Re: How to redirect headers in Perl?

From: Crazy Monkey (wlin98004_at_hotmail.com)
Date: 03/11/04 

Date: 11 Mar 2004 14:29:20 -0800

> Well. I was able to "jam" the cookie setting into the header and it
> did not solve my problem. I used a tool to look at the request and
> the responses. I see that the cookie is set properly. What I lack is
> the the authorization line? When I hit the secure site directly and
> login properly, I see the following line been sent to the server in
> the header on almost all of the my requests. By the way, the login is
> not a web page login, but a Realm login (Windows Pop-up box).
>
> Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxx
>
> I used the authorization_basic( $user, $password ) in my Perl code,
> but the authentication is not sticking. It works for the page that I
> am fetching through the Perl. By the way, the Perl page is located on
> a web server. It is not on the client machine.
>

There are times, you have to cut your losses. After spent two days on
this, we decided NOT to use the autologin feature. Instead, we are
going to let user authenticate themselves.

If someone has an idea on how to do windows Basic authentication on a
server and make it stick on a client, I am still interested for future
reference.

Crazy Monkey

Relevant Pages

  • [REVS] NTLM HTTP Authentication is Insecure By Design
    ... in front of a web server, and that proxy server shares a single TCP ... These are attacks that make use of non-RFC HTTP requests (HTTP Request ... the authentication is associated with the ...
    (Securiteam)
  • Re: EAP-TLS with windows CE
    ... The AP was sending out an Identity Request every second, ... request to the identification server. ... When the server asks the Windows CE device to identify itself, ... I could easily steal your authentication information. ...
    (microsoft.public.windowsce.platbuilder)
  • Re: Directory Services, LDAP or similar
    ... In other projects, we managed the user authentication by creating tables that define all users and its allowed capacities, then the application queryies that data to verify if a user has access to some feature or not. ... The above ID and password are sent to the service at login time. ... They are using Novell eDirectory at the enterprise level; yes it's LDAP. ... We already do that for three different DB servers; ...
    (borland.public.delphi.non-technical)
  • Re: Is there malware on my Server?
    ... be exposing to the internet some means of authenticating to the server. ... Anonymous Access is checked and the login uses the ... Integrated Windows Authentication is checked. ... Administrador indicates hack attempts to log on with the Administrator ...
    (microsoft.public.windows.server.security)
  • Re: Directory Services, LDAP or similar
    ... we managed the user authentication by creating tables ... The above ID and password are sent to the service at login ... Novell eDirectory at the enterprise level; yes it's LDAP. ... servers; ...
    (borland.public.delphi.non-technical)