Force HTTPlogin using script

HCL Domino Domino Forum
1

Is there a way to fore a http-login using lotus lotusscript ?

I want to do this kind of stuff :

I plan to design a website for a Sportfederation (Long Distance Walks in Belgium - Europe)

They want to give there members more access to the website (archive, calendar, extra downloads), like normal visitors have.

Because it isn’t a commercial company, the can not pay licences for every user. I discussed with IBM but they can not force something like free licenses (thanks ibm).

Now, I can control users by entering password using xml and ajax. And if a visitor enters a legal username and password, at that moment I want to force a login with a dummyuser using lotusscript.

Thanks for help (or other idea’s)

2

Subject: Force HTTPlogin using script

Well, well …

I have experimented a little with the (DSAPI) Domino Server API.

This is one of my old filter.c files (I wasn’t allowed to attach a file so i added the code to the end of this post)

The filter checks on incoming webrequests, if the request header “X-UserName” contains anything - the filter tell domino that thats the users name and is now authenticated.

Basically the name will be authenticated to Domino even if the user does not exist in the addressbok.

If you run an Ajax client - I guess you could control the request headers when you communicate with the server.

Just add “X-UserName” and a fancy name. - and your in.

If that can not be done with the client, I quess that the simplest way for you to accomplish what you want - is to modify this filter to check for a cookie instead of the header “X-UserName” and then have the server set the cookie for your client.

The cookie will then authenticate you thru the filter on each consecutive request.

I hope this sets you on the track you were looking for.

Peter Närlund

http://dominopatrol.net

//______________________________________________________________________

//

// File: filter.c

//______________________________________________________________________

#include <stdlib.h>

#include <stdio.h>

#include <string.h>

#include “filter.h”

#if !defined(DLLEXPORT)

#ifdef WIN32

#define DLLEXPORT __declspec(dllexport)

#else

#define DLLEXPORT

#endif

#endif

/*—

  •  local function prototypes

*/

unsigned int RawRequest(FilterContext* context, FilterRawRequest* reqData);

unsigned int ParsedRequest(FilterContext* context, FilterParsedRequest* reqData);

unsigned int MapURL(FilterContext* context, FilterMapURL* map);

unsigned int Authenticate(FilterContext* context, FilterAuthenticate* authData);

unsigned int UserNameList(FilterContext* context, FilterUserNameList* groups);

unsigned int Response(FilterContext* context, FilterResponse* response);

unsigned int EndRequest(FilterContext* context, FilterParsedRequest* reqData);

/*—

  •  filter initialization

*/

DLLEXPORT unsigned int FilterInit(FilterInitData* filterInitData)

{

filterInitData->appFilterVersion = kInterfaceVersion; // Required

// Modify the following code to set the flags you want

//filterInitData->eventFlags = kFilterResponse;

filterInitData->eventFlags = kFilterAny;

/* kFilterAuthUser |

  kFilterUserNameList;

*/

// Set a short description for your filter

strcpy(filterInitData->filterDesc, “sso filter”);

// insert any global initialization code here…

// Output sent to stdout and stderr is displayed on the server console,

// but is not written to the server log file.

fprintf(stderr, “Loading sso filter 1.1 \n”);

return kFilterHandledEvent;

}

/*—

  •  filter termination

*/

DLLEXPORT unsigned int TerminateFilter(unsigned int reserved)

{

// insert any global cleanup code here…

fprintf(stderr, “sso filter unloaded\n”);

return kFilterHandledEvent;

}

/*—

  •  filter notification handling

*/

DLLEXPORT unsigned int HttpFilterProc(FilterContext* context,

			      unsigned int eventType, void* eventData)

{

// Remove any events you don’t want to handle

switch (eventType) {

case kFilterRawRequest:

return RawRequest(context, eventData);

case kFilterParsedRequest:

return ParsedRequest(context, eventData);

case kFilterMapURL:

return MapURL(context, eventData);

case kFilterAuthUser:

return Authenticate(context, eventData);

case kFilterUserNameList:

return UserNameList(context, eventData);

case kFilterResponse:

return Response(context, eventData);

case kFilterEndRequest:

return EndRequest(context, eventData);

default:

break;

}

return kFilterNotHandled;

}

/*—

  •  handle raw request

*/

unsigned int RawRequest(FilterContext* context, FilterRawRequest* reqData)

{

//fprintf(stderr, “RawRequest(FilterContext* context, FilterRawRequest* reqData)\n”);

return kFilterNotHandled;

}

/*—

  •  handle parsed request

*/

unsigned int ParsedRequest(FilterContext* context, FilterParsedRequest* reqData)

{

//fprintf(stderr, “ParsedRequest(FilterContext* context, FilterParsedRequest* reqData)\n”);

return kFilterNotHandled;

}

/*—

  •  handle user authentication

*/

unsigned int Authenticate(FilterContext* context, FilterAuthenticate* authData)

{

char buffer[255];

char name[9];

unsigned int bufferSize;

FilterRequest requestInfo; // request to filter

int errid;

if (!authData || authData->foundInCache)

 return kFilterNotHandled;

// get the header UserName

strcpy(name, “X-UserName”);

bufferSize=255;

if(0 != authData->GetHeader(context, name, buffer, bufferSize, &errid)) {

context->GetRequest(context,&requestInfo,&errid);



strcpy(authData->authName, buffer);

authData->authType = kAuthenticBasic;



//fprintf(stderr, "URL: %s\n", requestInfo.URL);

//fprintf(stderr, "Authenticate name=: %s\n", authData->authName);



//fprintf(stderr, "test SSOLogin: %s\n", authData->authName);

return kFilterHandledEvent;

} else {

//fprintf(stderr, "DominoLogin :%s\n", authData->userName);

return kFilterNotHandled;

}

}

/*—

  •  handle user name list

*/

unsigned int UserNameList(FilterContext* context, FilterUserNameList* groups)

{

//fprintf(stderr, “UserNameList(FilterContext* context, FilterUserNameList* groups)\n”);

return kFilterNotHandled;

}

/*—

  •  handle URL mapping

*/

unsigned int MapURL(FilterContext* context, FilterMapURL* map)

{

//fprintf(stderr, “MapURL(FilterContext* context, FilterMapURL* map)\n”);

return kFilterNotHandled;

}

/*—

  •  handle response

*/

unsigned int Response(FilterContext* context, FilterResponse* response)

{

/*

unsigned int errCode;

if ( !response->AddHeader(context, “Cache-Control: no-cache\n”, &errCode) )

{

   fprintf(stderr, "Adding header: (Cache-Control: no-cache) FAILED!\n");

   fprintf(stderr, "errCode: %d\n", errCode);

}

else

{

    fprintf(stderr, "Adding header: (Cache-Control: no-cache) SUCCESS!\n");

    fprintf(stderr, "errCode: %d\n", errCode);

}

if ( !response->AddHeader(context, “Pragma: no-cache\n”, &errCode) )

{

   fprintf(stderr, "Adding header: (Pragma: no-cache) FAILED!\n");

   fprintf(stderr, "errCode: %d\n", errCode);

}

else

{

    fprintf(stderr, "Adding header: (Pragma: no-cache) SUCCESS!\n");

    fprintf(stderr, "errCode: %d\n", errCode);

}

if ( !response->AddHeader(context, “Expires: -1\n”, &errCode) )

{

   fprintf(stderr, "Adding header: (Expires: -1) FAILED!\n");

   fprintf(stderr, "errCode: %d\n", errCode);

}

else

{

   fprintf(stderr, "Adding header: (Expires: -1) SUCCESS!\n");

   fprintf(stderr, "errCode: %d\n", errCode);

}

return kFilterHandledEvent;

*/

return kFilterNotHandled;

}

/*—

  •  handle end request

*/

unsigned int EndRequest(FilterContext* context, FilterParsedRequest* reqData)

{

//fprintf(stderr, “EndRequest(FilterContext* context, FilterParsedRequest* reqData)\n”);

return kFilterNotHandled;

}

// ----- end of dsapifilter.c