We help IT Professionals succeed at work.

Eliminate the pop-up login window ... ?

Medium Priority
209 Views
Last Modified: 2013-12-25
Is there any way to write a CGI script to send a username and password to pass htaccess-protected HTML pages (via apachhe server)?

I hope you know what I meant;  When you go to a private site (such as bank's or members only pages), a pop-up window comes up asking for a username and password to see the protected page(s).  Assuming we've got the username and password, is it possible to write a Perl CGI to send username and password to the protected page so that the pop-up window will not appear or ask for the info from the user?

And if it's possible, could you write me a simple basic code please?

Please help...!

elpmet
Comment
Watch Question

CERTIFIED EXPERT

Commented:
perldoc LWP
perldoc LWP::UserAgent

or quick&dirty solution:

   @site = `wget --http-username=user --http-password=pass http://www.your.dom/page`;

Author

Commented:
Hi ahoffmann,

Thank you for your code (my unix version of wget was, according to the help page, "wget --http-user=USER --http-passwd=PASS URL", by the way), but how can I use this to dump the content to the client's browser?

What I'm doing here is:

  1) user visits a html page
  2) the html page sends a request to the CGI script (THIS ONE)
  3) and THIS CGI program connects to another remote CGI which is protected by htaccess
  4) and it dumps its result back to THIS script

By the way, upon running @site='wget --http-user=myusername --http-passwd=mypassword http://my.url/' in my perl/cgi script, it gave me an internal server error (500) message.  Do you know why?

Thank you for your help!!
raised to 150.

Elpmet.
CERTIFIED EXPERT
Commented:
#! /bin/perl
use CGI;
$::q=new CGI;
@site=`wget --http-user=myusername --http-passwd=mypassword --user-agent=AGENT --output-document=- http://my.url/`
print header();
print @site;
exit( 0 );

This way wget should write the result on STDOUT (--output-document). Probably the reason for error 500 is the UAER_AGENT, which is set to "wget", but the server expects only IE, and/or Netscape (stupid programmers):, with the --user-agent option you can tweak wget to anounce itself as a different agent, like:
     Mozilla/4.79 [en] (X11; I; Linux 2.4.9)

As I said, this example is just a dirty hack, I recommend to use  LWP and LWP::UserAgent (probably HTTP::Request too)
programming is straight forward according the man-page.
CERTIFIED EXPERT

Commented:
you need to make sure the outbound request contains a WWW-Authenticate header, this should be a base64 encription of username:password.

i have requested protected pages in C by openging a socket and sending out a complete header inclusing the www-authenticate tag.
CERTIFIED EXPERT

Commented:
let me know if you want me to do this in perl for you,
CERTIFIED EXPERT

Commented:
> .. outbound request contains a WWW-Authenticate header,
will be done by wget or LWP automatically.
CERTIFIED EXPERT

Commented:
elpmet,

Did you get the solution you were looking for?

If so, please delete this question & free up your points, or award the points to the answer you found most useful.

Thanks,
CERTIFIED EXPERT

Commented:
elpmet,

Did you get the solution you were looking for?

If so, please delete this question & free up your points, or award the points to the answer you found
most useful.

Thanks,
CERTIFIED EXPERT

Commented:
elpmet,

You have the following 2 questions open in the "CGI Programming" topic area.
These questions have been open for more than 2 months now.


http://www.experts-exchange.com/jsp/qShow.jsp?ta=cgi&qid=20187827 (09/25/01)
http://www.experts-exchange.com/jsp/qShow.jsp?ta=cgi&qid=20186615 (09/23/01)

Please go ahead and close these questions at the earliest.

Thanks.
elpmet:

There has been no activity in this question in quite some time, and it looks like it has been abandoned. As part of our ongoing mission to clean up the topic areas, a Moderator will finalize this question sometime after seven (7) days. At that time, either I or one of the other Moderators will force-accept the comment of ahoffman.

DO NOT ACCEPT THIS COMMENT AS AN ANSWER. If you have further comments on this question or the recommendation, please leave them here.

Thanks,

amp
community support moderator
experts exchange

Explore More ContentExplore courses, solutions, and other research materials related to this topic.