Check_mk 1.6.0p20 check_http basic authentication failing error 401

I have plenty of other http url’s using basic authentication working but for some reason some new URL’s im setting up dont seem to want to authenticate. I can manually hit the site and use the credentials in the pop up and it authenticates fine, but for some reason these sites give a 401. I tried formatting the user id in different ways but the plugins dont seem to like this at all. Any ideas of how to troubleshoot this?

CMK version:
check_mk 1.6.0p20
OS version:
RHEL8

Error message:
401

Output of “cmk --debug -vvn hostname”: (If it is a problem with checks or plugins)
check_mk_active-http!–pwstore=4@39@operator ‘-u’ ‘/SmartAdvisorReportingSharedUAT/home.aspx’ ‘-a’ ‘prod\operator:************’ ‘–onredirect=follow’ ‘-L’ ‘–sni’ ‘$_HOSTADDRESS_4$’

HTTP WARNING: HTTP/1.1 401 Unauthorized - 1528 bytes in 0.002 second response time

I also tried the classic nagios check_http plugin:

[plugins]$ ./check_http -v -u ‘/SmartAdvisorReportingSharedUAT/home.aspx’ ‘-a’ ‘prod\operator:password’ ‘–onredirect=follow’ ‘-L’ ‘–sni’ ‘(hostname)’
option f:4

<A HREF="http://(hostname):80/SmartAdvisorReportingSharedUAT/home.aspx" target="_blank">GET /SmartAdvisorReportingSharedUAT/home.aspx HTTP/1.0
User-Agent: check_http/v2.2 (monitoring-plugins 2.2)
Connection: close
Authorization: Basic b3BlcmF0b3JAcHJvZC5taXRjaGVsbHNtYXJ0YWR2aXNvci5jb206TTBuUDB3M3J0ckBL


http://(hostname):80/SmartAdvisorReportingSharedUAT/home.aspx is 1528 characters
STATUS: HTTP/1.1 401 Unauthorized
**** HEADER ****
Content-Type: text/html
Server: Microsoft-IIS/8.5
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Thu, 19 Jan 2023 22:54:15 GMT
Connection: close
Content-Length: 1293
**** CONTENT ****
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

HTTP WARNING: HTTP/1.1 401 Unauthorized - 1528 bytes in 0.003 second response time </A>|time=0.002582s;;;0.000000;10.000000 size=1528B;;;0

Also as a side note curl seems to have the same behavior.

OMD[node5]:~$ curl -v -u operator@prod.mitchellsmartadvisor.com:************* http://********/SmartAdvisorReportingSharedUAT/home.aspx
*   Trying 172.24.224.21...
* TCP_NODELAY set
* Connected to ******** (IP) port 80 (#0)
* Server auth using Basic with user 'operator@prod.mitchellsmartadvisor.com'
> GET /SmartAdvisorReportingSharedUAT/home.aspx HTTP/1.1
> Host: ******
> Authorization: Basic *****
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: text/html
< Server: Microsoft-IIS/8.5
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
< X-Powered-By: ASP.NET
< Date: Thu, 19 Jan 2023 23:54:27 GMT
< Content-Length: 1293
<
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>
* Connection #0 to host *****.com left intact
OMD[node5]:~$

Are you sure that this website uses HTTP basic authentication?

From the response headers it looks like it requests NTLM authentication.

That does not mean its basic auth. NTLM (as it says in your headers) is not basic auth.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.