Authentication Test Servers
Solution 1
To have a reliable test system, you should setup your own Apache web server. It can easily provide SSL encryption and basic/digest auth:
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html
http://httpd.apache.org/docs/current/howto/auth.html
An NTLM module is available as well:
http://modntlm.sourceforge.net/
Otherwise you could run into legal troubles for violating the terms of use for public web sites.
Solution 2
httpbin.org has public endpoints for HTTP Basic and Digest Authentication (in each example, replace :user
and :passwd
with the test values you'd like to check against - :qop
, too, for Digest):
- /basic-auth/:user/:passwd Challenges HTTPBasic Auth.
- /hidden-basic-auth/:user/:passwd 404'd BasicAuth.
- /digest-auth/:qop/:user/:passwd Challenges HTTP Digest Auth.
Each endpoint is available in both HTTP and HTTPS.
Solution 3
As an example for testing HTTP authentication:
http://www.httpwatch.com/httpgallery/authentication/authenticatedimage/default.aspx?0.7349707232788205
In order to check a successful authorization you can enter httpwatch
as the username. It doesn't matter what you enter for the password field, it just needs to be different every time.
I also put this link if the above one will not work in the future:
http://www.httpwatch.com/httpgallery/authentication/#showExample10
Chrisc
Updated on July 09, 2022Comments
-
Chrisc almost 2 years
I'm searching for examples of public HTTPS sites that use one of the following authentication types - these sites will be used as test servers for an application currently under development.
BASIC authentication
DIGEST authentication
NTLM authenticationThe test servers need to be using SSL as well as one of the above auth types. Any site suggestions? Preferably the sites should provide free accounts.
Thanks!
Chris -
Chrisc almost 13 yearsThanks Wintermute, that's what I went ahead and did. Like you said, it's the most reliable way to go.
-
lud over 10 years<same comment as above>
-
Jaime Agudo about 9 yearsBy today @heaphach comment still applies It'd be useful to be able to test all the HTTP verbs with the different auth options, not just
GET
-
steampowered almost 5 yearsThe httpbin.org "developer's website" (kennethreitz.org) links to some interesting pictures under the "humans - F" page (NSFW though)