Can I pass the User ID/Password to a website?

Is is possible to pass the user id/password to a site to prevent the dialog box for Basic Authentication?

Thanks
Rob
r_fritzAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jhurstCommented:
Not as part of a standard page or from Javascript, etc.

If you are trying to have a page that gets past this, then the answer is NO.

Why would you want to do this?  If the page needs protection then it needs protection, if it does not then it does not.  Or, are you trying to store it for someone else's pages?
0
r_fritzAuthor Commented:
what i am trying to do is this ...

A user logs onto my site ... now the user is a known intetity ... if i have a link to another site that the user has a user id/password (that i have stored in a sql database) i want to be able to get around the user having to identify himself all over again...

is this possible ???

0
cheekycjCommented:
Maybe cookies???

CJ
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

jhurstCommented:
Answer: NO! by using the Basic Authentication.  Nor cookies if this is a different domain.  Cookies specifically do not allow passage to different domains for privacy reasons.  

You could play some tricks yourself by having the first site set some hidden variable into the page that it generates.  This variable would be transmitted to the second site.  Now, you would make this variable time dependant so that someone who saw it would not be able to use it later.

I would do something like:
<input type=hidden name=userValid value=rrrriiirrrtttrrrccc>
where rrr... is the value.
r would reperesent a random number to confuse the would be pirate, iii would be the ip address so that it is specific to this user, ttt would be the time so it only works for some period and ccc would be some checksum on the whole thing so that a user could not just change iii, ttt etc.

If you chose your random and checksums well and even encrypt the whole thing this will be very secure and will give all you need.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cheekycjCommented:
jhurst: both of your proposed answers seemed to be better fit if they were just posted as comments.  You should try not to lock the question down so other experts can help out.

0
jhurstCommented:
I do not agree with that r_fritz, but appreciate the input.  

The first proposed answer actually did answer the question that it can ot be done, which is the case.

Then the question was modified to ask if there was another way of achieving the same effect.  The method will and does work and so is an answer.
0
r_fritzAuthor Commented:
Thanks jhurst .... I apreciate the additional information... I am not sure if this will work for the sole reason that i am at the mercy of the other web site (the webmater's willingness o help me out)

by the way i did not post the comment above about how the answers should have been posted as comments instead of answers ... i thought that was the purpose of this site ...

thanks again for the sugestion ...

Rob
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.