First Search Automated Login -- NO script required!!!

Wilfred [Bill] Drew drewwe at snymorva.cs.snymor.edu
Wed Jul 24 12:59:37 EDT 1996


Attached you willfind the login page I created for automated login to
First Search.  IT DOES NOT REQUIRE A SCRIPT!!!!!!

The only precaution is that it must be put into a location only your
authorized users can reach.  I put it into a secure directory that only
users within our local domain of snymor.edu can reach.  Security is
provided by the World Wide Web server.  I beleive most servers have this
capability to restrict access by domain.

The one other "problem" is that a sophisticated user can look at the
source and get the password and authorization.  
--
Wilfred Drew (Call me "Bill") Serials/Reference/Systems Librarian
SUNY College of Ag. & Tech.;   P.O. Box 902;  Morrisville, NY 13408-0902
Internet: DREWWE at SNYMORVA.CS.SNYMOR.EDU
Phone: (315)684-6055 or 684-6060 Fax: (315)684-6115 
Homepage: http://www.snymor.edu/~drewwe/
Not Just Cows Homepage: http://www.snymor.edu/~drewwe/njc/
LibraryLinks: http://www.snymor.edu/pages/library/
--
-------------- next part --------------

Below you will find the html coding for the WWW connection 
from our FirstSearch Page.  
                     
This page is in a secure location on our server so that only users in our 
snymor.edu domain can get to it.  I have replaced the authorization and 
password with dummy text.
---------------------------HTML Code follows-----------------------------------
<H2>The new FirstSearch<sup>&#174;</sup> Web Service
</H2>
<P>Click on  ( or highlite) the [Connect to FirstSearch Web] button. Use this
if you are using Netscape or another graphics based browser.

<!--- The FORM METHOD must all be on one line.  It is on two lines here for 
ease of reading--->
<FORM METHOD=POST ACTION=
http://www.ref.oclc.org:2000/FUNC/LOGIN:next=html/fs_dbs.htm
:sessionid=0:entityProductName=FirstSearch>

<input type=SUBMIT value="Connect to FirstSearch Web">
<input SIZE=12 type=hidden name="autho" value="###-###-###">
<!---Replace "###-###-###" with your authorization number --->
<input SIZE=12 type=hidden name="password" value="#$%@^&*">
<!--- Replace "#$%^&*" with your password--->
</form>
------------------end of HTML coding-----------------------

The page you place this text in MUST be in a SECURE directory accessible only 
to your authorized users.  Almost all httpd servers have such a function 
available that would restrict either to a particular group of local internet 
addresses or to a particular group of users.  

--
Wilfred Drew (Call me "Bill") Serials/Reference/Systems Librarian
SUNY College of Ag. & Tech.;   P.O. Box 902;  Morrisville, NY 13408-0902
Internet: DREWWE at SNYMORVA.CS.SNYMOR.EDU
Phone: (315)684-6055 or 684-6060 Fax: (315)684-6115
New Homepage: http://www.snymor.edu/~drewwe/
--
..


More information about the Web4lib mailing list