Hi,
I use LWP::UserAgent to automate windows login process. I set the credentials using $ua->credentials("host:port","realm","id","password" ); but it fetches only the current page requested. It fails for subsequent requests and pops up the windows form again to supply the credentials. I have created a cookie jar too but this doesnt help as the authentication is not sticking. Any help on this is highly appreciated.
The code is as follows. -
# Module: authenticate.pl
-
# @author Kiran Kamath
-
-
#flush the buffer
-
$|=1;
-
use CGI;
-
use CGI::Request;
-
-
use LWP::UserAgent;
-
use HTTP::Request;
-
use LWP::ConnCache;
-
use HTTP::Cookies;
-
use LWP::DebugFile;
-
-
# Configurations required for the script
-
require "authvar.ph";
-
use POSIX qw(strftime);
-
-
# Set up Alert log
-
-
open(ALERTS,"$AUTH_LOG") or warn "Cannot open alert log file:$!";
-
$AlertDate=`date $AUTH_DATE_FORMAT`;
-
chomp($AlertDate);
-
-
print ALERTS "$AlertDate authenticate-module entry\n\n" if($AUTH_DEBUG);
-
-
#Get username and password from POST message
-
-
$req = GetRequest($pkg);
-
$uid=$req->param('uid');
-
$passwd=$req->param('passwd');
-
my $timeout=10;
-
$uid=some id ;
-
$passwd=some passwd ;
-
-
if(defined($uid) && defined($passwd))
-
{
-
chomp($uid); chomp($passwd);
-
print ALERTS "$AlertDate [ UID=$uid , PASSWD=$passwd ]\n";
-
-
-
my($res,$request);
-
-
# LWP::UserAgent is a class implementing a web user agent used to dispatch web requests.
-
$ua = LWP::UserAgent->new();
-
$ua->agent('Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727)');
-
-
#Set the timeout so that requests is aborted if no activity on the connection to the server is observed for timeout seconds.
-
$ua->timeout($timeout);
-
-
-
# Set the credentials for a realm
-
$ua->credentials("$AUTH_DOMAIN:$AUTH_PORT","$AUTH_NAME","$uid","$passwd");
-
-
# LWP::ConCache is used for the browser to support HTTP Keep-Alive
-
# This is required so that after the request is performed connection is not lost and is persistent.
-
-
$cache=$ua->conn_cache(LWP::ConnCache->new());
-
-
# Cache all the connections
-
$ua->conn_cache->total_capacity(undef);
-
-
$cookie_jar=HTTP::Cookies->new();
-
$cookie_jar->set_cookie("1","nortelid","axptnrtl","/","naxptsts.intec.telcordia.com","4443",1,1,3600,0);
-
-
# Give the browser an in-memory empty cookie jar
-
$ua->cookie_jar($cookie_jar);
-
$ua->default_header('Accept-Language'=>'en-us');
-
$ua->default_header('Accept-Encoding'=>'gzip, deflate');
-
#$ua->default_header('Accept'=>'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*');
-
$ua->default_header('Accept'=>'*/*');
-
-
-
$request = new HTTP::Request('GET', $AUTH_URI);
-
-
$cookie_jar->add_cookie_header($request);
-
-
$res=$ua->request($request);
-
-
$cookie_jar->extract_cookies($res);
-
-
my $status = $res->code;
-
print ALERTS "$AlertDate Return Status for $AUTH_URI was $status\n";
-
-
if($res->is_success){
-
$status_message=$res->as_string;
-
#print ALERTS "$AlertDate [DEBUG STATUS MESSAGE=$status_message]\n\n";
-
print $res->content;
-
print ALERTS "$AlertDate [Success Redirecting]\n\n";
-
}
-
else
-
{
-
print ALERTS "$AlertDate [Authenticate Header= " . $res->header('WWW-Authenticate') . "]\n";
-
print ALERTS "$AlertDate [ERROR STATUS: " .$res->status_line. "]\n\n";
-
}
-
}
-
-
print ALERTS "$AlertDate authenticate-module exit\n\n" if($AUTH_DEBUG);
-
close(ALERTS);
-
Thanks
Kiran
4  4217 
Hi,
I got the script working when i use webserver url (http). However it doesnt work when going through a proxy server (https). After displaying the initial page it prompts for credentials. This doesnt happen with http. I set env proxy in the script. It handles subsequent requests too. In case of https (proxy server), it doesnt maintaain the credentials for a particular realm.
Any help on this is appreciated.
Thanks
Kiran Kamath
Hi,
I got the script working when i use webserver url (http). However it doesnt work when going through a proxy server (https). After displaying the initial page it prompts for credentials. This doesnt happen with http. I set env proxy in the script. It handles subsequent requests too. In case of https (proxy server), it doesnt maintaain the credentials for a particular realm.
Any help on this is appreciated.
Thanks
Kiran Kamath
The reason that doesn't happen for HTTP is because HTTP is not an authenticated, secure session. HTTPS denotes an SSL session that is authenticated and secure. If you are using it, then you should setup to handle it. I haven't played with LWP yet, but I am sure that the documentation would go over this.
Regards,
Jeff
The reason that doesn't happen for HTTP is because HTTP is not an authenticated, secure session. HTTPS denotes an SSL session that is authenticated and secure. If you are using it, then you should setup to handle it. I haven't played with LWP yet, but I am sure that the documentation would go over this.
Regards,
Jeff
The documentation doesnt describe anything on this. Can the ACL's on the proxy server be configured to get this working?
Thanks
Kiran
Hi,
How to make authentication stick to subsequent pages using LWP . I tried creating cookies after authentication against a realm. but subsequent requests asks for credentials. Anyone knows how to accomplish this? Any help is highly appreciated.
Thanks
Kiran
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Mark H |
last post by:
Hey all--
I'm building a database and I basically need to keep out people who
aren't authorized, but it's not like I need top security here. I'm just
doing basic user/pass of a SQL database, and...
|
by: Jp Calderone |
last post by:
I've been trying to implement support for this authentication scheme for a
little while now, and in the last couple days I've been completely stumped.
I know about the digest authentication code...
|
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
#...
|
by: Bob Everland |
last post by:
I have an application that is ISAPI and the only way to
secure it is through NT permissions. I need to have a way
to login to windows authentication so that when I get to
the ISAPI application no...
|
by: Billy Jacobs |
last post by:
I have a website which has both secure and non-secure
pages. I want to uses forms authentication. How do I
accomplish this?
Originally I had my web.config file in the root with Forms...
|
by: Tom B |
last post by:
In my web.config file I've specified Windows for the authentication, in IIS
I've set it to Integrated Authentication.
But my SQL connection is still showing Anonymous.
Is there somewhere else I...
|
by: Anonieko Ramos |
last post by:
ASP.NET Forms Authentication Best Practices
Dr. Dobb's Journal February 2004
Protecting user information is critical
By Douglas Reilly
Douglas is the author of Designing Microsoft ASP.NET...
|
by: Rippo |
last post by:
Hi
I am using role base forms authentication in asp.net and have come
across a problem that I would like advice on.
On a successful login a session variable is set to identify a user.
This is...
|
by: Frank Swarbrick |
last post by:
I am trying to understand "client authentication" works. My environment is
DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4
as the client. We currently have DB2/LUW set...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| |
