code logs in from non-EC2, not from EC2

RETS URL: http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
try:
    import httplib
except ImportError:
    import http.client as httplib
finally:
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

logging.basicConfig(level=logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
     resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
else:
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

This is related to the previous issue: http://vendorsupport.paragonrels.com/question/7558/are-there-blacklisted-ip-ranges-for-some-aws-services/

Digest auth code logs in from non-EC2, not from EC2

RETS URL: http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
try:
    import httplib
except ImportError:
    import http.client as httplib
finally:
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

logging.basicConfig(level=logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
     resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
else:
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

This is related to the previous issue: http://vendorsupport.paragonrels.com/question/7558/are-there-blacklisted-ip-ranges-for-some-aws-services/

Digest Login does not accept digest auth code logs in from non-EC2, not from EC2from proxy

RETS URL: http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
try:
    import httplib
except ImportError:
    import http.client as httplib
finally:
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

logging.basicConfig(level=logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
     resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
else:
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2, EC2 with a proxy, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

This is related to the previous issue: http://vendorsupport.paragonrels.com/question/7558/are-there-blacklisted-ip-ranges-for-some-aws-services/

Login does not accept digest auth from proxy

RETS URL: http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 User name: HOUSECANRET

I have python code that looks like this:

#!/usr/bin/env python
import logging
import os
try:
    import httplib
except ImportError:
    import http.client as httplib
finally:
    httplib.HTTPConnection.debuglevel = 2

import requests
from requests.auth import HTTPDigestAuth

logging.basicConfig(level=logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True

URL = 'http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2'
username = os.getenv('TEST_USERNAME')
password = os.getenv('TEST_PASSWORD')

if username and password:
     resp = requests.get(URL, auth=HTTPDigestAuth(username, password))
    print('Status code: {}'.format(resp.status_code))
    print('Cookies: {}'.format(resp.cookies))
    print('Headers: {}'.format(resp.headers))
    print('Content: {}'.format(resp.content))
else:
    print('Need env-vars TEST_USERNAME and TEST_PASSWORD')

I invoke from the command line like this:

TEST_USERNAME=<...> TEST_PASSWORD=<...> python paragon-test.py

When I run from my MBP, I get 200. From Amazon EC2 with a proxy, I get 401:

INFO:urllib3.connectionpool:Starting new HTTP connection (1): proxy.dev.df.housecanary.net
send: 'GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1\r\nHost: gamls-rets.paragonrels.com\r\nConnection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nUser-Agent: python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.11.1.el7.x86_64\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: Cache-Control: private
header: Content-Type: text/html
header: Expires: Mon, 01 Jan 0001 00:00:00 GMT
header: X-AspNetMvc-Version: 5.2
header: RETS-Server: RETS-Paragon/1.0
header: RETS-Version: RETS/1.7.2
header: WWW-Authenticate: Basic realm="GAMLS"
header: X-Server: A140-02
header: Date: Tue, 12 Jan 2021 01:39:36 GMT
header: Content-Length: 1293
header: X-Cache: MISS from i-0d4cd95729453d181.dev.df.housecanary.net
header: X-Cache-Lookup: MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128
header: Via: 1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)
header: Connection: keep-alive
DEBUG:urllib3.connectionpool:"GET http://gamls-rets.paragonrels.com/rets/fnisrets.aspx/GAMLS/login?rets-version=rets/1.7.2 HTTP/1.1" 401 1293
Status code: 401
Cookies: <<class 'requests.cookies.RequestsCookieJar'>[]>
Headers: {'content-length': '1293', 'via': '1.1 i-0d4cd95729453d181.dev.df.housecanary.net (squid/3.5.20)', 'x-cache': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net', 'x-aspnetmvc-version': '5.2', 'x-cache-lookup': 'MISS from i-0d4cd95729453d181.dev.df.housecanary.net:3128', 'rets-server': 'RETS-Paragon/1.0', 'expires': 'Mon, 01 Jan 0001 00:00:00 GMT', 'connection': 'keep-alive', 'rets-version': 'RETS/1.7.2', 'x-server': 'A140-02', 'cache-control': 'private', 'date': 'Tue, 12 Jan 2021 01:39:36 GMT', 'content-type': 'text/html', 'www-authenticate': 'Basic realm="GAMLS"'}

It looks to me as if the request for digest auth is actually doing basic auth but I can't see why that would be so.

This is related to the previous issue: http://vendorsupport.paragonrels.com/question/7558/are-there-blacklisted-ip-ranges-for-some-aws-services/

2021-01-12: This issue can be replicated locally by adding a forwarding header to the GET:

resp = requests.get(
    URL,
    auth=HTTPDigestAuth(username, password),
    headers={'x-forwarded-for': '10.18.112.126'},
)