We have a script which runs on the filesystem and which uses wget to kick of a web script to do some stuff. We only want authenticated users to be able to do this, so the wget command passes the username and password via --http-user and --http-password. This worked fine on our set up on RHEL4, which used wget 1.10.2, but on our new box, with wget 1.11.4 we kept getting redirected to the login screen as the authentication was failing.

It turns out that wget 1.11 will not send passwords unless the server issues a challenge. In the case of Apache 2.2 this means setting up htaccess or something in access.conf to force the user to log in. We didn't actually want that, as a) we're lazy and b) we just want the wget user to authenticate.

In response to a few questions about this, the authors of wget kindly added a new flag --auth-no-challenge. Adding this to our wget command produced the required result - the wget authenticated and the script ran as required. Hurray!

Here are some links to pages that told the story:

• http://www.mail-archive.com/bug-wget@gnu.org/msg00007.html
  
• http://www.mail-archive.com/bug-wget@gnu.org/msg00003.html
• http://www.computerhope.com/unix/wget.htm