Re: Perl LWP Authentication Scripts...

jmckinzie · ‎10-17-2007

Can you guys help me with this?

I have a site protected by siteminder.....

Thus when going to the internal URL, it redirects us to a siteminder username/apssword page, then redirects us back to the original site.

How can i login and pull the page via lwp?

Here is my code:

#!/usr/bin/perl

use English;
use strict;
use CGI ();
use LWP::UserAgent ();
use HTTP::Request::Common qw(POST);
#use LWP::Debug qw( + );

my $Webjump = 'https://blah.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-00034bb7-e037-116f
-8241-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZPwkzRg6Ka38 kNya45FRtm
Gxbt4%2fdZsHY6%2ftkVw44&TARGET=$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi';

my $red = 'https://blah.com/cgi-bin/TISLogReview/index.cgi';

sub main ()
{
my $cgi = new CGI();
my $redirect = "$Webjump";

my @parameterNames = $cgi->param();
foreach my $parameterName (@parameterNames) {
my $parameterValue = $cgi->param($parameterName);
if ($parameterName eq "USER"){
my $USER = $parameterValue;
}
elsif ($parameterName eq "PASSWORD") {
my $secretname = $parameterValue;
}
else
{
printError($cgi,
"Illegal parameter $parameterName passed to sso.pl");
return();
}
$redirect .= "$parameterName=$parameterValue&";
}

print($cgi->redirect($redirect)); #=> This works!!

# => BELOW ARE SOME OF THE POST METHODS I TRIED

my $userAgent = new LWP::UserAgent();
push @{ $userAgent->requests_redirectable }, 'POST';

#METHOD 1
my $req = new HTTP::Request POST => $Webjump;
my $req = POST $Webjump,
['USER' => 'username',
'PASSWORD' => 'password'];
my $res = $userAgent->request($req);
my $contentString = $res->as_string;

my $response =new HTTP::Request GET => $red;
print $response->content;

}

# Kick off the script
main();

Here is the output:

# ./plate.pl
Status: 302 Moved
Location: https://blah.com/siteminderagent/for...e037-116f-8241
-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZPwkzRg6Ka38 kNya45FRtmGxbt4
%2fdZsHY6%2ftkVw44&TARGET=$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi

LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST https://uihs.nj.ssmb.com/sitemindera...433&REALMOID=0
6-00034bb7-e037-116f-8241-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZP
wkzRg6Ka38kNya45FRtmGxbt4%2fdZsHY6%2ftkVw44&TARGET =$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi
LWP::UserAgent::_need_proxy: Not proxied
LWP:rotocol::http::request: ()
LWP::UserAgent::request: Simple response: Found
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST https://uihs.nj.ssmb.com/cgi-bin/TISLogReview/index.cgi
LWP::UserAgent::_need_proxy: Not proxied
LWP:rotocol::http::request: ()
LWP:rotocol::collect: read 859 bytes
LWP::UserAgent::request: Simple response: OK

-------------------------------------------

Why isn't it retrieving my content?
my $response =new HTTP::Request GET => $red;
print $response->content;

-Thanks in Advance,

Heironimus · ‎10-17-2007

SiteMinder is complicated, so what you need will depend on how the other end is set up to operate. But one thing I see is that you don't seem to be setting a cookie_jar in LWP. SiteMinder authentication sometimes uses cookies to identify a client after login.

jmckinzie · ‎01-31-2008

Had to create a cookie container.

# Open Cookie Object
my $cookie_jar = HTTP::Cookies->new(
file => "/adminweb/usm/tlrs/cookies.t",
autosave => 1,
);

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Perl LWP Authentication Scripts...

Perl LWP Authentication Scripts...

Re: Perl LWP Authentication Scripts...

Re: Perl LWP Authentication Scripts...