Solved: Custom Authentication Handler for session id

mdorobek · ‎07-12-2019

Hello there,

I try to use a custom authentication handler to set a header with a session-ID I get from another REST request.
Heres my class in the authhandlers.py

class AuthHeader(AuthBase):

    def __init__(self,**args):
        self.username = args['username']
        self.password = args['password']
        self.ip = args['ip']

    def __call__(self, r):

        url = "https://" + self.ip + "/api/endeavour/session"
        session_json = requests.post(url, verify=False, auth=HTTPBasicAuth(self.username, self.password))
        session_json.json()['sessionid']
        headers = {'content-type':application/json, 'accept':application/json, 'x-endeavour-sessionid':session_json.json()['sessionid']}
        r.headers = headers
        return r

And heres my config in the GUI:

Somehow this doesnt work and I dont get any events. Can somone help me and find the mistake?

Kind regards,
mdorobek

mdorobek · ‎07-17-2019

Turns out it was a missing import. I had to import requests.

View solution in original post

mdorobek · ‎07-17-2019

Turns out it was a missing import. I had to import requests.

Damien_Dallimor · ‎07-12-2019

You'll have better luck in the BaboonBones Community Slack (you would have received a complimentary invite with your key), or you can get free access at http://www.baboonbones.com/#support

mdorobek · ‎07-17-2019

I just found a solution.

Nevertheless thank you, I received the key by a colleague and didn't know there is a community. I will try it in future if I have another question.

Custom Authentication Handler for session id

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases