[R] passing username and password to source()

[Ricardo Rodriguez] Your XEN ICT Team webmaster at xen.net
Sat Feb 16 12:50:25 CET 2008


Phil Spector wrote:
> Ricardo -
>    If you use cat to look at the variable "request" in the getauth
> function that I sent you previously, you'll see exactly what I'm 
> saying to the server.  It's something like this:
>
> GET /myfile.txt HTTP/1.1
> Host: mycomputer.com
> Authorization: Basic dXNlcjpwYXNzAA==
>
>    If you go to http://user:pass@mycomputer.com/myfile.txt in Firefox
> with Live HTTP headers, and look for the transaction that had the 
> Authorization header, you'll see lines like the ones above, along with
> some others.  Presumably, it's one of those other headers that's
> preventing the program from working.  For example, if you see a 
> "Cookie" header, then, in addition to authorization, a cookie might
> be needed.  You can try copying some of the headers that you see in
> the Live HTTP headers output into the "request" variable in getauth. 

It is certainly a matter of cookies. It seems to me. You have already 
receive an account for the concerned site, but let me keep this thread 
posted for further reference and see what others think.

By using Firefox Live HTTP headers I've found this one that seems to 
content the string sending username and password to the server...

----------------------------------------------------------
http://MyHostName/xwiki/bin/loginsubmit/XWiki/XWikiLogin

POST /xwiki/bin/loginsubmit/XWiki/XWikiLogin HTTP/1.1
Host: MyHostName
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; 
rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
Accept: 
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en,en-us;q=0.7,es-es;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: UTF-8,*
Keep-Alive: 300
Connection: keep-alive
Referer: 
http://MyHostName/xwiki/bin/login/XWiki/XWikiLogin?xredirect=http%3A%2F%2FMyHostName%2Fxwiki%2Fbin%2Fview%2FMain%2F
Cookie: JSESSIONID=A89FBB1701789DE208FFDBD732E9EFFD; style=default
Content-Type: application/x-www-form-urlencoded
Content-Length: 146
xredirect=http%3A%2F%2FMyHostName%2Fxwiki%2Fbin%2Fview%2FMain%2F&j_username=xxxxxxxxx&j_password=xxxxxxxxx&j_rememberme=true
HTTP/1.x 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: username=xxxxxxxxx==; Expires=Sun, 02-Mar-2008 11:26:15 GMT; 
Path=/
Set-Cookie: password=xxxxxxxxx==; Expires=Sun, 02-Mar-2008 11:26:15 GMT; 
Path=/
Set-Cookie: rememberme=true; Expires=Sun, 02-Mar-2008 11:26:15 GMT; Path=/
Set-Cookie: validation=2ea9cbeb40bdafc8314b50f18b440e30; Expires=Sun, 
02-Mar-2008 11:26:15 GMT; Path=/
Location: http://MyHostName/xwiki/bin/view/Main/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Content-Length: 0
Date: Sat, 16 Feb 2008 11:26:15 GMT
----------------------------------------------------------

I've replaced username and password values with xxxxxxxxx and the real 
hostname with MyHostName.

In xredirect I can easily identify : as %3A and / as %2F. But, is it 
possible to pass the string &j_ in an "regular" URL? Or must I pass also 
the Set-Cookie values with the getauth function? I've been playing for a 
while with this function, but no results so far.

Thanks for your help!

Ricardo

-- 
Ricardo Rodríguez
Your XEN ICT Team



More information about the R-help mailing list