| Author |
Windows Authentication: pass username/password in URL
|
Rob Hunter
Ranch Hand
Joined: Apr 09, 2002
Posts: 788
|
|
Is it possible to pass both username and password in on the URL therefore bypassing the popup window prompting for both? I'm referring to http protocol and not ftp. Thanks.
Rob
|
 |
Eric Pascarello
author
Rancher
Joined: Nov 08, 2001
Posts: 15357
|
|
Is that really safe?
Eric
|
|
amit punekar
Ranch Hand
Joined: May 14, 2004
Posts: 488
|
|
Hello,
I guess you are referring to the Basic Authentication dialog that appears when you access protected resources.
The username/pwd we enter in those are sent to the server in request header using "Authorization" header. I do not think you can pass them in request URL.
If you are planning to request protected resources programmatically then HTTPClient can be used to embed the credentials in the request.
Regds
Amit
|
Regards,
Amit
|
|
Rob Hunter
Ranch Hand
Joined: Apr 09, 2002
Posts: 788
|
|
Hi Eric,
Normally it wouldn't be. In this case, however, we're dealing with a more controlled area. We aren't calling the page from the browser either but through a different means and it's on a local network, not on the WWW.
Rob
|
|
Dan Drillich
Ranch Hand
Joined: Jul 09, 2001
Posts: 1121
|
|
Rob,
In case you do need the Basic Authentication syntax in the url, as Amit said, then it's http(s)://username:password@server/resource.ext
>We aren't calling the page from the browser either but through a different means...
Great, because IE has some restrictions described at The default behavior of Internet Explorer for handling user information in HTTP and in HTTPS URLs
Regards,
Dan
[ October 22, 2007: Message edited by: Dan Drillich ]
|
William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
|
|
 |
|
|
subject: Windows Authentication: pass username/password in URL
|
|
|
0
