-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Jun 07, 2016 at 03:33:40PM +0000, Bob wrote: > Hello list, > > I'm trying to automate my internet login which is based on a web > form. I have already checked few tutorial/posts on form submission > by curl. I have tried various combinations too but nothing worked in > my case. > > When I inspect the form I get following for username/password text > box and submit button
[...] > which is not working unfortunately. Have I missed anything ? > > Your clue will be helpful. Most probably yes: those "modern" login forms elicit a response with some session key which the browser uses from then on to "prove" to the server that authentication happened. You have to simulate that. Most of the time, this session key is hidden in a cookie. You can let curl manage the cookies for you with option -c: it stores the set cookies in the file you give it and uses it in subsequent requests appropriately. Sometimes servers fall back to a session ID embedded in the URL when the client refuses to use cookies (the ending .jsp suggests you are talking to a java server pages thingmajig: those do this kind of fallback -- sometimes). There, you would have to follow redirects judiciously and possibly enrich your URL with whatever session ID is there (perhaps embedded in the path, perhaps in the url params after the ?). Why those &$%#*$? web designers gave up on "traditional" authentication is something I've kept asking myself the last 15 years. Some things are "turtles all the way down", the Intertubes is just a disgusting tangle of turtles. But there you go. regards - -- t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAldXxRUACgkQBcgs9XrR2kbZ4ACeKjvXD6ORJKl2Lz0fyaBvs0B5 ClUAnjwWlI38ws4JEkRTcccsCqdOtmdg =74TJ -----END PGP SIGNATURE-----
