cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Re: Using cURL to login to remote sites and pass login credentials to thebrowser

From: Jeffrey Silverman <jeffrey_at_jhu.edu>
Date: Tue, 15 May 2007 13:48:20 -0400

Um, could you give me an example of what you mean? Which headers would
be the "signin headers"?

I am trying to set up a script that needs to authenticate in one
place, send the username to another place, and use a stored
username/password hash to login to the final place. Why so
complicated? Well:

1) I am forced to use SiteMinder for authentication, as that is the
only conduit to my University's enterprise authenticaiton.

2) The site I want to log people into is actually a Confluence site
and (a) I don't have access to the source code and (b) even if I did,
I am not a Java hacker and it would take me a Real Long Time(TM) to
create a re-worked authentication module.

References:
SiteMinder: http://www.ca.com/us/products/product.aspx?id=5262
Confluence: http://www.atlassian.com/software/confluence/

So as a result, I am trying to write a wrapper in PHP to process the
login and redirect the user to a properly logged-in Confluence page.
My core problem is transferring the authentication
headers/cookies/whatever from the "virutal browser" that cURL creates
to the real browser being use by the end user.

Also, I realize there are several security implications in this
proposed process -- feel free to point them out, though; I won't mind!

Thanks again!

On 5/15/07, Steve Cook - CTO <stevec_at_cheatcodes.com> wrote:
> Howdy!
>
>
> Couldn't you just send the signin headers (POST/GET form info) using the PHP
> header() function to the sign-in page? (actually send the browser there).
> Or does it need to be through a server?
>
> -steve
>
>
> -----Original Message-----
> From: curl-and-php-bounces_at_cool.haxx.se
> [mailto:curl-and-php-bounces_at_cool.haxx.se] On Behalf Of Jeffrey Silverman
> Sent: Tuesday, May 15, 2007 11:09 AM
> To: curl-and-php_at_cool.haxx.se
> Subject: Using cURL to login to remote sites and pass login credentials to
> thebrowser
>
> Is this possible?
>
> 1) Use cURL library within PHP (cURL + "Cookie Jar", et.al) to create a
> virtual browser session that "logs in" to a remote site. (For example:
>
> here:
> http://curl.haxx.se/libcurl/php/examples/cookiejar.html
>
> and here:
> http://curl.haxx.se/libcurl/php/examples/ebay_login.html
>
>
> 2) Save the login credentials -- cookies, session vars, whatever -- and
> pass that to the web browser so that now the web browser is logged in.
>
> Is that possible?
>
> How can one take the values in the cookie jar and create the same cookies
> in the browser session?
>
> etc.
>
> Thanks!
>
> --
> Jeffrey Silverman
> _______________________________________________
> http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
>

-- 
Jeffrey Silverman • jeffrey_at_jhu.edu • (410) 579-4756
The Johns Hopkins University
Engineering Programs for Professionals
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2007-05-15