Solved

Opening URL and automatically login.  Pass username, password, and trigger login button.

Posted on 2006-11-06
7
388 Views
Last Modified: 2011-09-20
Is there a way to create a link on my website that would allow me to redirect a user to a different website and automatically login them in by sending the username and password needed and then triggering the login button for them?  Thanks!
0
Comment
Question by:Quetysis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 19

Accepted Solution

by:
VoteyDisciple earned 125 total points
ID: 17882085
This depends entirely on how that site is structure.  If it's htaccess authentication then you can get away with just redirecting to:

https://username:password@www.example.com/


If the other website's login form uses the "get" method then you can just reconstruct the URL the same way their form does:

https://www.example.com/login?option=value&username=scott&password=tiger


If the otehr website's login form uses the "post" method (which of these three possibilities is most likely) then you have it a little worse off.  You could
1.  Create a similar "post" form on your own site (with the same action as the other site's form, of course) and just fill in the username and password in hidden fields
2.  Programatically issue a POST to the other server (harder, but definitely possible, especially with the help of some existing library code).
0
 
LVL 4

Expert Comment

by:noam_dz
ID: 17882165
You can use https://www.example.com/login?option=value&username=scott&password=tiger even if the form is orignaly in "post" it will recive "get" as well.
0
 
LVL 13

Assisted Solution

by:AngryBinary
AngryBinary earned 125 total points
ID: 17882168
You could create a form which stores the login and password as hidden values and posts these values to the login page on the other site. What is most important is how the site processes it's logins. Most likely, they have a page with a login form that posts back to a page that validates and performs the login. The latter page is the one you will have to post to, using the names of the form fields on the former page.

If the site uses file access security, which usually manifests as a modal window popup with textbox inputs for login and password, I believe some older browsers support the syntax http://username:password@somesite.com/securedcontent.html to auto-login, however in some newer browsers this capability has been disabled.

It should be noted that no matter what, the site that owns the login page will have the capability to prevent logins from coming elsewhere by checking the referer. Also, this kind of activity might not comply with their intended usage, so it may cause some annoyance on their end.

Cheers,
--Randall
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 19

Expert Comment

by:VoteyDisciple
ID: 17882241
noam_dz, that's not necessarily true.  Some sites are indeed poorly configured, and will treat "get" data the same as "post" data.  It's certainly worth trying  (if it works, hey, problem solved), but it's definitely not a guarantee.  A site designed with a little more attention to detail will consider only posted data for logging in.

In PHP, for example, the login page may look directly at $_POST, and not at $_REQUEST.  
0
 
LVL 18

Assisted Solution

by:Morcalavin
Morcalavin earned 125 total points
ID: 17882260
"You can use https://www.example.com/login?option=value&username=scott&password=tiger even if the form is orignaly in "post" it will recive "get" as well."

Not necessarily.  You can script explicitly to accept get, post, or both.  If the login script is designed to look at post data only, putting it in the querystring isn't going to do any good.
0
 

Author Comment

by:Quetysis
ID: 17882424
thanks everyone!  I'll give those a try and see what happens...
0
 
LVL 1

Assisted Solution

by:jacckk
jacckk earned 125 total points
ID: 17885578
If you want to generalize the action you need the form username field name, password field name, the username and password and the submit URL. You can write an asp/php page, that you pass these values to either by a post to that page or querystring and generate the form dynamically and at the end of the page write an submit acton using javascript.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how can i make amazon approved mobile url 4 53
Programming Language for Wordpress 7 86
Getting robots.txt Error 9 56
problems with widget background image 9 34
Learn by example how to specify CSS selectors for Selenium WebDriver test automation software.
There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question