This would be very useful.
There was a patch for this against an old version but never made it. https://sourceforge.net/p/nagiosplug/patches/79/

Seems like the original patch from 2003 was broken already. If somebody wants to look into
it, i'd be happy to review and merge it.

Dears,

Can we update check_http to support cookies? specially for SSO redirects?

thank you!

for check_curl I see an easy way to do it with CURLOPT_COOKIEFILE, CURLOPT_COOKIEJAR. Doing it in check_http would require to implement that.
Nice would be if we could make the options for cookie handling the same.

Cookies can be given directly with the -k/--header flag, but I think what you want here
is more to permanently store the cookie sent by the checked web server in a JAR locally
on the monitoring machine, right?

Hello Adnreas,

Thank you for your prompt-reply, I have tried this option:

./check_http '-u' 'https://idp.example.com/idp/profile/SAML2/Unsolicited/SSO?providerId=https://example.com/sp/shibboleth' '--ssl' '--onredirect=follow' '-s' 'error' '-j' 'GET' '--sni' '-p' '443' 'idp.example.com' -B '-k' 'COOKIES'
HTTP CRITICAL: HTTP/1.1 400 Bad Request - string 'error' not found on 'https://idp.example.com:443https://idp.example.com/idp/profile/SAML2/Unsolicited/SSO?providerId=https://<exanple>/sp/shibboleth' - 465 bytes in 0.014 second response time |time=0.014239s;;;0.000000;10.000000 size=465B;;;0
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Request header field is missing ':' separator.<br />
<pre>
COOKIES</pre>
</p>
</body></html>

if I use curl for example with the following parameter:

curl -L -s -c cookies "https://idp.example.com/idp/profile/SAML2/Unsolicited/SSO?providerId=https://example.com/sp/shibboleth"

I land on the login page.

-k sets HTTP Headers, so the syntax is Set-Cookie: <name>=<value>, but the whole
point of authentication is, that the server sends a Cookie to the client, which is then presented in the next request as credentials. Without extending check_http and/or
check_curl, this will not work.
What I meant was, that you can set an arbitrary HTTP header with -k, but maybe
this was misleading in this case..

My whole point is to arrive to the landing idp authentication page.

That would be an awesome new feature!

1. Send initial HTTP request
2. Read Set-Cookie Header from the response
3. Send second HTTP request with "Cookie: value" from the previously received Set-Cookie header

Could be with a parameter, e.g. --keep-cookie or something like that.

I think something like this would be handy f6978de

Just all the die before the cleanup function bother me and must be tested properly..
(the code was just plain wrong, cleanup up after die didn't do much) :-)

Also maybe we should also add a option for https://curl.se/libcurl/c/CURLOPT_COOKIE.html