|
There is a website I need to use for work, it is an MS sharepoint site. When accessing this site from a browser, I first get redirected to an RSA login page where I have to input my username, PIN, and RSA token code and then I get redirected to the real sharepoint site. After logging in to the RSA redirect page, I can browse the sharepoint site normally until such time as it decides that a time limit has expired or the broswer "session" has been lost/cleared (I checked and it appears to be using a browser cookie that expires at the end of the browsing session) and then I have to re-enter my credentials. Anyways the problem is that I want to use some software that can sync with a sharepoint site but if I just put the site URL into the software it doesn't understand how to deal with the RSA credential page that appears first (it doesn't prompt for my credentials, it just errors). So I was thinking that there could be some way to have a program/script connect to the site that understands how to prompt for my credentials (or just display the webpage so I could type them in) and then keep that same session/connection alive and act as a kind of proxy server for the other syncing application. Does anything like this exist? Or would this be hard to make in python or something? Or at the very least does anyone know what words I should google for to get information on how to solve this problem because I am having trouble finding anything because I don't really know what to search for. The site uses SSL, if this matters. Captain Riggs fucked around with this message at 23:46 on Jun 17, 2014 |
# ¿ May 30, 2014 06:55 |
|
|
# ¿ Apr 24, 2024 12:48 |
|
Thanks for the info. I was not aware of either of those methods before. I actually solved my problem by using some code in Fiddler's CustomRules.js to capture the cookie from a browser login to the site and reuse the cookie in any other app that made a request to the site. Both of your suggestions solve the problem of capturing the cookie and including it in another request in a script but what about inserting it into a request from another application? For example I am using microsoft onenote and colligo briefcase (http://www.colligo.com/products/sharepoint/colligo-briefcase/) to connect to the sharepoint site. I could not figure out any way other than fiddler acting as a proxy to insert the cookie into the requests from these applications. Do you know of any way to solve that problem? Since the sharepoint site uses SSL I think pretty much the only way to do it would be to use your own root certificate and basically do a main-in-the-middle type attack (which is what the fiddler proxy does)... Fiddler does work but It seems to slow things down a bit since it is doing so many other things.
|
# ¿ Jun 18, 2014 01:22 |