Skip to main content.
home | support | download

Back to List Archive

Re: [swish-e] How do I index via HTTP when authentication is required?

From: William Conlon <bill(at)>
Date: Wed Jan 23 2008 - 21:14:20 GMT
I wrote a backdoor in my login application that allows specified IP  
addresses to login via GET, in order to have a simple way for swish-e  
to access protected content.

Then just create a username/password combination for swish-e to login  

On Jan 23, 2008, at 11:32 AM, Adam Douglas wrote:

> Hi Peter. Thanks for the reply and pointing this out as I did not see
> this information. However it appears after reading what you have  
> pointed
> out that Swish-E only supports Basic Authentication correct? If so  
> that
> would not work then that I know of, as in my case authentication is  
> done
> via a web form and then handled server side using PHP/MySQL with the  
> use
> of a cookie on the client side to maintain the client's session until
> logout.
> Is there any other way? I do realize I could provide the username and
> password via the URL to the form, however this is dangerous and
> presently the form only accepts via POST not GET. I believe when a
> username and password is provided as query string this is treated as a
> GET.
> Any further ideas or suggestions?
> Best,
> Adam
>>> Hi. I have been able to index the public side of my website. However
>>> how do I index via HTTP for the private side of the web site that
>>> requires authentication? I'm using prog to do this as suggested by
> the
>>> Swish-E documentation. I don't understand where I would provide
>>> Swish-E the username and password to authenticate so it can index  
>>> the
>>> private side of the website. Since I've used a web page (PHP) to do
>>> the authentication I can not provide the username and password via
> the
>>> URL that I provide Swish-E.
>> and look for 'authentication' 'password' 'credentials' ...
> This message (including any attachments) is intended only for
> the use of the individual or entity to which it is addressed and
> may contain information that is non-public, proprietary,
> privileged, confidential, and exempt from disclosure under
> applicable law or may constitute as attorney work product.
> If you are not the intended recipient, you are hereby notified
> that any use, dissemination, distribution, or copying of this
> communication is strictly prohibited. If you have received this
> communication in error, notify us immediately by telephone and
> (i) destroy this message if a facsimile or (ii) delete this message
> immediately if this is an electronic communication.
> Thank you.
> _______________________________________________
> Users mailing list

Users mailing list
Received on Wed Jan 23 16:14:25 2008