Automating CGI logons - clarification & further question

JQ Johnson jqj at darkwing.uoregon.edu
Sat Jan 27 17:00:23 EST 1996


Charles Blair <chas at nirvana.lib.uchicago.edu> provides a good discussion
of how to set up a proxy telnet server that would allow security checks.
It occurs to me that there is another approach in some environments,
those that support one-time-only passwords.  One could imagine a form
and CGI script that obtained information from the user, generated a
one-time-only password, and returned an HTML redirect to the appropriate
telnet destination, e.g.:
	telnet://user:password@host.dom.edu
For this to work, we would need (a) a browser capable of handling telnet
or rlogin URLs that included both a user name and password, and (b)
a service that supports one-time-only passwords (note that without 1-t-o
passwords, such a redirection would reveal the password to the user).

Does anyone have any experience with implementing such a scheme?  What
browsers and services satisfy the requirements I've outlined?

 JQ Johnson                       office: 115F Knight Library
 Academic Education Coordinator   Internet: jqj at darkwing.uoregon.edu
 1299 University of Oregon        voice: 541.346.1746
 Eugene, OR  97403-1299           fax: 541.346.3485


More information about the Web4lib mailing list