?
Solved

Pass Username and Password

Posted on 2013-11-06
8
Medium Priority
?
415 Views
Last Modified: 2013-11-13
I have a website that requires Username and Password to log in. Is it possible that I pass the username and password as arguments in the URL so that users are not asked for credentials?
0
Comment
Question by:ramziabk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 7

Assisted Solution

by:aamodt
aamodt earned 200 total points
ID: 39627197
You need to use GET insted of POSTS on the login form.
But not recommendend since all get passed in clear text.

But it always will when you not using SSL.

http://example.com/login.php?user=test&pass=1234
0
 
LVL 53

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 400 total points
ID: 39627219
Short answer is yes.

Your question sounds like you are trying to work around your system.  I find workarounds are short term solutions leading to long term problems.    If you don't want a username and password, then change your serverside coding.   You could also set the credentials for being "logged in" to a cookie or session and either can expire in x minutes, hours, days...never.

I would suggest working on a better and more secure solution than adding a password to the url which is a security risk.
0
 
LVL 43

Assisted Solution

by:Chris Stanyon
Chris Stanyon earned 400 total points
ID: 39627346
What security model are you using on the website (htaccess, CAPTCHA device etc.)- that will dictate how you can login. It may not be possible to just pass in a URL, and as has already been said - it's certainly not recommended!
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 1

Author Comment

by:ramziabk
ID: 39627624
Thanks for the information. However, There are no security threat here. It simply client access to a camera live streaming . No need to use authentication.
0
 
LVL 1

Author Comment

by:ramziabk
ID: 39627629
Plus note that there is a popup for the link.

This is my link below:

http://blomlive.dyndns.org:1130/

I tried adding user=test&pass=1234 but it didn't work.

Thanks
0
 
LVL 53

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 400 total points
ID: 39627702
It would actually have been http://test:1234@blomlive.dyndns.org:1130/ I don't believe you can use that in urls anymore.   Since you don't care about security, just remove the password protection from the virtual folder you are accessing.
0
 
LVL 43

Accepted Solution

by:
Chris Stanyon earned 400 total points
ID: 39627745
I can't even login manually with those details. You are using htaccess to protect the folder so padas is correct. You would login like this:

http://test:1234@blomlive.dyndns.org:1130/

if there's no need to use authentication then why use it?
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 39644883
ramziabk:

By grading the answers here a C, you are saying the answer is incomplete.  In order to award this grade, you should explain the reasoning and give us a chance to better help you.  Also know that sometimes the answer is there is no answer or it is an answer you may not like.

http://support.experts-exchange.com/customer/portal/articles/481419-what-grade-should-i-award-?b_id=44
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
This article covers the basics of the Sass, which is a CSS extension language. You will learn about variables, mixins, and nesting.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question