Kaspersky
Question

KSC 11 OpenAPI login problem


When POSTing to https://servername:13299/api/v1.0/login with the following headers:

Authorization: KSCBasic user="x", pass="x", internal="1"
Content-Type: application/json
X-KSC-VServer: x
Content-Length: 2

I get the following message back: “Authentication failure”.
The user has full admin access, and can login to the KSC MMC console.
According to the documentation the user, pass and X-KSC-VServer should all be endcoded with Base64.

12 replies

Try not to pass X-KSC-VServer. This header required only for log in to KSC virtual server.
Try not to pass X-KSC-VServer. This header required only for log in to KSC virtual server.

Thank you! It worked. Now we can try to get some information out with the API 🙂
We are having the same problem using cURL on windows for testing and cannot login. We have tried many variants and also receive an authentication failure message. The current command we are using is

curl -X POST https://hostname:13299/api/v1.0/login -H "Authorization: KSCBasic user="username", pass="password", internal="1"" -H "Content-Type: application/json" -H "Content-Length: 2" -d "{}" -k -v

The user account is a full local admin on the server and can login to the MMC console. Username and password have been Base64 encoded.

We have also tried using Postman and receive the same error message.
Hello, donkeykongjr!

In KSC "internal" user means "created in KSC". Local admin user account is an external user (i.e. Windows account, AD-account). Try pass authorization header without internal flag.
-H "Authorization: KSCBasic user="username", pass="password""
Thanks @rshumsky ,

We have already tried it without the internal field but with no internal field specified we receive a message stating that the authentication header is invalid. If we keep the internal field and set it to 0, we receive the same message.
donkeykongjr,

Can you answer two more questions:
  • Does this problem repeats in Postman while you not passing internal field?
  • Do you escape double quotation marks inside curl Authorization header?
I'm getting status 200 response on my query

@rshumsky Thanks for your assistance with this one. It appears that our documentation was incorrect and the web console was installed using a different port! Have changed the port and now can authenticate.

I too when I try to authenticate I get this error:

The authentication header is not valid


This is my script:
<?php


$ksc_server = "https://servert:13299";
$url = $ksc_server."/api/v1.0/login";

$user='user';
$password='password';
$user=base64_encode($user);
$password=base64_encode($password);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$header=array("Authorization: KSCBasic user='$user', pass='$password', internal='1'",
               "Content-Type: application/json","Content-Length: 2");
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);

echo $result=curl_exec($ch);
echo "Status Code: ". curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($result === false) {
    die('Error fetching data: ' . curl_error($ch));
}
$array=json_decode($result);
print_r($array);

curl_close($ch);
?>

Did I do something wrong in the header?

$header=array("Authorization: KSCBasic user='$user', pass='$password', internal='1'",
               "Content-Type: application/json","Content-Length: 2");

Hello, @Dirkpitt!

I’m not familiar with php but is it ok to use ‘ instead of “? Also, are you sure you need to pass “internal” flag? Are you trying to log in to KSC with internal user, not external one (AD, Windows user)?

I spent an hour today trying to figure out why I can’t login. There is incorrect code:

    'Authorization': 'KSCBasic user="' + user + '", pass="' + passw + '", internal = "1"',

And there is correct:

'Authorization': 'KSCBasic user="' + user + '", pass="' + passw + '", internal="1"',

I had spaces around ‘=’ and it was the problem.

Dirkpitt, may be your code is not working because of using ‘ instead of ” ?

Hello DmitriyL

 

thanks, but I tried with and without spaces but nothing

 

 

I tried it like this

  1. "Authorization: KSCBasic user='$user',pass='$password',internal='1'","Content-Type: application/json"
  2. "Authorization: KSCBasic user='$user',pass='$password',internal='1'"
  3. "Authorization: KSCBasic user='$user', pass='$password', internal='1'"
  4. "Authorization: KSCBasic user='$user', pass='$password'"

 

BUT I ALWAYS RECEIVE THIS ERROR

 

 

Authentication header is invalid
status Code: 401

<?php

// get cURL resource
$ch = curl_init();

// set url
curl_setopt($ch, CURLOPT_URL, 'https://you_ip:13299/api/v1.0/login');

// set method
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');

// return the transfer as a string
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

// set headers
curl_setopt($ch, CURLOPT_HTTPHEADER, [
  'Authorization: KSCBasic user="login", pass="pass"',
  ‘X-KSC-VServer: x',
]);

$response = curl_exec($ch);

// stop if fails
if (!$response) {
  die('Error: "' . curl_error($ch) . '" - Code: ' . curl_errno($ch));
}

echo 'HTTP Status Code: ' . curl_getinfo($ch, CURLINFO_HTTP_CODE) . PHP_EOL;
echo 'Response Body: ' . $response . PHP_EOL;

curl_close($ch);

 

worked…

 

also I`ll now writing client library for accessing the KSC, you can see how certain elements work.

Here

Reply / Ответить