A Forum reader asked the following question:
We now have IChain working in which a general login page appears when trying to access secure web resources.
However, we have an outside system where we would like to gracefully log them in without the knowledge or the necessity of passing by the HTML form, where we must enter the login and password.
I have seen the action path and the parameters to pass as a URL rewrite but it does not seem to work. Here is my URL:
https://www.mysite.com/ICSLogin/auth-up? context=default&URL=http://www.mysite.com/mywebapp/&username=username&passw ord=password&proxypath=reverse&button=Login
Is there something I am missing, or am I trying to do something which is not possible?”
And here’s a suggestion from Tim Loveridge …
The iChain authentication process requires that you POST the data rather than GET it. I’m curious as to how blind authentication to a “Restricted” or “Secure” site is beneficial, as that essentially turns it into a “Public” site, but I suppose you could come up with some creative reasons …
Anyway, if you wanted, you could have a page (accessible internally only of course…) that automatically logs a user in to iChain. Take the following HTML source:
<html> <head> <title>Auto-Login to www.mysite.com</title> </head> <body onload="document.loginform.submit();"> <form name="loginform" method="POST" action="https://www.mysite.com/ICSLogin/auth-up" enctype="application/x-www-form-urlencoded"> <input type="hidden" name="username" value="username"> <input type="hidden" name="password" value="password"> <input type="hidden" name="url" value="https://www.mysite.com/mywebapp/"> <input type="hidden" name="proxypath" value="reverse"> </form> </body> </html>
When this page loads, the browser will automatically post the loginform data to the iChain login processor, then upon successful login, redirect the user to the specified URL. It’s a slightly different solution, but achieves the same end result.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.