Using cURL to Automate ServiceDesk Plus Authentication

Objective

  
Use command line program cURL to successfully login to Manage Engine ServiceDesk Plus

Why? This opens the doors for automation!  My team has utilized this to automate tasks like password resets across multiple Active Directory Domains and to reset Linux passwords.

The longer a password reset ticket sits in your queue, the less work the end user is getting done, this effects Project Timelines and overall company profitability.  If you do one thing, you should automate password resets!

Required Tools

 

  1. cURL Application

    • Mac/Linux – Comes with the Operating System
    • Windows – Download directly from the Homepage
  • HTTP Protocol Analyzer (I Recommend Charles or Firebug)

    • LiveHTTPHeaders An extremely useful tool that allows you to track ALL incoming and outgoin HTTP headers when you’re using Mozilla, Firefox or Netscape.
    • Wireshark Network analyzer deluxe. When “curl –trace” and LiveHTTPHeaders just ain’t enough.
    • tcpdump The original network analyzer. Powerful and command-line driven.
    • Charles HTTP monitor (Windows/Mac 30 day trial)
    • Firebug HTTP Monitor (Firefox/Chrome Add-on, free)

    Crafting the cURL Command

      
    This section will detail how to craft the cURL command to login to Manage Engine Service Desk Plus

    Variables that you must change

      
    For the purposes of this demonstration I am using the following URL/username/password (you will need to change based on your environment):

    • URL: https://servicedesk.example.com/
    • Username: user1
    • Password: Password1

    Record Your Login to Service Desk

      
    At this point you will need to fire up whatever tool you are using to capture the HTTP POST request your browser sent to Manage Engine Service Desk Plus.

    What are you looking for?

    Rows Explained:

    1.  200 GET servicedesk.example.com on PATH /  (Your initial request to load your Service Desk Website)
    2. 302 POST servicedesk.example.com  on PATH /j_security_check (This is your recorded login to the Service Desk Website)

    A text version can be seen below (highlighted in red are variables you need to change):

    POST /j_security_check HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Referer: https://servicedesk.example.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Content-Type: application/x-www-form-urlencoded
    Accept-Encoding: gzip, deflate
    Host: servicedesk.example.com
    Content-Length: 267
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: JSESSIONID=4E10E8247B182D885A8E92F66A476F0A; 382RequestsshowThreadedReq=showThreadedReqshow; 382RequestshideThreadedReq=hideThreadedReqhide; [object]=hide; itassetslinks=show; nonitassetslinks=hide; Components=hide; viewlinks=hide; Softwarediv=hide; 382Adminhelpexp=helpexpshow; 382Adminhelpcoll=helpcollhide
    Pragma: no-cache
    j_username=user1&j_password=Password1&domain=LDAP&LDAPEnable=true&hidden=Select+a+Domain&hidden=For+Domain&AdEnable=false&DomainCount=0&LocalAuth=No&LocalAuthWithDomain=No&dynamicUserAddition_status=false&localAuthEnable=true&logonDomainName=-1&loginButton=Login

    Build the cURL request

      
    Sample cURL request to login to Manage Engine Service Desk Pro (the text after the -d parameter may be different based on how your app is authenticating, refer to output from previous section):

    curl -k -v -c cookies -b cookies -L --referer "https://servicedesk.example.com/" -A "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)" -d "j_username=user1&j_password=Password1&domain=LDAP&LDAPEnable=true&hidden=Select+a+Domain&hidden=For+Domain&AdEnable=false&DomainCount=0&LocalAuth=No&LocalAuthWithDomain=No&dynamicUserAddition_status=false&localAuthEnable=true&logonDomainName=-1&loginButton=Login" https://servicedesk.example.com/j_security_check

    Sample Output From Valid cURL Login Request

      

    Problems?

      
    Q: What if you are getting a response like this?

    HTTP/1.1 400 Invalid direct reference to form login page
    Set-Cookie: JSESSIONID=F7CF9A95F340134A69457A8D082F0363; Path=/; Secure
    Content-Type: text/html;charset=utf-8
    Content-Length: 1062
    Date: Thu, 10 May 2012 18:42:46 GMT
    Server: Apache-Coyote/1.1
    Connection: close
    Expires: 0
    Cache-Control: no-cache
    - - Error report 

    HTTP Status 400 - Invalid direct reference to form login page


    type Status report

    message Invalid direct reference to form login page

    description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).


    -

    A: You Must browse to https://servicedesk.example.com/ first, then login (you just logged in without browsing to the home page first, consequently the referrer was never passed!).  If you are using cURL you must pass this parameter:

    --referer "https://servicedesk.example.com/"

    You Can Learn More About the ManageEngine Product Line By Going to manageengine.optrics.com

    The original article/video can be found at Using cURL to Automate ServiceDesk Plus Authentication

    Leave a Reply