Hello All,
I have not been able to find one so I am attempting to build a SAML-based
auth plugin. I am digging around in the object hierarchy but I have not
yet fully understood a couple of things and was hoping someone could give
me some guidance. I have tested
this<https://github.com/djui/saml-client/blob/master/saml.py> script
that can perform a SAML login using a urllib2 object and a CookieJar but I
am not yet sure how to integrate this with the AuthPlugin class.
The script executes this code:
cj = cookielib.CookieJar()
self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
I am not sure how to intercept the urllib2 object that has the context of
the actual tests being performed. I need to process a login and then set
cookies for that object.
I think I just need to use self.url_opener, yes? This object is the one
actually performing the tests? Additionally, how can I get the url being
tested from that object?
I am currently attempting to use self.url_opener to login into our IDP and
then set it's internal cookie jar with the cookies needed to perform
further authenticated tests.
Let me know if you have an suggestions. Also, are there any additional
documents describing the object model in w3af that I should view?
Thanks,
Andre
--
Andre Daniels
Sr. Developer/Security Analyst
University of California Santa Cruz
(831)459-1980
andre...@ucsc.edu
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
