[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] Using post to test user login
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] Using post to test user login
- From: "Ralph Mitchell" <ralphmitchell (at) gmail.com>
- Date: Fri, 23 Jun 2006 18:43:07 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=agbylpjqVfAOBF8IKQZ8coOsG4M94fogZriS0E7S3zakGQXfEmeBSm0j/SptSV2+cDi7cZuCXXTeE6VfCqJWoFRavlsU4J3us3aqBHrcR7smb4KURdmYBssPxQ8erTY3JHI+SnwkSzHW3Cyetp4ZI1blZHabZqxLxb1B5XZkP1A=
- References: <s49a6783.027@comrcm01intgwia.mandtbank.com> <997a524e0606220811l216410d6k748c6d8ce7c2098f@mail.gmail.com>
Attached are two files:
bb-siteminder.sh is an example script to demonstrate how to login
formextract.pl is a slightly modified copy of Daniel Stenberg's formfind.pl,
which can be found here:
http://curl.haxx.se/docs/programs.html
I'm not a perl programmer, so any screwups in formextract are mine, not
Daniel's... :)
It's doubtful that the example script will work out of the box. I've found
that I generally have to take it in easy stages - fetch the first page,
eyeball it, adjust the script, lather, rinse, repeat.
Ralph Mitchell
On 6/22/06, Ralph Mitchell <ralphmitchell (at) gmail.com> wrote:
OK, I'll see about working up a relatively generic script tonight. As I
recall it works something like:
curl -s -S -L -o home.html http://somesite.domain.com
FORM=`cat home.html | formextract.pl | sed -e 'some stuff'`
curl -s -S -L -o page.html $FORM
That's *very* simplistic, though. 'formextract.pl' is a hack on '
formfind.pl' which comes with curl. It extracts form variables from a
page and returns a string suitable for passing back to curl. The 'sed' part
is usually a bunch of substitutions to insert the userid and password.
Ralph Mitchell
On 6/22/06, PAUL WILLIAMSON <pwilliamson (at) mandtbank.com> wrote:
>
> I'm interested in this as well, as we use siteminder too!
>
> Paul
>
> >>> Shawn.Maschino (at) ge.com 06/22/06 9:41 AM >>>
> Thanks Ralph and Larry - if either of you can share an
> example script that would be great. We are using Siteminder for our
> SSO
> here so it sounds like it may be easy to steal, er, borrow, what you
> have to get it working.
>
>
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe (at) hswn.dk
>
>
>
#!/usr/bin/env perl
# $Id: formfind,v 1.5 2003/04/28 13:48:16 bagder Exp $
#
# formfind.pl
#
# This script gets a HTML page on stdin and presents form information on
# stdout.
#
# Author: Daniel Stenberg <daniel (at) haxx.se>
# Version: 0.2 Nov 18, 2002
#
# HISTORY
#
# 0.1 - Nov 12 1998 - Created now!
# 0.2 - Nov 18 2002 - Enhanced. Removed URL support, use only stdin.
# sometime - echo the first form in a format suitable for dropping
# into a curl command line. - Ralph Mitchell
#
$in="";
if($ARGV[0] eq "-h") {
print "Usage: $0 < HTML\n";
exit;
}
sub namevalue {
my ($tag)= (at) _;
my $name=$tag;
if($name =~ /name *=/i) {
if($name =~ /name *= *([^\"\']([^ \">]*))/i) {
$name = $1;
}
elsif($name =~ /name *= *(\"|\')([^\"\']*)(\"|\')/i) {
$name=$2;
}
else {
# there is a tag but we didn't find the contents
$name="[weird]";
}
}
else {
# no name given
$name="";
}
# get value tag
my $value= $tag;
if($value =~ /[^\.a-zA-Z0-9]value *=/i) {
if($value =~ /[^\.a-zA-Z0-9]value *= *([^\"\']([^ \">]*))/i) {
$value = $1;
}
elsif($value =~ /[^\.a-zA-Z0-9]value *= *(\"|\')([^\"\']*)(\"|\')/i) {
$value=$2;
}
else {
# there is a tag but we didn't find the contents
$value="[weird]";
}
}
else {
$value="";
}
return ($name, $value);
}
while(<STDIN>) {
$line = $_;
push @indoc, $line;
$line=~ s/\n//g;
$line=~ s/\r//g;
$in=$in.$line;
}
while($in =~ /[^<]*(<[^>]+>)/g ) {
# we have a tag in $1
$tag = $1;
if($tag =~ /^<!--/) {
# this is a comment tag, ignore it
}
else {
if(!$form &&
($tag =~ /^< *form/i )) {
$method= $tag;
if($method =~ /method *=/i) {
$method=~ s/.*method *= *(\"|)([^ \">]*).*/$2/gi;
}
else {
$method="get"; # default method
}
$action= $tag;
$action=~ s/.*action *= *(\'|\"|)([^ \"\'>]*).*/$2/gi;
$method=uc($method);
$enctype=$tag;
if ($enctype =~ /enctype *=/) {
$enctype=~ s/.*enctype *= *(\'|\"|)([^ \"\'>]*).*/$2/gi;
if($enctype eq "multipart/form-data") {
$enctype="multipart form upload [use -F]"
}
$enctype = "\n--- type: $enctype";
}
else {
$enctype="";
}
# print "URL=\"$action\"$enctype\n";
$form=1;
}
elsif($form &&
($tag =~ /< *\/form/i )) {
# print "--- end of FORM\n";
print "$action\n";
$form=0;
if( 0 ) {
print "*** Fill in all or any of these: (default assigns may be shown)\n";
for(@vars) {
$var = $_;
$def = $value{$var};
print "$var=$def\n";
}
print "*** Pick one of these:\n";
for(@alts) {
print "$_\n";
}
}
undef @vars;
undef @alts;
}
elsif($form &&
($tag =~ /^< *(input|select)/i)) {
$mtag = $1;
($name, $value)=namevalue($tag);
if($mtag =~ /select/i) {
print "Select: NAME=\"$name\"\n";
push @vars, "$name";
$select = 1;
}
else {
$type=$tag;
if($type =~ /type *=/i) {
$type =~ s/.*type *= *(\'|\"|)([^ \"\'>]*).*/$2/gi;
}
else {
$type="text"; # default type
}
$type=uc($type);
if(lc($type) eq "reset") {
# reset types are for UI only, ignore.
}
elsif($name eq "") {
# let's read the value parameter
print "Button: \"$value\" ($type)\n";
push @alts, "$value";
}
else {
$xname = s/\ /\+/g;
print " -d $name=";
if($value ne "") {
# print "\"$value\"";
print "$value";
}
print " \n";
push @vars, "$name";
# store default value:
$value{$name}=$value;
}
}
}
elsif($form &&
($tag =~ /^< *textarea/i)) {
my ($name, $value)=namevalue($tag);
print "Textarea: NAME=\"$name\"\n";
}
elsif($select) {
if($tag =~ /^< *\/ *select/i) {
print "[end of select]\n";
$select = 0;
}
elsif($tag =~ /[^\/] *option/i ) {
my ($name, $value)=namevalue($tag);
my $s;
if($tag =~ /selected/i) {
$s= " (SELECTED)";
}
print " Option VALUE=\"$value\"$s\n";
}
}
}
}