When starting an internal appserver, I would like to add the username and password. Is it possible to add them as parameter in the URL?
http://linuxutvp1.mymachine.no:9090
This link will ask me for logon credentials. I would like to add &username=""&password="" or something related to that? Is there any other and better solutions?
OEM does support a single sign on mechanism which would be best option in this case. But since it doesn't see if you can make the browser control issue an HTTP post to /login.jsp with the required credentials. The user won't see this request, then open the required page on a successful login.
OEM uses cookies for session management so as long as the cookie setup in the browser control is transferred between the requests it should work.
Other option here is to get the cookie from the original Web Request and plugin that into the cookie store for the browser control object with the correct domain information.
You can call the URL like this: http://user:password@linuxutvp1.mymachine.no:9090
If you do not want to see the username and passqord in the URL (which does not seem to be the case if I understand correctly), then your client should send a properly formatted "Authorization" header (basically "Authorization: " + base64("user:password").
Ok, but it seems like IE and Chrome has stoped the use of that url format....
Given the port I assume you're trying to open a browser against OEM? If so, OEM supports two authentication models: form, and basic. By default it will test to see if the HTTP request contains the HTTP Basic headers. If they are not there, you'll be redirected to the form login page.
So if you're using a web browser as your HTTP client, you would have to use the http://<user>:<password>/server/port format. If you're using a standalone HTTP client set the HTTP headers.
And no, browsers still accept the that format. It is not recommended as your password will show up in your bookmark, but it can still be done.
If you don't want to be remembering/typing passwords, install a browser plugin like lastpass and let it autofill for you.
Anyway, having the user/password as http://user:password@server or as http://server?user=...&password=.... is the same, they end up as clear text in bookmarks or logs. That's why I suggested the Basic authentication header, which is trivial to implement. Digest would be safer but I do not know if OEM implements it.
Digest isn't safer.
Digest requires that the server know the actual cleartext password. Both the client and server compute a hash from the password and the nonce from the HTTP header sent from the client.
Digest isn't supported by OEM because OEM doesn't know the user's password. Passwords stored by OEM are kept as hashes which cannot be reversed back to passwords. Digest cannot be supported.
And you won't see it very often in many places because saving passwords as cleartext on the server is just a plain bad idea.
If you're worried about making your connection "safer", use SSL with a properly setup server certificate.
By doing this, I am able to connect:
USING System.IO.*.
USING System.Net.*.
DEFINE VARIABLE oReq AS System.Net.WebRequest NO-UNDO.
DEFINE VARIABLE oResp AS System.Net.WebResponse NO-UNDO.
DEFINE VARIABLE oDS AS System.IO.Stream NO-UNDO.
DEFINE VARIABLE oReader AS System.IO.StreamReader NO-UNDO.
DEFINE VARIABLE lc AS LONGCHAR NO-UNDO.
oReq = WebRequest:Create('linuxutvp1.xxxx.no:9090').
oReq:Credentials = NEW NetworkCredential('xxx','yyy').
oReq:Method = 'GET'.
oResp = oReq:GetResponse().
Now I want to call my webbrowser object with the url and credentials. Is that possible?
I am using a program with this object.....
System.Windows.Forms.WebBrowser
Let's back up here a moment.
What are you trying to do? Are you trying to start an appserver setup in OEM from an HTTP client? If so you can use HTTP basic, and the built-in HTTP client in the ABL to do this? You don't need to use .NET.
Second, Why do you need the web browser? What do you intend to do with it?
I want the customer to have a menu link that opens a window with a webbrower interface. I want the user/password to be hidden for this user, and I want to go to the following link:
linuxutvp1.xxxx.no:9090/.../oelogfileview.jsp
There is other links as well where it would be nice to hide the user/password, or to automatic add it for the user.
OEM does support a single sign on mechanism which would be best option in this case. But since it doesn't see if you can make the browser control issue an HTTP post to /login.jsp with the required credentials. The user won't see this request, then open the required page on a successful login.
OEM uses cookies for session management so as long as the cookie setup in the browser control is transferred between the requests it should work.
Other option here is to get the cookie from the original Web Request and plugin that into the cookie store for the browser control object with the correct domain information.
ok, then I have to do some testing :-) thanks !