http - curl + jsecurity authentication -

i have grails app using jsecurity plugin authentication.

how use curl send credentials? if curl -u username mysite

i prompt password, nothing.

i tried anyauth command , got site. idea why returning 302?

dcole@dcole-l /cygdrive/c/dev $ curl --anyauth --verbose http://localhost:8080/skillsdb * connect() localhost port 8080 (#0) *   trying ::1... connected    * connected localhost (::1) port 8080 (#0) > /skillsdb http/1.1 > user-agent: curl/7.20.1 (i686-pc-cygwin) libcurl/7.20.1 openssl/0.9.8o zlib/1. 2.5 libidn/1.18 libssh2/1.2.5 > host: localhost:8080 > accept: */* > < http/1.1 302 moved temporarily < server: apache-coyote/1.1 < location: http://localhost:8080/skillsdb/ < transfer-encoding: chunked < date: thu, 07 oct 2010 14:32:32 gmt < * connection #0 host localhost left intact * closing connection #0 

here additional information:

rob correct form based. when go address

 http://localhost:8080/skillsdb/auth/initiallogin 

this form code displayed:

<form action="/skillsdb/auth/initialsignin" method="post" name="logform" id="logform"> <input name="targeturi" value="" type="hidden"> <input value="" widgetid="username" tabindex="0" id="username" class="dijit dijitreset dijitleft dijittextbox" dojoattachpoint="textbox,focusnode" name="username" dojoattachevent="onmouseenter:_onmouse,onmouseleave:_onmouse,onfocus:_onmouse,onblur:_onmouse,onkeypress:_onkeypress" autocomplete="off" type="text"></td> <input value="" widgetid="password" tabindex="0" id="password" class="dijit dijitreset dijitleft dijittextbox" dojoattachpoint="textbox,focusnode" name="password" dojoattachevent="onmouseenter:_onmouse,onmouseleave:_onmouse,onfocus:_onmouse,onblur:_onmouse,onkeypress:_onkeypress" autocomplete="off" type="password"></td> <td style=""><span widgetid="dijit_form_button_0" class="dijit dijitreset dijitleft dijitinline dijitbutton" dojoattachevent="ondijitclick:_onbuttonclick,onmouseenter:_onmouse,onmouseleave:_onmouse,onmousedown:_onmouse"><span class="dijitreset dijitright dijitinline"><span class="dijitreset dijitinline dijitbuttonnode"><button style="-moz-user-select: none;" tabindex="0" value="log in" id="dijit_form_button_0" aria-labelledby="dijit_form_button_0_label" role="button" class="dijitreset dijitstretch dijitbuttoncontents" dojoattachpoint="titlenode,focusnode" name="" type="submit" wairole="button" waistate="labelledby-dijit_form_button_0_label"><span class="dijitreset dijitinline" dojoattachpoint="iconnode"><span class="dijitreset dijittogglebuttoniconchar">✓</span></span><span class="dijitreset dijitinline dijitbuttontext" id="dijit_form_button_0_label" dojoattachpoint="containernode">log in</span></button></span></span></span></td>   </form> 

if you're using form-based authentication method, it's you're going have make http post request login form, along lines of:

curl --data="username=foo&password=bar" http://localhost:8080/skillsdb/login/auth # note '--data' causes request post 

i can't remember jsecurity's login action is, you'll have replace login/auth (in curl command above) it. have @ action of <form> login page submits to.

note you'll passing password plain text here. you'll want use https transaction, that's whole different question.

unless jsecurity extending authentication use http basic authentication, using --anyauth not work, imagine curl uses determine proper http authentication method.

regarding question 302, happens when add --location curl arguments? should make curl follow location header comes in response.