[hobbit] Using post to test user login

Maschino, Shawn (GE Indust, Plastics) Shawn.Maschino at ge.com
Thu Jun 22 15:41:06 CEST 2006 

            Thanks Ralph and Larry - if either of you can share an
example script that would be great.  We are using Siteminder for our SSO
here so it sounds like it may be easy to steal, er, borrow, what you
have to get it working.

 

________________________________

From: Ralph Mitchell [mailto:ralphmitchell at gmail.com] 
Sent: Wednesday, June 21, 2006 11:00 PM
To: hobbit at hswn.dk
Subject: Re: [hobbit] Using post to test user login

 

I've been doing exactly that for years, with Big Brother scripts.  As
such, it's all in Bourne shell, using curl to fetch web pages, grepping
for the interesting bits, then using curl again to post the pages back.
Some of the scripts grind right through the Siteminder login process,
which bounces you from the original server to the authenticating server,
then back again.  Curl handles the redirects just fine.  It also deals
with SSL on secure web servers. 

If you're interested, I can see about stripping out the company specific
stuff from one of them, so you can see how it works.  There should be no
problem integrating with Hobbit.

OK, so it's not Python or Perl, but it was what I had to work with 6
years ago when I started.  I keep telling myself that when the rush dies
down I'll see about converting to Python... 

Ralph Mitchell



On 6/21/06, Maschino, Shawn (GE Indust, Plastics)
<Shawn.Maschino at ge.com> wrote: 

            Hi all - I ran into a challenge and was wondering if anyone
else had seen it and found a workaround.  I'd like to use the "post"
function of the HTTP test to verify a web page that does user
authentication for an application.  The way the login works is:

 

-          User enters login details on a web form

-          The user is sent to a "middle" page while authentication is
done

-          If authentication is successful they are redirected into the
web application, otherwise they redirect to an error page

 

When using the post check I can only get to that middle page, which
doesn't tell me if authentication was correct or not.  The reason for
the middle page is that this web site is using SSO authentication
against an external LDAP system.  We'd need to be able to get to the
page that the redirect pushes to.  Does anyone know if there is a way
around this?  My first impressions would be no, but I thought it
wouldn't hurt (too much!) to ask. 

 

Thanks!

 

Shawn

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20060622/2fcb210c/attachment.html>

More information about the Xymon mailing list