Search code examples
azureazure-application-insights

Azure Application Insights - availability testing with basic auth?

I am trying to setup availability testing (URL Ping Test) with Azure Application Insights on an endpoint that requires basic authentication. It seems that the standard approach with https://username:password@myendpoint.com isn't accepted by Azure (error message says that the URL is malformed and maybe I am missing https/http at the beginning).

Is there any other way to achieve this except of using multi-step web test or Azure Functions, assuming I want to stay in Azure ecosystem? :)

Solution

  • Passing the basic auth credentials in the URL has been deprecated by RFC 3986 (Here is a snippet from the RFC)

    3.2.1. User Information

    The userinfo subcomponent may consist of a user name and, optionally, scheme-specific information about how to gain authorization to access the resource. The user information, if present, is followed by a commercial at-sign ("@") that delimits it from the host.

      userinfo    = *( unreserved / pct-encoded / sub-delims / ":" )

    Use of the format "user:password" in the userinfo field is deprecated.

    The alternate would be to use the Authorization header to pass the credentials. Here is a snippet from Wikipedia (Basic Auth) on how this header is constructed.

    The Authorization field is constructed as follows:[6]

    1. The username and password are combined with a single colon. (:)
    2. The resulting string is encoded into an octet sequence.[7]
    3. The resulting string is encoded using a variant of Base64.[8]
    4. The authorization method and a space is then prepended to the encoded string, separated with a space (e.g. "Basic ").

    For example, if the browser uses Aladdin as the username and OpenSesame as the password, then the field's value is the base64-encoding of Aladdin:OpenSesame, or QWxhZGRpbjpPcGVuU2VzYW1l. Then the Authorization header will appear as:

    Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l

    You can create a Web Test file in Visual Studio Enterprise and then upload it in Application insights and use that. Refer this doc: https://learn.microsoft.com/en-us/azure/application-insights/app-insights-monitor-web-app-availability

    1. In Visual Studio Enterprise, You can create a WebTest project.
    2. Right Click on your project name and select Add Request. enter image description here
    3. Now right click on the link and select Add Header. enter image description here
    4. You can add the headers as per your requirement. enter image description here
    5. When you review the .webtest file you will see that the Headers section gets appended under Requests.
    <Request>
  <Headers>
    <Header Name="Authorization" Value="Basic QWxhZGRpbjpPcGVuU2VzYW1l" />
  </Headers>
</Request>