To additionally secure automated login, an extra redirect can be used, so the page itself does not contain the password. Or even better and without any password exposure is a page/form which calls an agent which makes login in background and then passes the session cookie back to the initial page. But that's a topic for another blog post. Here i will show the simplest solution.
<form action="/names.nsf?Login" method="POST" name="LogonForm">
<input type="hidden" name="Username" value="myname">
<input type="hidden" name="Password" value="mypassword">
<input type="hidden" name="RedirectTo" value="/anotherdb.nsf/view?OpenView">
</form>
<script>
document.forms[0].submit();
</script>
When user opens this page, the first form gets automatically submitted to "/names.nsf?Login". User gets logged in to Domino with username and password specified in the form's fields and then redirected to another database according to the value in RedirectTo field.
Tags: Lotus Domino
29 comments:
Good idea. I knew there was a reason why it always felt safer to do things over POST than by sticking it in the URL. (I use a technique like this in my ajax libraries -- works great.)
Look at http://ezscript.nl
This can also do automated authentication in the POST data.
hmm. this didn't seem to work on my 8.5 server..I'm still prompted to login.. Does it require certain server settings?
Hi Andrei, and thanks for the ideas!
We have a custom portal for the Notes client. In this portal, we have links to various resources including some secure Domino pages.
When users click on links to these secure Domino pages, I would like them to be automatically logged in and directed to the page.
Since this is in the Notes client, I want to use LotusScript to create a reusable function for this purpose. The code for this function is listed below, but I'm not sure how to proceed. After sending the POST the responseText property contains the HTML for the targetUrl, and responseHeaders contains something like this:
"Server: Lotus-Domino
Date: Mon, 21 Sep 2009 16:01:33 GMT
Last-Modified: Mon, 21 Sep 2009 16:01:31 GMT
Content-Type: text/html; charset=US-ASCII
Content-Length: 812
Cache-control: private
ETag: W/"MTAtODEwNS04NTI1NzYzODAwYRETEjMwLTAtMC1DTj1XaWxsaWFtIEhhbnNvbi9PPU1haW5saW5l"
"
How can I use the information returned by the POST to open a browser window to the correct page?
Is ETag some sort of session id that I can pass on the URL to automatically authenticate the user?
Is this even possible?
Here's my code so far...
Sub UrlOpenDominoLink(Byval host As String, Byval userName As String, Byval password As String, Byval targetUrl As String)
Dim xmlhttp As Variant
Dim content As String
content = "&redirectto=" & targetUrl & "&username=" & userName & "&password=" & password
Set xmlhttp = CreateObject("Msxml2.XMLHTTP")
Call xmlhttp.open("POST", host & "/names.nsf?login", False)
Call xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")
Call xmlhttp.setRequestHeader("Content-length", Len(content))
xmlhttp.send(content)
Dim responseText As String, responseHeaders As String
responseText = xmlhttp.responseText
responseHeaders = xmlhttp.getAllResponseHeaders()
End Sub
I was looking for information on Automated login to Domino by HTTP POST request and before ending in your blog I watched like 10 sites about generic viagra, web is full with that topic. But anyways the info on your site help me very much, thanks for the post and have a nice day.
Hello Andrei,
I'm interested in your comment "an agent which makes login in background and then passes the session cookie back to the initial page".
Can you point me in the right direction to get started using this approach?
You have shared a great idea.Thanks for post!
Thanks for your article,like your blog very much,well done
Cool post. Very interesting and fascinating. Excellent. Thank You for your good job.
Good idea.Thanks for post!
Hey nice blog... its is really amazing.
very good, your blogs may be useful
please visit my website
RUMAH BANDAR
I really like the article you are doing and something very interesting article to search
togelpelangi
http://www.daftarlegendasepakbola.web.id/
http://www.daftarmatauangdunia.web.id/
http://www.daftarmenumasakan.web.id/
http://www.daftarmobilterbaru.web.id/
http://www.daftarorangkaya.web.id/
http://www.daftarpantaiindonesia.web.id/
http://www.daftarpemandanganindah.web.id/
http://www.daftartanamanhias.web.id/
http://www.daftartanamanobat.web.id/
http://www.ekoarispujianto.web.id/
http://www.idntotomacau.com/
http://www.idnmacau.com/
http://www.daftartotomacau.net/
http://www.jokergaming.asia/
http://www.s-128.org/
http://www.maxbetth.net/
http://www.kaichon-online.com/
http://www.poker-thai.com/
This is really a very good article. Thanks for taking the time to discuss with us, I feel happy about learning this topic. keep sharing your information regularly for my future reference.
I like the articles that are shared very well
http://www.registeridnlive.com/
http://www.gamejadul.net/
http://www.agentotomacau.org/
http://www.registercasinoidnlive.com/
Incredible information... Thanks alot... Keep sharing!!!
Creative Graphic Design
terimakasih infonya ya, jangan lupa klik dan mampir disini link maxbet indonesia
You posted this forever ago, but I just happened to need this for my project and it worked perfectly! Thank you for sharing.
Nice Blog
Thanks for sharing.I have read your blog.great Written
play poker game free
poker strategy
texas poker
play poker online
texas holdem poker
SENANGDOMINO
RAJAPOKER88
Kode ID Pro DominoQQ
https://pkvgames-dominoqq.weebly.com/
POKER ONLINE PULSA
https://senangdomino-depositovo.weebly.com/
https://senangdomino.webflow.io/
http://senangdomino.over-blog.com/
https://senangdomino.home.blog/
nice blog I really like the article you are doing and something very interesting article to search
Logo Design
Graphic Design
Thrones of Brand
Social Media Design
in modo che il tempo di giocare a tutti i giochi d'azzardo online sul sito Audy88 non sia perso e possa trarre il massimo dai benefici che possono essere ottenuti con il tempo che non viene sprecato.
https://netsconsults.com/index.php?option=com_k2&view=itemlist&task=user&id=2223910
http://fincasg8.com/index.php?option=com_k2&view=itemlist&task=user&id=1406264
http://dostoyanieplaneti.ru/index.php?option=com_k2&view=itemlist&task=user&id=1479081
ข่าว อีสปอร์ต
Thanks for sharing this article.
Bio - https://real-money-games.webs.com/
Play and Win!!!
SahabatQQ
Agen Domino99
Agen DominoQQ
hi, this is very informative post.Thank you Games pkv
Post a Comment