[thelist] FW: B2B Seamless login
Michael Pemberton
evolt at mpember.net.au
Fri Dec 3 02:08:34 CST 2004
evolt at weeb.biz wrote:
> No need for a standalone app, the same functionality could be achieved
> with a really simple page on the intranet. In ASP that would be
> something like:
>
--- snip ---
> <input type="hidden" name="user" value="<%=user%>">
> <input type="hidden" name="password" value="<%=password%>">
> You are being redirected.
> Click <input type="submit" value="here">
> if nothing happens within 10s
> </form>
> </body>
>
> This page would be bookmarkable (if added manually - obviously with
> redirect it would not be addable by being on the page)
>
> Regards
> James
I would try avoid anything that involves including a password in plain
text on a html page. I may be possible to do something to the password
before sending it to the outside website. For example, a simple md5
hash. This would mean that you still have something to compare, just
that it isn't the plain text password. It also means that the data
being transfered between the two systems does not contain plain text
versions of the passwords.
--
Michael Pemberton
evolt at mpember.net.au
More information about the thelist
mailing list