LabVIEW

cancel
Showing results for 
Search instead for 
Did you mean: 

Use LabVIEW to login username and password into device IP webpage login prompt

I have a device that has an assigned IP address that is controlled from a web interface by entering http://IPAddress into my web browser. I need to be able to control this device from LabView rather than from the web interface. I have it set up to where I can control the device by sending commands to the device using a TCP connection, but only if I first go to the web interface and manually enter my user name and password into the log in promt.
 
Does anyone know how I might set Labview up to have it enter my username and password? Do I have to set it up before I establish the TCP connection or after? Any help would be greatly appreciated. Thanks!
 
Paul 
0 Kudos
Message 1 of 16
(9,155 Views)

Hi Paul,

you wrote that you can send commands over TCP/IP. Do you use the http protocol for that? If yes, then you can simulate the user name and password login by sending the right http command for that. here are the two protocol desciptions: http://tools.ietf.org/html/rfc1945; http://tools.ietf.org/html/rfc2616. You have to transfer the password "Base64-coded". You have to create first the connection to the target and then send the login commands.

Mike

0 Kudos
Message 2 of 16
(9,138 Views)

Hi Paul,

I have had that problem many times before.  There are a number of different ways a web page might require your login. 

The 2 main methods are where the page will cause your browser to pop open a standard internet explorer password box or the page will have a custom form within its html.

If its an internet explorer style password box this is triggered as the first time you request the page the server actually returns a “403-not authorised” error, this stimulates internet explorer to pop open the password box and when you click ok it re-requests the page with another line in the header:

"Authorization: Basic :user:password(base64)"

I guess if you always just sent that header on each request it will probably work.

If it’s a customised HTML form you will need to look at the html, look at the field names and whether the return method is GET of POST and return the data the same way.

With both of these types of web login its normal for them to return a cookie - which is just a string in the header, they will expect this to be sent back in the header on each subsequent page request so they still know who you are. 

However you say your device just works after you have logged in using internet explorer so it sounds like its tracking your IP address rather than using cookies

I have found it easier in the past to use a command line call to wget rather than try to do it myself. – this will work very well for you if it is just using your IP address

http://www.gnu.org/software/wget/

You can easily call this using a system exec in labview.

You can also "cheat" - use wireshark to capture whatever internet explorer is sending and just send the same 🙂 - works 95% of the time as long as there is no challenge/ response type authentication.

http://www.wireshark.org/

Hope this helps.

Peter

http://www.gnu.org/software/wget/

you can also "cheat" - use wireshark to capture wahtever internet explorer is sending and just send the same 🙂 - works 95% of teh time as long as tehr eis no challenge responce type authentication.

Hope this helps.

Peter

 

0 Kudos
Message 3 of 16
(9,126 Views)
Thanks petere,
 
I think I am close but still not quite there. Just to clarify, the webpage that is accessed to control the device I am sending commands too, opens a password box (it is not a custom form in the HTML), and then once the username and password are entered it opens the main page......as shown in the 2 attached images.
 
Right now I am using the TCP Communicator Passive.vi that is found in the labview examples. I have attached that also. So I enter the IP address of the device, a TCP connection is made, and then commands can be sent to the device and the responses can be seen.
 
As I said before, I have the commands to send to the device to get it to do what I want (I had used wireshark to find these). I can manually open the webpage and enter my username and password, and then sending the commands to the device works correctly. My problem is still that I need to be able to enter the username and password from labview.....hopefully by just sending a command through this TCP communicator.
 
I am getting the "403-not authorized" error when I try to request the page. It seems like sending the "Authorization: Basic: user:password" should work but I am not sure how to do that exactly. The format for the commands that are used to communicate with the device is "GET /xxxxxxxx" like this "GET /remsw1.htm".
 
So my question now is this, what is the proper way to send the header with the user name and password? Also, do I need to send the username and password as text or do I need to send it as hex or something? If I can just get this figured out then I will be in buisness.
 
Thanks for any help, Sorry if the answer to this problem should be obvious, I am fairly new to LabVIEW and this is my first time working with TCP. Thanks!
 
 
Download All
0 Kudos
Message 4 of 16
(9,094 Views)

Hi pessen,

i think a good way to know how to send the commands to your target is to monitor the data with Wireshark. There are different ways for http authentication. Here is a link for one: http://tools.ietf.org/html/rfc2617.

Mike



Message Edited by MikeS81 on 02-12-2008 11:52 AM
0 Kudos
Message 5 of 16
(9,091 Views)

Hi pessen,

here is a vi with which you can receive the data which was send to you after a GET command. At the moment it receives only the Header. Maybe it helps you.

Mike



Message Edited by MikeS81 on 02-12-2008 12:13 PM
0 Kudos
Message 6 of 16
(9,085 Views)
I actually am using wireshark to see what is being sent and recieved. For example, wireshark shows that the command tell my device (a Power Distribution Unit) to turn outlets 1, 2, 3 on is  "GET /uswrem.cgi?tp=0&osw=1&osw=2&osw=3&sbt=Apply". Wireshark shows this:
 
"GET /uswrem.cgi?tp=0&osw=1&osw=2&sbt=Apply HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
-------: ----:------------------------------
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host: 134.253.34.3 80
Connection: Keep-Alive
Authorization: Basic Y3liZXI6Y3liZXI="
 
When I manually enter my username and password to log in wireshark shows this:
 
"GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host: 134.253.34.3
Connection: Keep-Alive
Authorization: Basic Y3liZXI6Y3liZXI=
  Credentials: xxxx:yyyy"                ----- where xxxx & yyyy represent the username and password
 
In the link that MikeS81 sent it says,
 "A user agent that wishes to authenticate itself with an origin server--usually, but not necessarily, after receiving a 401 (Unauthorized)--MAY do so by including an Authorization header field with the request." But I didn't see where it specified how to send the header with a request.
 
So somehow I believe I need to send the "GET /" command and attach the header for the Authorization. I have tried several different things but none of them work as of yet. Does anyone konw how to send headers with a request? Thanks,
 
 
 
0 Kudos
Message 7 of 16
(9,081 Views)


pessen wrote:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host: 134.253.34.3 80
Connection: Keep-Alive
Authorization: Basic Y3liZXI6Y3liZXI="
 
When I manually enter my username and password to log in wireshark shows this:

Authorization: Basic Y3liZXI6Y3liZXI=
  Credentials: xxxx:yyyy"                ----- where xxxx & yyyy represent the username and password


Hi pessen,
as far as i know is this string "Authorization: Basic Y3liZXI6Y2liZXI=" the password and the username base 64 coded. "Y3liZXI6Y2liZXI=" = "User:Password". What is Credentials in your manual written command?
Mike
0 Kudos
Message 8 of 16
(9,075 Views)
I believe you are correct in regards to the "Authorization..." with the username:password part being base 64 coded. Right now the password and username and password on the device are defaulted to "cyber". I tried several combinations using the GET / command such as:
 
GET / Authorization: Basic Y3liZXI6Y3liZXI=
GET / WWW-Authorization: Basic Y3liZXI6Y3liZXI=
GET / Y3liZXI6Y3liZXI
GET / cyber:cyber
GET / cyber:cyber=
 
But all I am getting is the 401 Unauthorized response... i.e: "HTTP/1.0 401 Unauthorized WWW-Authenticate: Basic realm="CyberPower Power Manager System"
0 Kudos
Message 9 of 16
(9,069 Views)
I have the data I need to send to the device (Authorization: Basic Y3liZXI6Y3liZXI=) but I am not sure how to send it or in what format.
0 Kudos
Message 10 of 16
(9,066 Views)