Category Archives: Misc - Page 2

How to use SPNEGO negotiation with Curl

1. First we need to check that we have an SPNEGO compatible Curl installed:

$ curl -V
curl 7.81.0 (x86_64-w64-mingw32) libcurl/7.81.0 OpenSSL/1.1.1m (Schannel) zlib/1.2.11 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.1 libssh2/1.10.0 nghttp2/1.46.0
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL SSPI TLS-SRP zstd

Here we can see that the SPNEGO feature is available

2. Next we need to create a credentials cache for Curl to use

kinit <username>
Password for <username>@<domain.com>: <password>

Here we create a “authentication token” and put it in a credentials cache för Curl, and any other program ie. SoapUI and others, to use. ‘username’ is the name of the user. This can be omitted, and if so the default user and domain (user that runs the command) will be used instead. The ‘kinit’ command will ask for the password associated with the user. After this has been inputed the token is created

3. After that we run Curl with the following options:

curl --negotiate -u : https://a-spnego-protected-site/data-i-want-to-access

–negotiate will trigger SPNEGO behaviour
-u is needed but is left blank. On some sites though I have had to put <domain\user> to get it to work
: should point to the SPNEGO protected resource we want to access
Curl will now use the token in the credentials cache to authenticate against the web resource

Troubleshooting commands:

klist - lists all current tokens with the expiry timestamps in the cache
kdestroy - remove a ticket from the credentials cache

Tested with Curl v7.81.0 in GitBash on a Windows 10 with Java 1.8.0_301

My default ports cheat sheet

I usually come in contact with many systems and servers that all have many different ports. Some I remember and some I don’t, so I put them here for easy access 🙂

  • DBs:
    • MySQL: 3306
    • PostgreSQL: 5432
    • MariaDB: 3306
    • Mimer SQL: 1360
    • OracleDB: 1521
    • IBM DB2: 50000
    • Pervasive SQL: 3351 (transactional)/1583 (relational)
    • SQL Server: 1433
  • Java Frameworks
    • Spring framework: 8080
    • Play! framework: 9000
  • Javascript Frameworks:
    • NextJS: 3000
    • Angular: 4200
    • Vue: 8080
  • Mule
    • HTTP Listener Configuration: 8081
  • WebMethods
    • IS: 5555
    • Diagnostics: 9999
    • MWS: 8080
  • ActiveMQ
    • AMQP: 5672
    • OpenWire: 61616
    • MQTT: 1883/8883(SSL)
    • STOMP: 61613
    • Web interface: 8161
    • WebSocket: 61614
  • IBM MQ
    • Queue Manager: 1414
    • AMQP: 5672
    • MQTT: 1883
  • Server:
    • HTTP: 80
    • HTTPS: 443
    • SSH: 22
    • FTP: 21
    • SMTP: 25 (legacy)/587
    • SMTPS: 465
  • Misc web applications
    • Webmin: 10000

Gradle: Integration/GUI test setup example with Spring and Protractor

Setting upp integration tests that depends on background process can be a challenge in Gradle. Here is one solution that I have used:

gradle.build

apply plugin: 'java'

/**
* Handle of the background process (script scope)
*/
Process backendProcess

/**
* Task to start the Spring server
*/
task beforeE2eTests {
  ProcessBuilder builder
  builder = new ProcessBuilder('./gradlew bootRun'.split(' '))
  builder.redirectErrorStream(true)

  doLast {
    println "Starting backend"
    backendProcess = builder.start()

    InputStream sto = backendProcess.getInputStream()
    BufferedReader redr = new BufferedReader(new InputStreamReader(sto))

    /**
    * To prevent Gradle to go to next task before the server has started 
    * we add a loop that finds a specific log line. When that 
    * line appears we are good to go to next task
    */
    def line
    while ((line = redr.readLine()) != null) {
      println line
      if (line.contains("Started WebApplication")) {
        println "Backend is ready"
        break;
      }
    }
  }

  finalizedBy 'afterE2eTests'
}

/**
* Task to stop the Spring server
*/
task afterE2eTests {
  doLast {
    println "Stopping backend"
    backendProcess.destroy()
  }

  mustRunAfter 'testAngularE2e'
}

/**
* Task to start E2E tests
*/
task testAngularE2e(type: Exec) {
  mustRunAfter 'beforeE2eTests'

  /**
  * Run the Protractor tests
  */
  commandLine 'node_modules/.bin/protractor', 'e2e/protractor.conf.js'
}

/**
* Main testing task
*/
testAll {
  dependsOn beforeE2eTests, testAngularE2e
}

Tested on OSX 10.15.0 and Gradle 4.10.2