« Return to Thread: login via url parameters

Re: login via url parameters

by Kinicky :: Rate this Message:

yes i know about this security issue.

i'm trying to implement SSO with another system and this other system asks
for the parameters. i can use post to do the SSO but i didnt succeed so i'm
just trying the GET method now because is more clear and easy to test.

On Mon, May 25, 2009 at 10:24 AM, Andrew Jaquith <andrew.r.jaquith@...
> wrote:

> This is a very bad idea. Among other things, the GET is likely to be
> logged, which means the user's password will be exposed and recorded.
>
> What are you trying to do?
>
> Andrew
>
>
> On May 25, 2009, at 9:19, Kinicky <kinicky@...> wrote:
>
> hi everyone,
>>
>> is it possible to login in JSPWiki by passing the parameters in URL?
>>
>> i'm tried this: http://
>> <server>/JSPWiki/Login.jsp?j_username=<username>&j_password=<password>
>>
>> tks!
>>
>

« Return to Thread: login via url parameters