Thanks Ralph and Larry - if either of you can share anexample script that would be great. We are using Siteminder for our SSO here so it sounds like it may be easy to steal, er, borrow, what you have to get it working.
From: Ralph Mitchell [mailto:ralphmitchell at gmail.com] Sent: Wednesday, June 21, 2006 11:00 PM To: hobbit at hswn.dk Subject: Re: [hobbit] Using post to test user login
I've been doing exactly that for years, with Big Brother scripts. As such, it's all in Bourne shell, using curl to fetch web pages, grepping for the interesting bits, then using curl again to post the pages back. Some of the scripts grind right through the Siteminder login process, which bounces you from the original server to the authenticating server, then back again. Curl handles the redirects just fine. It also deals with SSL on secure web servers.
If you're interested, I can see about stripping out the company specific stuff from one of them, so you can see how it works. There should be no problem integrating with Hobbit.
OK, so it's not Python or Perl, but it was what I had to work with 6 years ago when I started. I keep telling myself that when the rush dies down I'll see about converting to Python...
Ralph Mitchell
On 6/21/06, Maschino, Shawn (GE Indust, Plastics) <Shawn.Maschino at ge.com> wrote:
Hi all - I ran into a challenge and was wondering if anyoneelse had seen it and found a workaround. I'd like to use the "post" function of the HTTP test to verify a web page that does user authentication for an application. The way the login works is:
User enters login details on a web formThe user is sent to a "middle" page while authentication isdone
If authentication is successful they are redirected into theweb application, otherwise they redirect to an error page
When using the post check I can only get to that middle page, which doesn't tell me if authentication was correct or not. The reason for the middle page is that this web site is using SSO authentication against an external LDAP system. We'd need to be able to get to the page that the redirect pushes to. Does anyone know if there is a way around this? My first impressions would be no, but I thought it wouldn't hurt (too much!) to ask.
Thanks!
Shawn