Skip to main content.
home | support | download

Back to List Archive

Re: [swish-e] How do I index via HTTP when authentication is

From: Adam Douglas <ADouglas(at)not-real.venmarces.com>
Date: Thu Feb 21 2008 - 17:28:10 GMT
Hi Bill. BTW, thanks for all the help you have provide much appreciated.

> When redirecting to another domain you need to provide a 
> means for the session to be continued. For example, a unique 
> identifier (i.e, the session cookie) could be appended to the 
> query string.  The server to which the user is redirected 
> uses the uid to re-establish session cookies.  Of course your 
> application server must allow you to use the same session 
> identifier with different domains.

Okay I may have confused you here but there is no redirect to another
domain. The client logs in by going to
http://blowfish.venmarces.com/login/. If authentication is successful
the authenticated client is redirected to
https://blowfish.venmarces.com/ (the homepage) else if the
authentication fails the login page is displayed with applicable error
messages. Normally the client would be on SSL the entire time but until
I can get SSL to work with Perl I'm just not using SSL at the login
page. There is already a process in place that maintains the session
using PHP sessions. The sessions are maintained from the server to the
client's cookie. This process works perfectly outside of using Swish-e
and is in use on a production server as well.

Oh no way, just after typing the above I think I may have an idea of the
problem. The redirect from /login/ to / is using SSL. SSL is not working
with Perl at the moment. I wish I knew how to make SSL work with Perl.
Bingo this is the problem. I remove all references to using SSL and it
appears to be working I think. Can you take a look to see if it appears
to be working correctly,
http://www.venmarces.com/swishe-spidering-output.txt?

> Is spider.pl configured to know that the server to which you 
> are redirecting is the 'same' as the original.  If not, the 
> spider will interpret the redirected page as an 'off-site 
> link' and halt.

Mmm... well in this case I'm not leaving the domain that the
authentication occurs on just changing the path from /login/ to /.

Best,
Adam

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary,privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication. Thank you.
_______________________________________________
Users mailing list
Users@lists.swish-e.org
http://lists.swish-e.org/listinfo/users
Received on Thu Feb 21 12:28:13 2008