Hiding Password in URL

I have the url's to the reports embedded in our entranet web page. The problem is anyone can do a view source and see passwords. How can i hide those userid's and passwords??

If hexadecimal encription of url is good enough protection for your business you can apply it. If it isn't, you have to use the RUN_REPORT_OBJECT built-in that is used to call reports from the forms. URL is hidden because passing usernames and password is implicit between forms and reports. If you are interested in details you can read the white papers on forms-reports integration.
Ask again if you don't understand something, I will be happy to answer because I spent a lot of time on this problem. Regards,
er.

Similar Messages

  • Retrieving data from a password protected URL

    Hi guys,
    I was hoping that someone might be able to advise me on how to read data into java from a password protected URL. The first page has a "login" area, where the username and password must be supplied before access to the next pages are allowed. It is from these following pages that I wish to get the data.
    I have a user name and password, and when I log in the usual way no cookie is created, nor is the username or password displayed as a part of the URL. Therefore, when I run my HTML parsing program to parse those pages, I get a message saying that I have to login first.
    You can have a look at the site should you wish (I strongly advise this to get an understanding of the problem): http://news.ft.com/home/uk/
    If anybody has some source code that could resolve this issue, I would be terribly grateful.
    Thanks!

    Hi.
    Usually you should be able to access
    password-protected sites using a URL of the
    form:http://username:[email protected]
    -page.com/If you're trying to access those sites without using a
    browser, you still have to encode the username and
    password with base64-encryption, which is usually done
    by the browser.
    cheers,
    kelysarMy program accesses this site without using a browser.....
    In this case would you or anybody else be able tell me how to go through the process from start to finish? I just haven't got a clue!

  • Hiding password in the script

    Hi
    Is there a way of hiding password text in the script? If possible please provide different ways of doing it and with examples. Thanks!

    You can save encrypted data wherever you like, including within your script file (though there are certainly advantages to having it separate from the code.) One easy example of this is with the ConvertFrom-SecureString and ConvertTo-SecureString cmdlets:
    # At your console:
    $secret = Read-Host -AsSecureString "Enter password"
    $secret | ConvertFrom-SecureString
    # copy and paste the data that this command produces, and
    # place it into your script file (or a data file, whatever)
    # In your script:
    $encryptedData = '<copied from ConvertFrom-SecureString output>'
    $secureString = $encryptedData | ConvertTo-SecureString
    When you call ConvertFrom-SecureString the way I did in this example, PowerShell uses the Windows Data Protection API (DPAPI) to perform the encryption.  That's the scenario you described, where you're the only person who can decrypt the data, and only
    on your own computer.  In the examples code I linked to earlier, I show some alternatives using RSA certificates to encrypt data in a way that is just as secure, but can be shared across multiple users / computers.
    wow.. a cool trick.. :) Thanks David for sharing this idea.
    so for secure string it will only work on the machine where it was generated?
    Every second counts..make use of it. Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
    IT Stuff Quick Bytes

  • Need work around for image gallery with password protected URLs

    Is there a way to display an image gallery that has password protected URLs?
    I can build the image gallery in Siena using an excel table with a list of the images and when I preview the app inside Siena I get the expected credentials prompt from IE, and I enter the credentials and the images load and display with their captions perfectly.
    There are 4-6 images in the gallery.
    When I publish and produce a store app, the app errors out with can’t connect and obviously fails on
        var GenericInitError = "The app could not connect to the server. Please try again later.",
            GenericInitTitle = "Network error";
    Most likely because Siena wants to preload everything and there is no way with preload to enter credentials.
    I am looking for any alternatives that would let me get around this.
    TIA
    -- Barb Bowman

    On Mon, 24 Mar 2014 05:10:01 +0000, Radu Gruian (MSFT) wrote:
    >One possible thing to do would be download and embed the images into your app, eliminating the need for password-based authentication.
    Nope. The app accesses a group of IP Security cameras. Static images would not
    make any sense. And authentication is required. Not negotiable.
    -- Barb Bowman

  • How can I save passwords for URL's

    How can I save passwords for URL's? I just installed 10.6.7 Snow Leopard. I also had to format my HD drive and reinstall my software.

    Hi,
    From the Safari menu bar click Safari / Preferences then select the Autofill tab. Select the box next to:
    User names and passwords.
    Navigate to a site you normally log into with the user name and password. Click Yes when prompted. That will save that information to a new keychain for you.
    Passwords are actually stored in your Keychain Access application. (Applications/Utilities)
    Carolyn

  • Pass the username and password in URL to auto log in the application from SharePoint List

    how to Pass the  username and password in URL to auto log in the application from SharePoint List  
    I have a link  in my SharePoint list  when user try to open the link its asking username and password .i want to put username and password in URL to auto log in into that external URL from sharepoint
    please help me it is possible

    Check out
    http://serverfault.com/questions/371907/can-you-pass-user-pass-for-http-basic-authentication-in-url-parameters
    Kind regards,
    Margriet Bruggeman
    Lois & Clark IT Services
    web site: http://www.loisandclark.eu
    blog: http://www.sharepointdragons.com

  • After having SSO user password through url not working

    Hi guys,
    We have an Institutional portal and BW portal to publish reports. Before the SSO was configured we had some UrlIViews where we fixed a user and password through the url, ie:
      http://myportal.net:50400/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.sap.pct!2fplatform_add_ons!2fcom.sap.ip.bi!2fiViews!2fcom.sap.ip.bi.bex?TEMPLATE=TMP01&sap-client=200&j_user=user1&j_password=pwd1
    It worked fine.
    Recently SSO (with SapLogonTickets) has been configured between the two portals.
    I have my same user on both servers and SSO its working, even though the URL sends another user, I log on to the bw portal as my own user.
    Some people do not have a BW user, so when they click the url, a login is presented with a default user (user1) and password in blank ready for input. I guess because it couldnt do a SSO.  The problem is that if they introduce the password(pwd1), or even if they change for another valid username and password, the portal rejects all attempts to log in.  Such as if tried to log in with an non existing user (using the SSO). 
    Is there a way override SSO when there is no user, such as it is working in the same portal but with BW R3?
    Thanks,
    help will be aprecciated
    DGF
    Edited by: David Guerra Farias on Apr 8, 2008 7:30 PM
    Edited by: David Guerra Farias on Apr 8, 2008 7:31 PM

    Hi Benjamin,
    I have not solved it yet as I'm delving into Flash Remoting to BC4J issues. ARRRRGGGGG!
    However, I'm thinking that there may be a solution using "mod-rewrite processing" within the httpd.conf file. If I can use Regular Expressions to change the "case" in mod-rewrite then I can probably fix it. Have to dust-off my Apache Docs.
    http://httpd.apache.org/docs/misc/rewriteguide.html
    BG...

  • Hiding Password in OIM user form

    Hi All,
    I am trying to Hide the userID and Password from OIM user (create user) form as I am using entity adaptor to generate these and I dont want to enter vague values. I am successful in hiding User ID field by modifying formMetaData.xml, however, I am not able to find anything for Password/Confirm Password fields.
    Please suggest.

    For each attribute reference, you can specify whether the field is:
    Viewable—By adding the attribute reference to the relevant section
    Editable—By specifying a value of TRUE or FALSE for the editable parameter
    Optional—By specifying a value of TRUE or FALSE for the optional parameter

  • Entering username and password in URL, 4400g, v5.2 ??

    Hi,
    I am trying to display contents of a website which requires me to login each time i exit the webpage.
    Is there a way to include the username and password in the url itself or is there a way to change the DMP web account to match the username and password which is needed for the website?
    I already tried using the format http://username:[email protected]

    Sorry, this type of functionality is not available on the DMP.
    A lot of the responsibility resides on the Hosting Site on how it
    accepts the authentication or Login credentials.  A web or app savy
    developer could probably develop a App (like for iPhone or iTouch)
    which could bring up a Virtual Keyboard which could be used with
    the DMP-4400G and a supported Touchscreen.  Then the user could
    add the credentials using the touch screen.
    Cheers!
    If this answers your question, Please take time to mark thisdiscussion answered & rate the response.
    Thank You!
    T.

  • Using url with username and password in URL class

    Hi,
    I'm writting an applet in which I use getAppletContext().showDocument with an URL.
    The problem is that I'm using URLs with username and password (http://user:[email protected]/page) and it isn't working because the browser is getting the URL http://user/page.
    Is this a bug in the URL class? Or in the showDocument method?
    Is there any way to make this work?
    Thanks for any help,
    Pedro Prospero Luis ([email protected])

    I'm not sure whether this is supported behaviour. I've had this syntax fail to work in the Netscape address bar so I can't recommend it as an approach for authentication.
    If you want to authenticate the user before redirecting to the page, though, you could try creating a connection to another page on the same server and sending the authorization information then. Your browser may then be successfully authenticated.
    See http://www.javaworld.com/javatips/jw-javatip47.html for information on this.
    You might not need to read back the page from the server, just connect to it. Might work.

  • Encrypt the username and Password in URL

    Hi
    My requirement is to encrypt the Password in the URL.
    http://Server_name/analytics/saw.dll?NQUser=Administrator&NQPassword=*Administrator*.
    Here My URL should look like this.
    http://Server_name/analytics/saw.dll?NQUser=Administrator&NQPassword=*encrypted password*.

    Hi in what situation you need this?, actually this is not a good practice to expose the user name and password over the URL. Better to force the user to login and then continue.
    If the user already logged in and while clicking you need to do a navigation then no need of passing username or password.
    Edited by: Ugser on Sep 7, 2009 8:08 AM

  • Form9i about username and password in URL

    hi all
    i need to hide the user name and password that comming in URL
    "http://192.168.1.100:8888/forms90/f90servlet?form=C:\ver6\MODULE1.fmx&userid=SCOTT/TIGER@orcl&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES"
    Please i need to that how can i hide it
    best to all

    read this document
    http://download-west.oracle.com/docs/cd/A97329_01/web.902/a92175/chap03.htm#1033308

  • Hide login and password in URL after running script - how?

    Folks, I've got a script that gets webalizer data.
    I've embedded the login and password in the script, but don't want it to show up in the URL as it currently does. Is there any way for me to do this?
    I am using the code from an example script:
    property target_URL : "http://finance.yahoo.com/q?s=AAPL&d=v1"
    open location target_URL

    the following only works if the URL has no relational links, try this:
    set target_URL to "http://www.apple.com"
    set dest_file to ((path to desktop as string) & "temp.html")
    -- down load it to your desktop first
    tell application "URL Access Scripting" to download target_URL to dest_file replacing yes
    -- do shell script "curl " & target_URL & " -o ~/desktop/temp.html" -- alternative is curl
    -- then open, the URL will be your desktop
    open location ("file://" & POSIX path of dest_file)

  • Hide user and password in URL

    Hi Experts,
    I need a help on portal URL. We are using SSA (Spend Analytics) in Portal. One of the option in portal is that you can generate an E-mail Link of a report which goes to users.
    Link looks like this for end user (They receive it via E-Mail)
    http://Host:Port/irj/servlet/prt/portal/prtrootxapps.analytics.ds_par.inbounds?guid=CC1E61FF_7B3F_45CB_A3BE_B00F6BD487B7&objType=REPO&objId=0DA4575B_3C28_E6D8_66C5_04008115C625
    Users should be able to view this link as soon as they click on it. If a user is already logged into portal and copy and paste the link, it works fine. However, if a user is not logged in and copy and past this link to IE, It automatically changes URL to something else and shows user & password 
    This is how it looks like. URL changes to the following link..
    http://HOST:PORT/irj/portal?j_user=XYZ_USER&j_password=XYZ_PASS&submit_logon=true
    So I'm not sure what is making portal to redirecting the link to (http://HOST:PORT/irj/portal?j_user=XYZ_USER&j_password=XYZ_PASS&submit_logon=true) when they enter generated link (http://Host:Port/irj/servlet/prt/portal/prtrootxapps.analytics.ds_par.inbounds?guid=CC1E61FF_7B3F_45CB_A3BE_B00F6BD487B7&objType=REPO&objId=0DA4575B_3C28_E6D8_66C5_04008115C625) and why is it showing user/pass and from where is it picking user & password.
    I kindly request all experts to please help me in this. I want to hide users/pass and make sure the link works fine without getting redirected it.
    Your help is much appreciated
    Thanks in Advance!!
    Afi

    Hi Sinivasan,
    I thought about it but I do not see User Mapping Field stating anything. It's empty.
    Here is how it looks like:
    Authentication Ticket Type : SAP Assertion Ticket
    Logon Method : SAPLOGONTICKET
    User Mapping Fields : <empty>
    User Mapping Type : admin,user
    So.. I really don't know why and from where is it picking up user/pass to URL. We are not even using Anonymous Login. Any other thing you could think of the possibility?
    Thanks
    Afi

  • Logging on ISA with username and password in URL

    Hi!
    We have a scenario where a customer have an internal portal and from this portal they access different suppliers webshop and get automatic access since the username and password is supplied in the URL.
    In our current Online Store solution we use a special log on page and the user gets logged in, but how is this possible in ISA?
    Regards
    rollo

    Hi!
    The correct answer should be YES, it is possible!
    It is not related to what Florian wrote, just simly add  the userid and password in the URL.
    Exemple
    https://mybigcompany.com/b2b/b2b/init.do?language=sv&userid=rollo&password=mytopsecretpassword
    The only negative issue is that the first log on will not work, the user get an errormessage and have to enter the log on data again.
    Message was edited by:
            rollo

Maybe you are looking for

  • IPhone will not show up in my computer or iTunes ~ Windows 7

    I just charged my iPhone on my Windows 7 computer, then my girlfriend came and took the cord I used. I grabbed two cords that were in bad condition because I wanted to sync my phone with iTunes. It did not sync with the computer or iTunes. I then fou

  • SB Audig

    Hi. I'm having a problem with the Sound Blaster Audigy 2 drivers. I have already tried the previous solutions and even though Windows XP has appeared to recognize the card after I reinstalled it several times,(I made sure the drivers were completely

  • Godaddy private hosting question

    I was about to register a domain with godaddy. I was going to register a .info. As I went through the checkout process, the site implored me to sign up for private registration for an extra $6.99, otherwise all of my private information would become

  • Static IP for Mac OS 10.5 -- Help!

    I'm not sure how to set up an static IP for my macbook. It will be using my airport, not my built in ethernet. Can someone provide me a step by step guide? I'm lost. Thanks!

  • New LiveCycle ES2 Service Pack 1 (SP1) now avialable

    Adobe has released LiveCycle ES2 Service Pack 1.  Service Pack 1 updates LiveCycle ES2 server components,LiveCycle Workbench ES2, (updating both is required) and can only be deployed on LiveCycle ES2. Please visit, https://www.adobe.com/cfusion/entit