Posts tagged #authentication

Clear Cookies in Postman

During a Proof-of-Concept I ran into some challenges while using Postman. I had to test certain API calls based on different user-credentials, and for some reason eveything kept working like I was the super-admin.

Turned out that the application used cookies, and after the initial authentication of the super-admin, postman used to cookie to authenticate the new sessions based on another username and password.

Thankfully, it’s possible to delete cookies in postman before running a request in the ‘Pre-request Script’.

Just add the following script in the ‘Pre-request Script’ section of the request, or Collection;

const jar = pm.cookies.jar();

jar.clear(pm.request.url, function (error) {
  // error - <Error>
});
2021-10-08.png

There’s one other setting that needs to be set, and that’s in the cookies section where you need to Whitelist the domain. Which allows Postman to interact with cookies from that domain.

2021-10-08_10-32-42.png
2021-10-08_10-33-16.png

Add the domain (or in my case the IP address) show that issued the cookie to the whitelist domains

2021-10-08_10-33-28.png

After that, the cookies can automatically be removed by the ‘Pre-request Script’, and everything would work as I intended.

Posted on October 8, 2021 by Willem and filed under Programming, Tips'n Tricks and tagged postman cookies authentication.

Configure NGINX as a Secure Reverse Proxy

NGINX (pronounced as engine-x) is a versatile (reverse) proxy service for Linux which can be used for many purposes. This post gives a relative small and easy example that I use at home for accessing insecure web services in my home. These are:

  • Domoticz
    Free and opensource Domotica software
  • SabNZBd
    Free and opensource software for downloading binaries from usenet. Available for multiple operating systems
  • Sonarr
    (former NZBDrone) is a so-called PVR (personal video recorder) for Usenet users, which checks multiple RSS feeds (also called Indexer) for new episodes of the shows you're following.

These services run on different platforms and are not protected by username/password or encryption. Something that's not done if you want to access this over the Internet.
To get secure access to these services you might want to use a VPN solution into your home, but you can also achieve this by using a reverse proxy that 'protects' these services.

I run my NGINX reverse proxy on Ubuntu Linux, but it will also run on the average Raspberry Pi.

Read more …
Posted on January 29, 2017 by Willem and filed under Internet, Security, Tips'n Tricks and tagged nginx reverse proxy ssl authentication domoticz sonarr SabNZBd.

Authentication Required While Printing on OSX 10.5.2

Since I upgraded from OSX 10.5.1 to 10.5.2 I haven't been able to use my shared printer on on my Windows server. Every job I submit gives me an error saying On Hold (Authentication Required).

There's no way that I could submit the printjob to the server from my Mac.

It seems that there is a bug in the authentication mechanism on OSX 10.5.2. If you add a (network) printer by using the System Preferences, you get to browse to find the actual printer.

Read more …
Posted on March 31, 2008 by Willem and filed under Annoying, Apple, Tips'n Tricks and tagged 10.5.2 CUPS OSX Windows printing authentication problems.