I need to programmtically key in the username, password for a website using Webbrowser control in Visual Basic 6.0 application (please note it is not .Net application) and also click on Login button.
Also I am not trying to hack or spam. The requirement is part of interfacing that I am trying to create between multiple applications.
Please let me know how to go about this.
Thanks
You can use the Document property of the WebBrowser control to interact with the HTML page. In your case, it would depend on the structure of the web site, but you should be able to do something like this (untested)
With webBrowser.Document.forms(1)
.getElementByName("username").value = "username"
.getElementByName("password").value = "password"
.submit()
End With
I think you should use some HTTP request and store the returned cookie (there probably will be one). Observe the login process on the page if it's GET or POST method, and if it uses a cookie. I don't think you need webbrowser control for this.
Related
I am writing a simple web page, which shows some widgets based on user permission. If user has EDIT permission, the page renders EDIT widget else EDIT widget doesn't shows up.
What is the best way to achieve this?
I, first called a service to get logged in user's permission and then set visibility: none or block based on the permission. But, I see that user can "inspect element" on browser and set visibility accordingly. However, on server-side, I am using #PreAuthorize annotation on DAO to control the user actions.
How to control visibility of UI widgets without user being able to make changes, maybe from server side?
Update : I am looking for JSTL equivalent in GWT
AFAIK there is no JSTL equivalent for GWT.
However there are some 3rd party (i.e. ArcIS) libraries that make display/hiding UI elements based on user permissions more convenient.
However no matter whether you do it manually or using a library you should make sure that you properly secure your backend side (as far as I can tell you are doing that by using method level security).
One important thing to remember when dealing with client side permissions/security:
You should never trust input/actions from the client/browser, because you are not in control of it. So you must always do security on the backend
In my opinion, it really does not matter if the user could theoratically inspect the edit button for example using Browser Dev Tools and make it visible, as long as the the edit action on the backend is properly secured. If you are really that concerned you can remove the elements (i.e edit button) from the DOM instead of hiding it, but it won't make it more secure.
I, first called a service to get logged in user's permission and then
set visibility: none or block based on the permission.
Well instead of setting the visibility none or block, assuming you are using JSP, use JSTL tag
<c:if test="${if the user has permission}">Show widget UI code</c:if>
If the page has n widgets for which the user doesn't has permission, why would you load the code for all the n widgets. It's non performant.
write a panel that shows it's contents based on security settings in the client code
add the widgets to be controlled inside the security panel
the panel will now control the appearance of the children based on security in your client code
As has been mentioned before, and has been recognized by you, client security is only visibility control and thus not sufficient to protect the app.
I am trying to make an windowsphone 7 application.
The user will store his login details inside the app and on opening of the app,the app will login into the specific site by filling the details automatically.This site I am referring doesnt have any APIs for logging.
The app will need to autofill the details which requires javascript injection...
Has anybody work on this liness?
You can use IsoltedStroageSettings for such a small purpose since you need only a couple of fields to store.
A simple example would be
IsolatedStorageSettings appSettings = IsolatedStorageSettings.ApplicationSettings;
to initially add the values
appSettings.Add("id", "sum#somthing.com");
appSettings.Add("password", "pass123");
to retrieve them later
string id= (string)appSettings["id"];
string id= (string)appSettings["password"];
Hope that helps :)
I am writing MVC3 web app I need to know at server side when user navigate from one web page to another. I do not need to know from what pages page to which just fact that user navigated. I could find this by adding Session variable to every Home Controller Actions but maybe there is better solution?
Use a global filter attribute for al your controller actions. You can set that attribute in the global asax. In that case you know when an action is hit.
You could try sending AJAX request bound to onbeforeunload browser event.
Basically, it happens on the client side, so the programming should also be in client. Javascript could be the way to go. Though it may deliver some inconvenience to the user.
How can I manage page state history in share (surf?) so that I remember for example which yui tab was active and on which page the pager was on?
I noticed that alfresco share does something like that after form submit. You get redirected to the exact same page url where you were before. If any "ajax state" (don't know what they are called) parameters are in url like #something=asdf you get the same url.
But when using manual navigation like moving through site pages those parameters aren't saved.
Is this even a good idea to do? To save page state in session for example?
Some pages have support for URL parameters that are passed in. In those cases the browser history is used, e.g. we editing metadata in the full page meta data view the user is send back to the page he is coming from. This is done in javascript by calling window.history.go(-1) after form submit but only works when parameters are set/retrieved by URL. The document library implements page specific javascript for setting the URL and parsing parameters from it.
I some places Alfresco uses the preference service to store user settings between different pages permanently. For example this is used in the document library for the "show folders" and "simple/thumbnail view" buttons. Here is some sample code from the document library javascript setting a preference option:
var PREFERENCES_DOCLIST = "org.alfresco.share.documentList",
PREF_SHOW_FOLDERS = PREFERENCES_DOCLIST + ".showFolders";
var preferences = new Alfresco.service.Preferences();
this.services.preferences.set(PREF_SHOW_FOLDERS, true);
The evaluation of the properties is usually done in the Share component webscripts, you can have a look in share\WEB-INF\classes\alfresco\site-webscripts\org\alfresco\components\documentlibrary\include\documentlist.lib.js for an example.
In any case you have to dig into Alfresco's javascript code in the browser and the share tier to see how to implement it.
You could check parameters sended to the server side after form submiting in the firebug (firefox plugin) and then you could use the same parameters.
Also perhaps you should use yui history manager:
Is there a way to make Firefox or any other browsers remember values in ajax login forms?
I suggest checking that you dont have password remember settings for the site in question set to "never". Some sites also disallow remembering passwords explicitly in their form tags. In such cases, if you really want the form to remember the login (Such as if you are testing the site and regularly log in using the same credentials), It may be possible to write a bookmarklet to remember the details for you. (You could save the bookmarklet in your bookmarklets toolbar)