scripted access & basic server authentication
Hal Bloom
hbloom at hbs.edu
Wed Dec 16 11:50:38 EST 1998
We would like to use just one login and password for accessing some of our
information providers who use basic authentication on their web servers
(rather than distributing individual credentials).
Basically, we want to use a secured script which redirects the user's
browser to the provider's site, with the username/password embedded in the
URL. This part is simple.
The problem is whether there is a method that the provider could use so
that the username:password doesn't appear in the browser URL window after
the connection is established. It appears that redirects using
meta-refresh maintain the username:password, and a script in the same
directory on the provider's site would presumably be readable by the user.
If anyone has found a successful way of doing this, I'd be most interested
in hearing of it.
Thanks much,
Hal Bloom
---------------------------------------
Hal Bloom (617)496-1141
Coordinator, Integrated Library Systems
Baker Library - Harvard Business School
---------------------------------------
More information about the Web4lib
mailing list