Windows Single sign on

J

john armsby

I have been away from the group for a few years. If this has already been
posted, please point me in the right direction..

At my work place, certain web pages are accessed after the initial URL is
redirected to a login page. The user is presented a login page, logs in,
and is then directed to the original requested site. As I see it the
sequence is as follows.

1. User enters URL into browser.
2. User is redirected to a login screen. Server drops a cookie containing
some data including a redirect url to the original url.
3. User fills out form and submits... Server drops a cookie containing
some login success type data.
4. Server redirects browser to original URL. Server drops another cookie.

I have the O'reilly books and have attempted to create a User agent and a
cookie jar. My strategy has been to:

A. Instantiate a user agent browser and post the URL.
B. Get the cookie.
C. Spoof the login page and post login data with correct values. Send the
cookie.
D. Receive the success cookie and post the original url with the success
cookie.

Of course I have fallen on my face here. Any experience with this or
experience with LWP user agents sending receiving/sending cookies?

John
 
P

Peter Scott

1. User enters URL into browser.
2. User is redirected to a login screen. Server drops a cookie containing
some data including a redirect url to the original url.
3. User fills out form and submits... Server drops a cookie containing
some login success type data.
4. Server redirects browser to original URL. Server drops another cookie.

I have the O'reilly books and have attempted to create a User agent and a
cookie jar. My strategy has been to:

A. Instantiate a user agent browser and post the URL.
B. Get the cookie.
C. Spoof the login page and post login data with correct values. Send the
cookie.
D. Receive the success cookie and post the original url with the success
cookie.

Of course I have fallen on my face here. Any experience with this or
experience with LWP user agents sending receiving/sending cookies?
Click to expand...

Use WWW::Mechanize and your job will be considerably easier. Just tell it
to do what a user does. The only potential gotcha (besides weird
JavaScript) is dealing with page refreshes that are done with the meta
http-equiv tag. Because those contain a delay, Mechanize doesn't
automatically redirect even if the delay is zero (it doesn't parse the
content at all). So you need to know if that's going on and parse it out
of the body. Not difficult.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to store data from a sign up form on a website into an sql databse 1
React native post-request is not working 1
Single Sign On 1
CAC authentication Single Sign-on 2
Web Start/JNLP in a Single-Sign On environment 1
Single Sign on 0
TS6138:Direct Client:- ASP.NET Single Sign on Developer 0
TS6138:Direct Client:- ASP.NET Single Sign on Developer 0

Members online

Total: 50 (members: 1, guests: 49)
Robots: 314

Forum statistics

Threads
473,982
Messages
2,570,185
Members
46,736
Latest member
AdolphBig6

Latest Threads

Top