p_partha
asked on
ByPass authentication Using URL
I have my server session authentication enabled. I have to access a database through browser bypassing the authentication and therefore i tried all these combinations
a.http://username:password@url
b.http://url&username=username&password=password
c.http://username:password@url&username=username&password=password
The output behaves wierd. very rarely it goes through without login page. Since the page shd be loaded without authentication any help in this regard is highly appreciated..
a.http://username:password@url
b.http://url&username=username&password=password
c.http://username:password@url&username=username&password=password
The output behaves wierd. very rarely it goes through without login page. Since the page shd be loaded without authentication any help in this regard is highly appreciated..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thx guys but anyways i used the following format to make it work..
http://servername/names.nsf?login&Username=username&password=password&redirectto=http://servername/css/apps/xmlbroker.nsf/test?openagent¶m1=value¶m2=value
but myproblem is i am losing my parameters after redirection.. i.e Param1,param2 is gone..
any ideas...
thx once again for ur efforts
partha
http://servername/names.nsf?login&Username=username&password=password&redirectto=http://servername/css/apps/xmlbroker.nsf/test?openagent¶m1=value¶m2=value
but myproblem is i am losing my parameters after redirection.. i.e Param1,param2 is gone..
any ideas...
thx once again for ur efforts
partha
Can you store them e.g. as JS variables in "top" of a frameset or as a cookie?
ASKER
why is the redirectto eating away the parameters passed to it ...any reasons for that...
Partha
Partha
ASKER
guys i got the answer ... when we have a "&" in redirectto URL it takes it as the next parameter to the main URL ..
therefore "&" has to be url encoded.. so once i converted it to %26 it works like charm. I hope this helps somebody
Partha
therefore "&" has to be url encoded.. so once i converted it to %26 it works like charm. I hope this helps somebody
Partha
Also just for testing purpose make the database available for public access.