August 7th, 2013, 03:12 PM
Adding a username/password to a URL or passing username/password to another URL
Edit - This is for a non-production site. This is not going to be used by the general public. (Sorry... I should have noted this first)
I want the following logic to happen.
2. New window opens
3. Username/Password are already entered
4. User clicks 'Login'
5. User is logged in
I'm at a loss... I've seen this occur before (Yes... after IE fixed the issue with IE6+), but I can't figure it out on my own... Need some help.
I've tried this...
and this... (using query parameters)
I just tried the following based on the id's of each field...
It also didn't work...
Wondering if there's a JS for this that would work in IE8?
August 7th, 2013, 03:23 PM
I wouldn't send a username/password in a query string; that's not very security savoy; as a matter of fact..., that just defeats the purpose of having a login validation. All some one would have to do; is view a browser's history and they would have your end user's login credentials. You need to pass it with server-side sessions or cookies or... if security is not real concern; you could do this with HTML5 Web Storage using localStorage or sessionStorage.
August 7th, 2013, 03:24 PM
The username:password@ syntax only works for HTTP authentication, where your browser will probably present a pop-up login dialog (not something embedded in the page).
Assuming the login stuff is on a different site,
1. Since you have the credentials, why not just make the form on your side and have the user submit it that way? No need to go to the login page.
2. If you have to go to the login page after all, you could only fill in the boxes like that if the page itself supports that. If not then you're out of luck. Best chance would be putting the information in the URL using the same field names as in the form, but (a) now you're putting the credentials in the URL and that's a very big no-no and (b) if the login page is written at all well then it wouldn't work.
August 7th, 2013, 04:14 PM
See my edit above... I should have noted that from the beginning.
August 7th, 2013, 07:38 PM
August 7th, 2013, 08:46 PM
@E-Oreo - How could I do it with a browser extension?
Originally Posted by E-Oreo
This is for a school website. Our advisors use the website to guide students through the site. The issue is that if the username/password are entered in incorrectly, then the site locks up for 15 minutes. We have a lot of Advisors and about 100,000 students. We bed the site open at all times. I figured with the credentials already in, the user would only have to click login, and we could avoid that mess.
Additionally, I can't place a script on the site itself because its also our public facing site that students use to log in. This is why I want to somehow script it so that if the site is accessed from another Intranet site (on our internal network), then the advisor can be logged in without messing with the credentials and locking up a valuable website...
What if I were to contain the schhol login site on our intranet site, inside an iframe? Would that make any difference?
August 8th, 2013, 11:34 AM
Welcome to DevShed Forums, webfrogs.
I'd suggest making a special page with a pre-filled-in login form that can only be accessed from your intranet.
After a single failure? That's quite excessive. (And not very much protection if someone writes a program to do a "brute force attack".) People mistype things all of the time. Also using complex passwords makes it easy to misremember slightly. Though most people use exceedingly simple passwords.
Originally Posted by webfrogs
August 8th, 2013, 12:43 PM
How would I do that and have it connect to the actual site, validating the credentials to sign in?
Originally Posted by Kravvitz
August 8th, 2013, 10:13 PM
Set the form's action attribute to the same URL that the real login form's action attribute points at.