Solved

Java Server Faces parameter pass?

Posted on 2016-11-16
6
37 Views
Last Modified: 2016-12-04
Hello Experts!

General Scenario:  (and I can't provide exact details thanks to an nda)

I have an application that needs to access a website written in Java Server Faces.  The application supports several end users, and the goal is for the application to grab the users credentials, and log into the website to download their documents and then log off (all automated).  Is there a way to look at the website code to see what the parameters are to pass and then just pass the parameters in the URL.  I looked at the code and I see that Javascript is being used (maybe in the login function?)

Can someone point me in the right direction to go about getting this information?  Tell me how *you* would solve this issue?


-Fox
0
Comment
Question by:the_b1ackfox
  • 3
  • 3
6 Comments
 
LVL 82

Accepted Solution

by:
leakim971 earned 500 total points
ID: 41890685
with chrome do Chrome Menu -> More Tools -> Developer Tools
click on network tab
do a login and click on left on the line you see appear when you click on the login, one the right go on header tab and locate your parameters name
0
 
LVL 9

Author Comment

by:the_b1ackfox
ID: 41891745
I'll give that a try this weekend.  Once I have the parameters is there a particular format to put them into the url string?

https://www.somedumbsite.jsf/?userid=bob,password=1234
0
 
LVL 82

Expert Comment

by:leakim971
ID: 41891868
no, this format use the GET method to post, so you see parameters in the url.
that's why I asked you to check th header, if you it's a POST, check the header to see the parameters name, maybe more than user/password
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 9

Author Comment

by:the_b1ackfox
ID: 41893602
OK, so I couldn't wait until the weekend.  :)  I was able to get the parameters based upon your suggestions!!!  Thank you so much!
1
 
LVL 82

Expert Comment

by:leakim971
ID: 41893622
nice, don't forget to close the question, thanks
0
 
LVL 9

Author Closing Comment

by:the_b1ackfox
ID: 41906379
Thank you for the information, You helped us get pretty far into our project!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now