Opening URL and automatically login. Pass username, password, and trigger login button.

Is there a way to create a link on my website that would allow me to redirect a user to a different website and automatically login them in by sending the username and password needed and then triggering the login button for them?  Thanks!
QuetysisAsked:
Who is Participating?
 
VoteyDiscipleConnect With a Mentor Commented:
This depends entirely on how that site is structure.  If it's htaccess authentication then you can get away with just redirecting to:

https://username:password@www.example.com/


If the other website's login form uses the "get" method then you can just reconstruct the URL the same way their form does:

https://www.example.com/login?option=value&username=scott&password=tiger


If the otehr website's login form uses the "post" method (which of these three possibilities is most likely) then you have it a little worse off.  You could
1.  Create a similar "post" form on your own site (with the same action as the other site's form, of course) and just fill in the username and password in hidden fields
2.  Programatically issue a POST to the other server (harder, but definitely possible, especially with the help of some existing library code).
0
 
noam_dzCommented:
You can use https://www.example.com/login?option=value&username=scott&password=tiger even if the form is orignaly in "post" it will recive "get" as well.
0
 
AngryBinaryConnect With a Mentor Commented:
You could create a form which stores the login and password as hidden values and posts these values to the login page on the other site. What is most important is how the site processes it's logins. Most likely, they have a page with a login form that posts back to a page that validates and performs the login. The latter page is the one you will have to post to, using the names of the form fields on the former page.

If the site uses file access security, which usually manifests as a modal window popup with textbox inputs for login and password, I believe some older browsers support the syntax http://username:password@somesite.com/securedcontent.html to auto-login, however in some newer browsers this capability has been disabled.

It should be noted that no matter what, the site that owns the login page will have the capability to prevent logins from coming elsewhere by checking the referer. Also, this kind of activity might not comply with their intended usage, so it may cause some annoyance on their end.

Cheers,
--Randall
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
VoteyDiscipleCommented:
noam_dz, that's not necessarily true.  Some sites are indeed poorly configured, and will treat "get" data the same as "post" data.  It's certainly worth trying  (if it works, hey, problem solved), but it's definitely not a guarantee.  A site designed with a little more attention to detail will consider only posted data for logging in.

In PHP, for example, the login page may look directly at $_POST, and not at $_REQUEST.  
0
 
MorcalavinConnect With a Mentor Commented:
"You can use https://www.example.com/login?option=value&username=scott&password=tiger even if the form is orignaly in "post" it will recive "get" as well."

Not necessarily.  You can script explicitly to accept get, post, or both.  If the login script is designed to look at post data only, putting it in the querystring isn't going to do any good.
0
 
QuetysisAuthor Commented:
thanks everyone!  I'll give those a try and see what happens...
0
 
jacckkConnect With a Mentor Commented:
If you want to generalize the action you need the form username field name, password field name, the username and password and the submit URL. You can write an asp/php page, that you pass these values to either by a post to that page or querystring and generate the form dynamically and at the end of the page write an submit acton using javascript.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.