andrewting
asked on
How to programatically log into a forms authenticated website?
I have a web site that we built, but I now need to be able to preload information into the web site by a third-party application using a web service. I need to be able to
1. Programmatically log into the website (the website uses forms authentication) and load an XML file into the website via a web service.
This should be easy a simple web service that says (and secured using SSL) should work.
eg. LoadXML (string userName, string password, string XML)
2. Start up the website in a browser (already logged in for the user) and goto an aspx page that presents the loaded information to the user.
This is a little more confusing, how do I programmatically log a user in? At first I thought of having a web service like above, and once the credentials are authenticated, I would redirect the user to the website page using the session information. But this doesn't seem to be the right approach...since web services don't have UI.
I don't want to encode the username/password in the URL in plain text....Can anyone help me with this?
THANKS!
Andrew
1. Programmatically log into the website (the website uses forms authentication) and load an XML file into the website via a web service.
This should be easy a simple web service that says (and secured using SSL) should work.
eg. LoadXML (string userName, string password, string XML)
2. Start up the website in a browser (already logged in for the user) and goto an aspx page that presents the loaded information to the user.
This is a little more confusing, how do I programmatically log a user in? At first I thought of having a web service like above, and once the credentials are authenticated, I would redirect the user to the website page using the session information. But this doesn't seem to be the right approach...since web services don't have UI.
I don't want to encode the username/password in the URL in plain text....Can anyone help me with this?
THANKS!
Andrew
ASKER
For anyone interested I solved my problem by building a web service that returns the URL string with the user id and password encrypted into it.
Instead of
http://www.abc.com/targetPage.aspx?userID=johndoe&password=abc123
You end up with
http://www.abc.com/targetPage.aspx?combined=xrAp6e72hJh6RtWYJhLsT6vs%2
The web site knows how to parse the "combined" parameter to get the user id and password. My login page gets the credentials from the encrypted parameter, and authenticates and sets the forms authentication ticket and then redirects the browser to the data display page. This seems to work well for me.
Encryption algorithm I used was from here:
http://www.devcity.net/PrintArticle.aspx?ArticleID=47
ASKER
Can someone help me close this issue now since I found the answer myself?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This article seems to explain what I need...
http://www.dotnetbips.com/displayarticle.aspx?id=166