Solved

Brower Environment Variables

Posted on 1999-01-20
12
175 Views
Last Modified: 2013-12-25
Is there any way to programmatically (CGI,javascript,java,etc.) set the user name and password browser variables for the current realm?
I need it to work for IE 4.0 and Netscape 4.05.  
I am running Apache 1.3.3. I can rebuild it and add in any modules if needed.  
I trying to have a cgi program set the name and password so the user does not have type it in multiple times.

Thanks,
Dennis
0
Comment
Question by:baasdr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 

Author Comment

by:baasdr
ID: 1832353
Edited text of question
0
 

Author Comment

by:baasdr
ID: 1832354
Edited text of question
0
 
LVL 7

Expert Comment

by:jconde
ID: 1832355
baasdr, I don't really understand your question,  could you please refrase "Is there any way to programmatically (CGI,javascript,java,etc.) set the user name and password
browser variables for the current realm? "
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 1

Expert Comment

by:ptruman
ID: 1832356
If you are on NT you can get the Domain & username
but IIRC thats .asp dependent...

0
 

Author Comment

by:baasdr
ID: 1832357
Sure I'll try,

I want to be able to load the browsers' name and password environment variables for my domain.  The same way that they are loaded into the browser when a user types them in at the popup Login prompt of the browser.  When a user request a file that requires basic authentication, the browser first check for a name and password for that realm.  If the browser has it, it sends it back to the webserver.  If it does not have it it pops up a dialog and asks the user for one.  The browser also save it off for the next time.  If the webserver accepts that answer it will return the requseted page.  Otherwise it sends a reject and the process starts over.  
Before I send a user into a directory that needs authenication I would like send the browser a name and password to put in the environment space.  That way the user never types it in, sees it, even know it happened.  He just has access.
Now how I determine to do that in the first place is another issue, but I've worked that.

Hope that clears it up some.
Dennis
0
 

Author Comment

by:baasdr
ID: 1832358
The Apache 1.3.3 server is running under Solaris 2.5.1.
I can get info about the user already.  I'm trying to put a name and password into browsers' memory.  I don't think it can be done from client side (Java or Java script), but I've been wrong before.

It is not unreasonable to mod Apache to do it.  I'm just not sure it could be done from there and I'd rather not go that route, yet.

Thanks,
Dennis
0
 
LVL 7

Expert Comment

by:jconde
ID: 1832359
Ok, I get it!...thanx!

I don't think you're going to be able to get the password, but the user name is contained in an enviroment variable called AUTH_USER.

I'm going to re-check about the password and I'll get back to you.

Regards,

Jorge
0
 

Author Comment

by:baasdr
ID: 1832360
I don't want to get AUTH_USER/REMOTE_USER and AUTH_PASS(available from some servers).  That's not tough.
I want to set them back at the browser.  So the next CGI call they are what I set, not what the user typed.

Dennis
0
 

Author Comment

by:baasdr
ID: 1832361
Adjusted points to 140
0
 

Expert Comment

by:robert_mann
ID: 1832362
Just a quick comment but why would you need something like this?  Maybe there is another solution for the problem at hand.
0
 
LVL 11

Accepted Solution

by:
mouatts earned 140 total points
ID: 1832363
You can't do what you want because there is no mechanism for the browser to receieve the values even if you mod the server to send it.

What you want can be done but is done with certificates normally. Ie when an attempt is made to access your secure area the server issues a certficate request to the browser which if it has one returns it thus allowing you to allow access to the area.

Another alternative is to use digest security. This allows you to specify lists of IP addresses that are allowed or barred from accessing the directory. The main problem with this is that on the Internet IP masquarading will allow illegal access and if proxies are involved then you can't differentiate between different users coming through the same proxy.

One approach that will allow you to do this after a fashion is to direct someone to a secure are and once they have entered a username and password they are returned a cookie with some form of id and they are then redirected to the genuine secure area. This area which will have to consist of dynamic pages only then ensuers that the cookie is present on every request. On subsequent accesses because the cookie will still be present you can direct them to the pseudo secure area without going to the password protected one first.

HTH
    Steve
0
 

Author Comment

by:baasdr
ID: 1832364
I have been lead to believe that there is a mechanism in the browsers to set Login and Password.  I've been all throught the cookie and IP route.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question