Windows Single sign on

Discussion in 'Perl Misc' started by john armsby, Oct 30, 2008.

  1. john armsby

    john armsby Guest

    I have been away from the group for a few years. If this has already been
    posted, please point me in the right direction..

    At my work place, certain web pages are accessed after the initial URL is
    redirected to a login page. The user is presented a login page, logs in,
    and is then directed to the original requested site. As I see it the
    sequence is as follows.

    1. User enters URL into browser.
    2. User is redirected to a login screen. Server drops a cookie containing
    some data including a redirect url to the original url.
    3. User fills out form and submits... Server drops a cookie containing
    some login success type data.
    4. Server redirects browser to original URL. Server drops another cookie.

    I have the O'reilly books and have attempted to create a User agent and a
    cookie jar. My strategy has been to:

    A. Instantiate a user agent browser and post the URL.
    B. Get the cookie.
    C. Spoof the login page and post login data with correct values. Send the
    cookie.
    D. Receive the success cookie and post the original url with the success
    cookie.

    Of course I have fallen on my face here. Any experience with this or
    experience with LWP user agents sending receiving/sending cookies?

    John
    john armsby, Oct 30, 2008
    #1
    1. Advertising

  2. john armsby

    Peter Scott Guest

    On Thu, 30 Oct 2008 17:56:37 -0500, john armsby wrote:
    > 1. User enters URL into browser.
    > 2. User is redirected to a login screen. Server drops a cookie containing
    > some data including a redirect url to the original url.
    > 3. User fills out form and submits... Server drops a cookie containing
    > some login success type data.
    > 4. Server redirects browser to original URL. Server drops another cookie.
    >
    > I have the O'reilly books and have attempted to create a User agent and a
    > cookie jar. My strategy has been to:
    >
    > A. Instantiate a user agent browser and post the URL.
    > B. Get the cookie.
    > C. Spoof the login page and post login data with correct values. Send the
    > cookie.
    > D. Receive the success cookie and post the original url with the success
    > cookie.
    >
    > Of course I have fallen on my face here. Any experience with this or
    > experience with LWP user agents sending receiving/sending cookies?


    Use WWW::Mechanize and your job will be considerably easier. Just tell it
    to do what a user does. The only potential gotcha (besides weird
    JavaScript) is dealing with page refreshes that are done with the meta
    http-equiv tag. Because those contain a delay, Mechanize doesn't
    automatically redirect even if the delay is zero (it doesn't parse the
    content at all). So you need to know if that's going on and parse it out
    of the body. Not difficult.

    --
    Peter Scott
    http://www.perlmedic.com/
    http://www.perldebugged.com/
    Peter Scott, Oct 31, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Cowboy \(Gregory A. Beamer\)

    Single Sign on for web apps on same box

    Cowboy \(Gregory A. Beamer\), Nov 5, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    378
    Cowboy \(Gregory A. Beamer\)
    Nov 5, 2003
  2. Rodney Lane

    Single Sign On Web Site

    Rodney Lane, Nov 17, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    552
    John Saunders
    Nov 17, 2003
  3. Jimmy
    Replies:
    1
    Views:
    930
    Cowboy \(Gregory A. Beamer\)
    Nov 21, 2006
  4. SP
    Replies:
    7
    Views:
    235
    Joe Kaplan
    Feb 14, 2007
  5. Jimmy
    Replies:
    3
    Views:
    2,393
    shimmyshack
    Nov 20, 2006
Loading...

Share This Page