Member Avatar for jmckinzie

Can you guys help me with this?

I have a site protected by siteminder.....

Thus when going to the internal URL, it redirects us to a siteminder username/apssword page, then redirects us back to the original site.

How can i login and pull the page via lwp?

Here is my code:

#!/usr/bin/perl


use English;
use strict;
use CGI ();
use LWP::UserAgent ();
use HTTP::Request::Common qw(POST);
#use LWP::Debug qw( + );

my $Webjump = 'https://blah.com/siteminderagent/forms/login.fcc?TYPE=33554433&REALMOID=06-00034bb7-e037-116f
-8241-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZPwkzRg6Ka38 kNya45FRtm
Gxbt4%2fdZsHY6%2ftkVw44&TARGET=$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi';

my $red = 'https://blah.com/cgi-bin/TISLogReview/index.cgi';

sub main ()
{
my $cgi = new CGI();
my $redirect = "$Webjump";

my @parameterNames = $cgi->param();
foreach my $parameterName (@parameterNames) {
my $parameterValue = $cgi->param($parameterName);
if ($parameterName eq "USER"){
my $USER = $parameterValue;
}
elsif ($parameterName eq "PASSWORD") {
my $secretname = $parameterValue;
}
else
{
printError($cgi,
"Illegal parameter $parameterName passed to sso.pl");
return();
}
$redirect .= "$parameterName=$parameterValue&";
}

print($cgi->redirect($redirect)); #=> This works!!

# => BELOW ARE SOME OF THE POST METHODS I TRIED

my $userAgent = new LWP::UserAgent();
push @{ $userAgent->requests_redirectable }, 'POST';

#METHOD 1
my $req = new HTTP::Request POST => $Webjump;
my $req = POST $Webjump,
['USER' => 'username',
'PASSWORD' => 'password'];
my $res = $userAgent->request($req);
my $contentString = $res->as_string;

my $response =new HTTP::Request GET => $red;
print $response->content;

}

# Kick off the script
main();

Here is the output:

# ./plate.pl
Status: 302 Moved
Location: https://blah.com/siteminderagent/for...e037-116f-8241
-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZPwkzRg6Ka38 kNya45FRtmGxbt4
%2fdZsHY6%2ftkVw44&TARGET=$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi

LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST https://uihs.nj.ssmb.com/sitemindera...433&REALMOID=0
6-00034bb7-e037-116f-8241-808d67a50008&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGE NTNAME=$SM$6u%2by8Xv45zujpG8vqd8c%2fvGZP
wkzRg6Ka38kNya45FRtmGxbt4%2fdZsHY6%2ftkVw44&TARGET =$SM$%2fcgi-bin%2fTISLogReview%2findex%2ecgi
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::UserAgent::request: Simple response: Found
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST https://uihs.nj.ssmb.com/cgi-bin/TISLogReview/index.cgi
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::collect: read 859 bytes
LWP::UserAgent::request: Simple response: OK

-------------------------------------------

Why isn't it retrieving my content?
my $response =new HTTP::Request GET => $red;
print $response->content;


-Thanks in Advance,

  • 3 Contributors
  • 4 Replies
  • 188 Views
  • 2 Months Discussion Span
  • Latest Post Latest Post by roryne
Member Avatar for KevinADC

Few sites just have a login page, they generally use sessions/cookies to track you while on the site. Otherwise you can simply bypass the login screen and go directly to the content pages.

Member Avatar for jmckinzie

I understand that but I am getting the login part, just not redirecting correctly.

Could you help by suggesting code changes as I am still new to this perl /LWP thing?


Thanks,
jody

Member Avatar for KevinADC

Sorry mate, I have little experience with LWP and it's sub classes. I also think I misunderstood your question.

Member Avatar for roryne

I would think your best bet is to authenticate your session, then try to navigate to whatever you're after.

Here's a bit of code (don't even remember if this worked at this stage, was just showing someone at the time) I wrote awhile back for someone that should give you a basic outline of how it works.

http://roryne.com/perl.txt

Basically it pulls the form name from the page and sets the fields for logging in. Next it would navigate to inbox (this was on Yahoo btw) and then to spam folder. Nevermind what the intent of this was O:)

Basically it's key to make sure you keep track of cookies after logging in and that your posts/gets are correct. A combination of source checking and the Firefox extension TamperData are your best bet.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.