[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Can I pass the User ID/Password to a website?

Posted on 2000-01-13
7
Medium Priority
?
230 Views
Last Modified: 2013-12-25
Is is possible to pass the user id/password to a site to prevent the dialog box for Basic Authentication?

Thanks
Rob
0
Comment
Question by:r_fritz
  • 3
  • 2
  • 2
7 Comments
 
LVL 8

Expert Comment

by:jhurst
ID: 2351590
Not as part of a standard page or from Javascript, etc.

If you are trying to have a page that gets past this, then the answer is NO.

Why would you want to do this?  If the page needs protection then it needs protection, if it does not then it does not.  Or, are you trying to store it for someone else's pages?
0
 

Author Comment

by:r_fritz
ID: 2351931
what i am trying to do is this ...

A user logs onto my site ... now the user is a known intetity ... if i have a link to another site that the user has a user id/password (that i have stored in a sql database) i want to be able to get around the user having to identify himself all over again...

is this possible ???

0
 
LVL 19

Expert Comment

by:cheekycj
ID: 2352796
Maybe cookies???

CJ
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
LVL 8

Accepted Solution

by:
jhurst earned 450 total points
ID: 2353558
Answer: NO! by using the Basic Authentication.  Nor cookies if this is a different domain.  Cookies specifically do not allow passage to different domains for privacy reasons.  

You could play some tricks yourself by having the first site set some hidden variable into the page that it generates.  This variable would be transmitted to the second site.  Now, you would make this variable time dependant so that someone who saw it would not be able to use it later.

I would do something like:
<input type=hidden name=userValid value=rrrriiirrrtttrrrccc>
where rrr... is the value.
r would reperesent a random number to confuse the would be pirate, iii would be the ip address so that it is specific to this user, ttt would be the time so it only works for some period and ccc would be some checksum on the whole thing so that a user could not just change iii, ttt etc.

If you chose your random and checksums well and even encrypt the whole thing this will be very secure and will give all you need.
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 2353572
jhurst: both of your proposed answers seemed to be better fit if they were just posted as comments.  You should try not to lock the question down so other experts can help out.

0
 
LVL 8

Expert Comment

by:jhurst
ID: 2353603
I do not agree with that r_fritz, but appreciate the input.  

The first proposed answer actually did answer the question that it can ot be done, which is the case.

Then the question was modified to ask if there was another way of achieving the same effect.  The method will and does work and so is an answer.
0
 

Author Comment

by:r_fritz
ID: 2354828
Thanks jhurst .... I apreciate the additional information... I am not sure if this will work for the sole reason that i am at the mercy of the other web site (the webmater's willingness o help me out)

by the way i did not post the comment above about how the answers should have been posted as comments instead of answers ... i thought that was the purpose of this site ...

thanks again for the sugestion ...

Rob
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No other job is as rewarding and demanding as building an iPhone app is. It is not really in the hands of the developer for the success of an iPhone app. Many factors operate jointly for every iOS application's success in the market.
Why WooCommerce is one of the majorly favored choices when it comes to having an eCommerce store. This article will acquaint you with some reasons that I believe make it one of the best eCommerce platforms available.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
Suggested Courses
Course of the Month8 days, 15 hours left to enroll

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question