Forum Discussion
Dbow_21284
Nimbostratus
NimbostratusMonitor HTTP Site needing NTLM to Test for Return String
I need to come up with a monitor for an HTTP site that requires NTLM authentication to access. Basically, our developers have a specific ASPX file I want to call and test a for a return string. The ASPX file does a database call and verifies some backend stuff for the site and returns a "1-UP" if its cool. This is what I need to verify I receive. If not, mark the node down. For instance, http://something.someone.org/something.aspx
Now I have looked at some code examples and other threads and it seems most call for using an external monitor using cURL. For instance, http://devcentral.f5.com/wiki/default.aspx/AdvDesignConfig/HTTPMonitor_cURL_GETWithHostSpecificHeaders.html
I have tried to get this to work but I think I am missing something and just not understanding the code at all. I set the variables for URI == /whatsup.aspx and RECV == 1-UP as the author states. I took out the "-k" too as its not HTTPS.
Can anyone provide a code example that would achieve what I am trying to do?
This is what I did:
!/bin/sh
(c) Copyright 1996-2007 F5 Networks, Inc.
This software is confidential and may contain trade secrets that are the
property of F5 Networks, Inc. No part of the software may be disclosed
to other parties without the express written consent of F5 Networks, Inc.
It is against the law to copy the software. No part of the software may
be reproduced, transmitted, or distributed in any form or by any means,
electronic or mechanical, including photocopying, recording, or information
storage and retrieval systems, for any purpose without the express written
permission of F5 Networks, Inc. Our services are only available for legal
users of the program, for instance in the event that we extend our services
by offering the updating of files via the Internet.
@() $Id: http_monitor_cURL+GET+HostSpecificHeaders,v 1.0 2007/06/28 15:03:15 deb Exp $
(based on sample_monitor,v 1.3 2005/02/04 18:47:17 saxon)
these arguments supplied automatically for all external monitors:
$1 = IP (nnn.nnn.nnn.nnn notation)
$2 = port (decimal, host byte order)
additional command line arguments ($3 and higher) may be specified in the monitor template
This example does not expect any additional command line arguments
Name/Value pairs may also be specified in the monitor template
This example expects the following Name/Vaule pairs:
URI = the URI to request from the server
RECV = the expected response (not case sensitive)
PIDFILE="/var/run/`basename ${0}`.${NODE}_${PORT}.pid"
kill of the last instance of this monitor if hung and log current pid
if [ -f $PIDFILE ]
then
kill -9 `cat $PIDFILE` > /dev/null 2>&1
fi
echo "$$" > $PIDFILE
remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)
NODE=`echo ${1} | sed 's/::ffff://'`
PORT=${2}
set the value for the Host header based on IP
(defaults to IP address if IP doesn't match)
case "$IP" in
"10.10.185.39")
HOST="intranet.acc.org"
;;
"10.10.185.40")
HOST="intranet.acc.org"
;;
*)
HOST="$IP"
;;
esac
send request & check for expected response
curl --ntlm -v -u 'DOMAIN\username:pswd' http://${NODE}:${PORT}${URI} -H "Host: ${HOST}" | grep -i "${RECV}" 2>&1 > /dev/null
mark node UP if expected response was received
if [ $? -eq 0 ]
then
echo "UP"
fi
rm -f $PIDFILE
exit
Thank you.
Dbow
7 Replies
- What happens if you run the curl command by itself, from the CLI of your LTM? That is:
curl --ntlm -v -u 'DOMAIN\username:pswd' http://${NODE}:${PORT}${URI} -H "Host: ${HOST}"
...with the appropriate substitutions made? Does it error out? 
Dbow_21284It just goes to an empty prompt ...weird!
Attached is screen shot!- The shell is waiting for the second pair of " marks. I don't think you need one after whatsup.aspx
- Dbow_21284OK Duh .. thanks ... got this response below and I see the "1-UP" I am expecting. I get a 401 and 200 OK.
* About to connect() to intranet.acc.org port 80
* Trying 10.10.185.40... connected
* Connected to intranet.acc.org (10.10.185.40) port 80
* Server auth using NTLM with user 'ACC-INFO\ddenbow'
> GET /whatsup.aspx HTTP/1.1
> Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA=
> User-Agent: curl/7.15.3 (i686-redhat-linux-gnu) libcurl/7.15.3 OpenSSL/0.9.7l zlib/1.1.4
> Host: intranet.acc.org
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Length: 1539
< Content-Type: text/html
< Server: Microsoft-IIS/6.0
< WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAACAgACo2s6ifmDy88AAAAAAAAAAAAAAAA4AAAABQLODgAAAA8=
< MicrosoftSharePointTeamServices: 12.0.0.6305
< X-Powered-By: ASP.NET
< Date: Fri, 10 Jul 2009 21:06:54 GMT
* Ignoring the response-body
* Connection 0 to host intranet.acc.org left intact
* Issue another request to this URL: 'http://intranet.acc.org/whatsup.aspx'
* Re-using existing connection! (0) with host intranet.acc.org
* Connected to intranet.acc.org (10.10.185.40) port 80
* Server auth using NTLM with user 'ACC-INFO\ddenbow'
> GET /whatsup.aspx HTTP/1.1
> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAE8AAAAYABgAZwAAAAgACABAAAAABwAHAEgAAAAAAAAATwAAAAAAAAB/AAAAAYIAAEFDQy1JTkZPZGRlbmJvdztajC9fziKnMnZ7GmFqVp8la/GU/V5u/Oe/q2WbJHVxrSl0dao+cH/NfUWEFAW2+Q==
> User-Agent: curl/7.15.3 (i686-redhat-linux-gnu) libcurl/7.15.3 OpenSSL/0.9.7l zlib/1.1.4
> Host: intranet.acc.org
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 10 Jul 2009 21:06:54 GMT
< Server: Microsoft-IIS/6.0
< MicrosoftSharePointTeamServices: 12.0.0.6305
< X-Powered-By: ASP.NET
< X-AspNet-Version: 2.0.50727
< Set-Cookie: WSS_KeepSessionAuthenticated=80; path=/
< Cache-Control: private, max-age=0
< Expires: Thu, 25 Jun 2009 21:06:54 GMT
< Last-Modified: Fri, 10 Jul 2009 21:06:54 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 597
<br>
>> name="form1" method="post" action="whatsup.aspx" id="form1">
1-UP
Connection 0 to host intranet.acc.org left intact
* Closing connection 0 - Dbow_21284Any clues from above. It looks like it fails with the 401, then trieed another connection and gets a 200 OK.
NOt sure what this means.
THANKS in ADVANCE! 
hoolioCirrostratus
stp1978 posted a solution which worked for him to monitor a Sharepoint application:
HTTP Monitor that follows redirects
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=32&tpage=1&view=topic&postid=56552
Aaron- Dbow_21284YEs IActually referenced my code in my original post from that article. The thing I dont understand is what he is testing for.
I need to test for a certain string in my case. THus, I am lookling for guidance on the iRule code to achieve this. Even if someone could explain to me what his code is doing would be terrific!!!
Thanks
____OK WAIT I AM SORRY___ I see it does, this is different SORRY. Let me go with this. THANKS!!!!
