[EMAIL PROTECTED] schrieb:
>
> Christopher Arndt wrote:
>
>>> 1. Do HTTPS login auth part
>> First, you need to find out, what kind of authentication is used. HTTP
>> (Basic/Digest) or form-based? In the latter case, can you post the
>> username/password directly to same URL with which you download the file, or
>> do
>> you need do a request to a login form first and retrieve a session cookie?
>
> I'm not sure details of this HTTPS auth. It does complain if you don't
> have cookies
> installed. You enter login and passwd into fields. Here is the URL if
> that helps...
> https://www.betterinvesting.org/member/login.html?target_uri=/index.html
The login has nothing to do with HTTPS here, HTTPS only provides the encrypted
transfer channel, this website seems to use form/session cookie based
authentication:
>>> import urllib
>>> response =
>>> urllib.urlopen('https://www.betterinvesting.org/member/login.html?target_uri=/index.html')
>>> from pprint import pprint
>>> pprint(response.headers.dict)
{'cache-control': 'private',
'connection': 'close',
'content-type': 'text/html; charset=ISO-8859-1',
'date': 'Mon, 18 Dec 2006 22:02:34 GMT',
'expires': 'Tue, 04 Dec 1993 21:29:02 GMT',
'server': 'Apache/1.3.33 (Unix) mod_perl/1.29 mod_macro/1.1.2 mod_ssl/2.8.22
OpenSSL/0.9.7e',
'set-cookie': 'session=7c4a9c0ca9c7e231bcf760e1331ced68; path=/',
}
You can see, that it sends a session cookie with the response. You need to send
that back for every subsequent request. Of course, you need to authenticate
yourself first, by posting the username/password.
If you look at the source of the page with the login form, you can see that the
form posts to '/member/logcheck.html' and apparently expects three form fields
to be submitted:
- 'target_uri' - *probably* the URI of the site to be requested if
authentication is successful, maybe it's even possible to encode further
request variables into this URI which will then be sent to the resp. URL
- 'handle' - the login ID
- 'password' - the password
You have to know the proper values for these fields yourself, I can't help you
with this. You can do the POST request with urllib like this:
>>> import urllib
>>> data = urllib.urlencode(dict(handle='12345', password='secret',
target_uri='/index.html'))
>>> data
'password=secret&handle=12345&target_uri=%2Findex.html'
>>> response = urllib.urlopen(
'https://www.betterinvesting.org/member/logcheck.html', data)
You have to figure out the rest yourself, since I can't reach the form you
mentioned where you have to fill in the company info (or do you mean the login
form?) without being authenticated.
Chris
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
