Solved

Changing REMOTE_USER with a CGI rather than closing the browser

Posted on 1998-06-13
4
272 Views
Last Modified: 2013-12-25
If I've already authenticated at a website with a username:password pair, how do I write a CGI that, when invoked, will reset the value of $REMOTE_USER, and challenge me again for my username:password pair. I want to be able to log in as a different user at this point.

I know I can close my browser and $REMOTE_USER will reset, but I'd like to avoid that pain.
0
Comment
Question by:cjb061398
  • 2
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
julio011597 earned 50 total points
ID: 1829779
Indeed, the web server does keep asking for name:passwd... it is the *intelligent* browser which sends them behind the scenes. Anyway, you can bypass this browser's automatic mechanisms by providing the pair as part of the location url.

Say the new pair is "cjb:mypwd", and the page to access is "http://my.host.com". Then you can force the new pair to be sent by putting this url into the location field:

http://cjb:mypwd@my.host.com

This is, in fact, the same mechanism you would use to access password protected ftp sites.

Regards, julio
0
 
LVL 6

Expert Comment

by:alamo
ID: 1829780
In many cases a better way might be "http://cjb@my.host.com" instead, leaving out the password. The dialog will pop up and ask you.

The advantage of this is that this way your password won't be included in your browser history or any bookmarks you make. I am not sure if your password shows up in the REFERER field also, when you click on an external link, it might, I've never checked.

0
 
LVL 5

Expert Comment

by:julio011597
ID: 1829781
Yes, right. About REFERER, i'm not sure either, but shouldn't be the case... anyway, to be tried.

cjb, still around?

-julio
0
 
LVL 6

Expert Comment

by:alamo
ID: 1829782
I just checked, name:pw@ does indeed show up in the REFERER. I tested with Netscape 4.04. So be careful...

0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recursively Delete Files 5 103
help with PowerShell script for registry permissions 8 130
Identify two keyboard codes and how to enter them 9 70
Permission on folders 6 25
This tutorial will discuss fancy secure registration forms, with AJAX technology support. In this article I assume you already know HTML and some JS. I will write the code using WhizBase Server Pages, so you need to know some basics in WBSP (you mig…
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question