I have a website that is built around a web-application that my
company purchased. My company has full ownership and administrative
rights to this software and its corresponding files. It uses HTTP
Basic Authentication and that cannot be changed at all (it is compiled
into the web-application itself).
This is my problem:
We have a secure subnet (a customer of ours) that regularly uses this
website and they don't want to have to log in to this server (as they
have already had to log in to their own network). We used to get
around this problem by using the username and password on the URL line
(http://username:password@www.website.com/) but since Microsoft
eliminated that with one of their service packs it is no longer
possible. (And the customer won't go to all their computers
....numbering some 200-300... and change the registry). Is their any
way to supply the client browser with the proper credentials through
scripting (or any mechanism, for that matter) so that this automation
can be achieved WITHOUT any browser-user interaction?
My idea was to point the customer to an different "home page" for this
website, check their REMOTE_ADDR to see if they are in the approved
subnet, and, if so, give them the username and password whereupon they
would be pointed to the original home page. I'm getting stuck at the
point where those credentials need to be implemented by the browser
without the user's intervention.
Any insight into this problem would be greatly appreciated.
Thanks,
Tom
company purchased. My company has full ownership and administrative
rights to this software and its corresponding files. It uses HTTP
Basic Authentication and that cannot be changed at all (it is compiled
into the web-application itself).
This is my problem:
We have a secure subnet (a customer of ours) that regularly uses this
website and they don't want to have to log in to this server (as they
have already had to log in to their own network). We used to get
around this problem by using the username and password on the URL line
(http://username:password@www.website.com/) but since Microsoft
eliminated that with one of their service packs it is no longer
possible. (And the customer won't go to all their computers
....numbering some 200-300... and change the registry). Is their any
way to supply the client browser with the proper credentials through
scripting (or any mechanism, for that matter) so that this automation
can be achieved WITHOUT any browser-user interaction?
My idea was to point the customer to an different "home page" for this
website, check their REMOTE_ADDR to see if they are in the approved
subnet, and, if so, give them the username and password whereupon they
would be pointed to the original home page. I'm getting stuck at the
point where those credentials need to be implemented by the browser
without the user's intervention.
Any insight into this problem would be greatly appreciated.
Thanks,
Tom
Comment