On 2011-07-27 at 11:00, J.Lance Wilkinson ( [email protected] ) said: > I have a need to secure a COSIGN protected resource from a command line > (download a protected file). > > What do I need to do, in WGET or cURL, or whatever, to access a cosign > protected resource from a Unix/Linux command line? > > I would prefer the net effect to be non-interactive, at worst prompting > for the password or possibly the userid and password to be used in the > Cosign authentication. E.g., > > $ get_protected_resource.sh https://host/protected/path/resource user [pwd] > > Suggestions? Code already available? Where to start with Roll My Own?
# get your cookies curl -L -b /tmp/cookies.txt -c /tmp/cookies.txt https://yourcosignlogin.com # attempt to login curl -L -b /tmp/cookies.txt -c /tmp/cookies.txt https://yourcosignlogin.com/cosign.cgi \ --data "login=username&password=password" # now access your protected site curl -L -b /tmp/cookies.txt -c /tmp/cookies.txt https://someothersite.com/pathtoresource I may be missing something, and it's been a while since I wrote this, but that's basically all our nagios check scripts do to check that our cosign login cgi is working and that a particular protected site is working correctly. You might have to change the GET variables as appropriate for your site. Bear in mind the usual security precautions about passing a password to a command like that or storing a password in a script. --andy ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
