INT21CN Computer Networks

Practical Exercises #6

  1. This is an exercise to retrieve a "Password Protected" HTML page from ironbark. It builds on the examples in the previous prac exercises.

    First using your Web browser, attempt to open the URL
    You should be presented with a username and password dialog box. The username and password for this page are no secret: they're both the string student. Type this string into each of the username and password boxes and click the "OK" button, or whatever your browser calls it. It works? Good.

  2. Now, telnet to ironbark at port 80. Then copy and paste the following HTTP request, terminated as usual by two newlines:

    GET /subjects/int21cn/test/index.html HTTP/1.0
    Scroll back up the page to view the HTTP headers. You should see an error message like "HTTP/1.1 401 Authorization Required". This means, of course, that to retrieve the page you will need to submit a valid Authorization: request header.

  3. We know the username and password for this page. We can use a Unix command-line utility to convert them to the Base-64 encoding scheme which is used by HTTP. Here's what happenned when I ran it:

    > mimeencode     
    This means that when the string student:student is Base-64 encoded, the result is c3R1ZGVudDpzdHVkZW50. So now we can create a new HTTP request. Once again, telnet to ironbark at port 80, and then send the following HTTP request (remember 2 newlines):

    GET /subjects/int21cn/test/index.html HTTP/1.0
    Authorization: Basic c3R1ZGVudDpzdHVkZW50
    Does it work? It should, it did for me.
  4. Now we're going to learn a little secret. You don't have to use telnet to fetch Web pages by typing in the bare HTTP commands. Our Unix systems provide three command-line utilities called GET, HEAD and POST (note uppercase) that we can use to exercise these protocol methods. So, for example, we could type, at the Unix command prompt:

    > GET
    200 OK
    Connection: close
    Date: Tue, 16 Mar 2004 11:14:13 GMT
    Accept-Ranges: bytes
    ETag: "89df2c-1f78-3e2de49a"
    Server: Apache/1.2.6
    Content-Length: 8056
    Content-Type: text/html
    Content-Type: text/html; charset=iso-8859-1
    Last-Modified: Mon, 2 Feb 2004 00:23:54 GMT
    Client-Date: Tue, 16 Mar 2004 11:14:18 GMT
    Client-Response-Num: 1
    Title: The Department of Information Technology at La Trobe University, Bendigo
    X-Meta-Description: Department of Information Technology Home Page
    This shows both the command typed, and the first few lines of the data returned from the server. The commandline options -es tell the GET program to print the protocol status lines and the response headers. Note that we didn't have to telnet to ironbark at port 80 -- the GET utility looked after all that for us. In fact, we could consider GET as a command-line Web browser...:-). You can, of course, substitute the word HEAD and see just the reponse headers, without the need for any commandline options and without the annoyance of having to scroll all the way back to the start to view them.

  5. You can use these commands to view protocol headers from other interesting servers. For example, the main La Trobe Web Server always sets a cookie. Try the following:

    Note the Set-cookie: header. Interesting, huh?
  6. You don't have to do this, but you can use these utilities to exercise the CGI programs discussed (and demonstrated) in the lecture. In particular, you can GET a URL which has the URL-encoded FORM data appended to the URL, exactly as described. For the PUT request you have to key (or paste) in the URL-encoded data.

La Trobe Uni Logo

Copyright 2004 by Phil Scott, La Trobe University.
Valid HTML 3.2!