access secure folders via cgi on IIs

sphonic has asked for the wisdom of the Perl Monks concerning the following question:

wise ones,
is there a way to access a password protected web directory on an IIs server via CGI automatically (sending correct login information-- of course) without getting a username/password prompt, besides entering the user/pass in the url, like:
http://myname:password@somewhere.com

here is the scenario:
after logging in, the user clicks on a javascript link that opens up a new window. the window uses cgi that redirects to a url in a password protected folder. the password dialog box opens and asks for username/pass even if the information is supplied in the url (which i don't like anyway). if you hit cancel on the dialog box and refresh on the window it will then accept the login info and display the page using the login/pass info supplied in the url. but this sucks.

it would be cool if the cgi could authenticate the user with IIs, since they have already been authenticated on the parent window.

humbly yours- sphonic

p.s. i know about the security concerns doing things like this but i have some whack requirements from the client.

Comment on access secure folders via cgi on IIs

Replies are listed 'Best First'.
Re: access secure folders via cgi on IIs by LD2 (Curate) on May 31, 2001 at 08:17 UTC
You may want to try using CGI::Authent	[reply]
Re: access secure folders via cgi on IIs by novitiate (Scribe) on May 31, 2001 at 22:03 UTC
Sounds like you are using NTLM authentication if you still get a dialog box with the current setup...I don't think any modules or maneuvering in perl will be able to help you if that is the case. If however, I am mistaken, and you are using basic authen., then the LWP module will get you where you need to be; it includes methods to GET the page using specified username and password. However, this will only work if you do some kind of mapping of accounts; ie. you use a single account to access the dir or you map a web login name to an account and the cgi handles the mapping and supplying of the id/password. humbly, novitiate "...goodnight you princes of main(e)" --The Cider House Rules	[reply]