Fetcher Authentication Process

This task shows you how the fetcher performs authentication.

See Also
About the HTTP Fetcher
Debug Authentication Problems
Configuring the Fetcher
  1. The crawler asks the fetcher for a URL. The crawler does not know anything about authentication, and the fetcher does not know anything about the URLs that must be crawled and crawl rules.
  2. The fetcher tests whether the URL matches the authentication configuration pattern.
  3. The fetcher tries to fetch the URL a first time, without trying the authentication process. If the session has already been opened and is still active, a reauthentication is not required.
  4. The fetcher tests the success/failure condition on the fetched document. If the condition returns "success", this means that the page is correctly authenticated, and is returned as is to the crawler.
  5. Else, it means that the session has expired and the fetcher has to reauthenticate:
    • First, it fetches the gateway as configured. It follows redirections as required, until it finds an HTML page.
    • The login form is extracted from the HTML according to the configuration.
    • The parameters are extracted from the form, and completed with the username/password fields configured.
    • The form action is submitted with all these parameters.
    • Redirections are followed, with a limit to avoid loops. Redirections are often used at this point to transfer authentication tokens to session cookies (which can live on other domains).
  6. Finally the fetcher tries to fetch the original URL a second time.
  7. The success/failure condition is tested a second time: if the configuration is correct, it returns "success".
  8. If the condition is successful, the document is returned to the crawler.
  9. Else, the configuration is broken. A warning is printed in the crawler process log, and the resulting document is still returned to the crawler.

    Fetcher Authentication Process