Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Brower Environment Variables

Posted on 1999-01-20
12
Medium Priority
?
176 Views
Last Modified: 2013-12-25
Is there any way to programmatically (CGI,javascript,java,etc.) set the user name and password browser variables for the current realm?
I need it to work for IE 4.0 and Netscape 4.05.  
I am running Apache 1.3.3. I can rebuild it and add in any modules if needed.  
I trying to have a cgi program set the name and password so the user does not have type it in multiple times.

Thanks,
Dennis
0
Comment
Question by:baasdr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 

Author Comment

by:baasdr
ID: 1832353
Edited text of question
0
 

Author Comment

by:baasdr
ID: 1832354
Edited text of question
0
 
LVL 7

Expert Comment

by:jconde
ID: 1832355
baasdr, I don't really understand your question,  could you please refrase "Is there any way to programmatically (CGI,javascript,java,etc.) set the user name and password
browser variables for the current realm? "
0
Application Discovery Service in AWS

In the era of the cloud, customers migrating away from their existing on-premise infrastructure. This requires lots of planning, strategies, and effort to identify their existing resources and determine how best to migrate.  Datacenter migrations happen in four phases -

 
LVL 1

Expert Comment

by:ptruman
ID: 1832356
If you are on NT you can get the Domain & username
but IIRC thats .asp dependent...

0
 

Author Comment

by:baasdr
ID: 1832357
Sure I'll try,

I want to be able to load the browsers' name and password environment variables for my domain.  The same way that they are loaded into the browser when a user types them in at the popup Login prompt of the browser.  When a user request a file that requires basic authentication, the browser first check for a name and password for that realm.  If the browser has it, it sends it back to the webserver.  If it does not have it it pops up a dialog and asks the user for one.  The browser also save it off for the next time.  If the webserver accepts that answer it will return the requseted page.  Otherwise it sends a reject and the process starts over.  
Before I send a user into a directory that needs authenication I would like send the browser a name and password to put in the environment space.  That way the user never types it in, sees it, even know it happened.  He just has access.
Now how I determine to do that in the first place is another issue, but I've worked that.

Hope that clears it up some.
Dennis
0
 

Author Comment

by:baasdr
ID: 1832358
The Apache 1.3.3 server is running under Solaris 2.5.1.
I can get info about the user already.  I'm trying to put a name and password into browsers' memory.  I don't think it can be done from client side (Java or Java script), but I've been wrong before.

It is not unreasonable to mod Apache to do it.  I'm just not sure it could be done from there and I'd rather not go that route, yet.

Thanks,
Dennis
0
 
LVL 7

Expert Comment

by:jconde
ID: 1832359
Ok, I get it!...thanx!

I don't think you're going to be able to get the password, but the user name is contained in an enviroment variable called AUTH_USER.

I'm going to re-check about the password and I'll get back to you.

Regards,

Jorge
0
 

Author Comment

by:baasdr
ID: 1832360
I don't want to get AUTH_USER/REMOTE_USER and AUTH_PASS(available from some servers).  That's not tough.
I want to set them back at the browser.  So the next CGI call they are what I set, not what the user typed.

Dennis
0
 

Author Comment

by:baasdr
ID: 1832361
Adjusted points to 140
0
 

Expert Comment

by:robert_mann
ID: 1832362
Just a quick comment but why would you need something like this?  Maybe there is another solution for the problem at hand.
0
 
LVL 11

Accepted Solution

by:
mouatts earned 140 total points
ID: 1832363
You can't do what you want because there is no mechanism for the browser to receieve the values even if you mod the server to send it.

What you want can be done but is done with certificates normally. Ie when an attempt is made to access your secure area the server issues a certficate request to the browser which if it has one returns it thus allowing you to allow access to the area.

Another alternative is to use digest security. This allows you to specify lists of IP addresses that are allowed or barred from accessing the directory. The main problem with this is that on the Internet IP masquarading will allow illegal access and if proxies are involved then you can't differentiate between different users coming through the same proxy.

One approach that will allow you to do this after a fashion is to direct someone to a secure are and once they have entered a username and password they are returned a cookie with some form of id and they are then redirected to the genuine secure area. This area which will have to consist of dynamic pages only then ensuers that the cookie is present on every request. On subsequent accesses because the cookie will still be present you can direct them to the pseudo secure area without going to the password protected one first.

HTH
    Steve
0
 

Author Comment

by:baasdr
ID: 1832364
I have been lead to believe that there is a mechanism in the browsers to set Login and Password.  I've been all throught the cookie and IP route.
0

Featured Post

URL rewriting in AWS CloudFront

A quick how-to guide to implement with a Lambda function!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I have been answering a lot of questions like this in IT forums that I frequent. The question posed is usually something along the lines of "We have software X installed and need to uninstall it for reason Y" or some other variant of the sa…
In this tutorial I will show you how to provide a dynamic RTF document on your website generated with data from your database. For this tutorial you will need Microsoft Word or WordPad, WhizBase and Microsoft Access. In this tutorial I will show …
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question