Re: [IMail Forum] Login

[Michael Kowalski]

Thanks Dave.  We can have the info persisted in a Session or in our profile table and use the technique you described.  We actually would set it up to be an SSL page so that the user info doesn't go out as plain text over the wire.  A co worker just pointed out that the back button will be screwed up but he has a work around.   Thanks again for the help. ----- Original Message ----- From: David Lapides To: [EMAIL PROTECTED] Sent: Tuesday, August 08, 2000 1:13 PM Subject: RE: [IMail Forum] Login Kinda. You could write a server-side script (mine's in ASP) that puts these variables in a form that submits itself via javascript using the onpageload event. This script would run only for authentcated clients who have logged in using your "regular" login script. Technically, the password is submitted in clear text, but it's REAL hard to get at as the form is submitted when the page is loaded and before it is rendered on the browser.   I haven't tried logging via a POST from the server and then streaming the output to the client. It's doable but it's a pain. The only thing you would have to check is whether Web Messaging uses cookies. I don't think it does, but I have no idea how that might complicate the issue.   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Kowalski Sent: Tuesday, August 08, 2000 12:25 PM To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] Login I'm not sure that this would be acceptable because we have some imposed security requirements.  Wouldn't this put the UserName and Password in plain text for anyone to see.  Any more thoughts would be appreciated. ----- Original Message ----- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 08, 2000 11:41 AM Subject: RE: [IMail Forum] Login Mike,   Someone asked that question here yesterday. Here was my answer: Check out our sample form code at http://hksi.net/imail-login.htm. To make it "automatic", change the userid and passwd fields to type="hidden", then fill their values with ASP code, probably something like value="<%=UserName%>" and value="<%=Password%>". Then, all the user has to do is click the Submit button (or a link that triggers a JavaScript form submission), and they'll be logged right in. Also, there is no API into the heart of IMail. But we can still dream... :) Hope this helps, Ron ron allen hornbaker    humankind systems, inc.     mailto:[EMAIL PROTECTED] HKSI WebMail Templates for IMail v6x ~ Now 607 Installations Worldwide Demo: http://mail.hksi.net   Buy: http://humankindsystems.com/products   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Kowalski Sent: Tuesday, August 08, 2000 10:19 AM To: [EMAIL PROTECTED] Subject: [IMail Forum] Login We are evaluating whether to purchase the IMail package.  We have a need for a common login area that provides access to several resources.  Email is one of them.   We want the user to be able to login once and have access to any of the resources without having to login again.(The resources will be on different servers).   After a quick tour of the product I was not able to find any exposure of the API other than through the tags and templates.  Is there an interface that can be accessed programatically.  Or is there another way to credential a user outside the provided Login.cgi, and have that information forwarded to the mail system for authentication.   Any help provided will be greatly appreciated.   Thanks,   Mike Kowalski