HTTPS and Secure Sessions

I want to be able to check a secure page that I login to to access some
data. First off, the page is here:
https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
The account login page is on the front page: http://www.mbna.com/ The
login is done via POST. So this is what I've tried:

$url = "https://www.mbnanetaccess.com/NASApp/NetAccess/Login";

$browser = LWP::UserAgent->new();
$browser->timeout(10);

@fields = [username => 'myusername',
password => 'mypassword'
];

my $response = $browser->post($url,@fields);

if ($response->is_error())
{
printf "Error!";
printf "%s\n", $response->status_line;
}
$contents = $response->content();
print $contents;


But this returns nothing in the contents (but it does not error, which
leads me to believe that it logged in correctly). When I login with my
real browser, the POST redirects me to a new page at
https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
which is where I want to extract some information.

However, I'm unsure about how this redirect is passed down to the
browser. Also, there must some sort of secure session state that is
carried along, but again, I'm not sure where it is. Is there some tool
that will allow me to see the primitive GETS, POSTS, session states
etc. when I login with my real browser? So that I can mimic this with
perl? Anyone have other suggestions?

Re: HTTPS and Secure Sessions

wrote in message
news:1134509928.407471.166640@g49g2000cwa.googlegroups.com.. .
>I want to be able to check a secure page that I login to to access some
> data. First off, the page is here:
> https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
> The account login page is on the front page: http://www.mbna.com/ The
> login is done via POST. So this is what I've tried:
>
> $url = "https://www.mbnanetaccess.com/NASApp/NetAccess/Login";
>
> $browser = LWP::UserAgent->new();
> $browser->timeout(10);
>
> @fields = [username => 'myusername',
> password => 'mypassword'
> ];
>
> my $response = $browser->post($url,@fields);
>
> if ($response->is_error())
> {
> printf "Error!";
> printf "%s\n", $response->status_line;
> }
> $contents = $response->content();
> print $contents;
>
>
> But this returns nothing in the contents (but it does not error, which
> leads me to believe that it logged in correctly). When I login with my
> real browser, the POST redirects me to a new page at
> https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
> which is where I want to extract some information.
>

In that case, take a look at the requests_redirectable variable in
LWP::UserAgent when creating a new object. By default it will not redirect
posted data.

Matt

Re: HTTPS and Secure Sessions

"Matt Garrish" wrote in message
news:8Z%nf.2924$PQ3.531063@news20.bellglobal.com...
>
> wrote in message
> news:1134509928.407471.166640@g49g2000cwa.googlegroups.com.. .
>>I want to be able to check a secure page that I login to to access some
>> data. First off, the page is here:
>> https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
>> The account login page is on the front page: http://www.mbna.com/ The
>> login is done via POST. So this is what I've tried:
>>
>> $url = "https://www.mbnanetaccess.com/NASApp/NetAccess/Login";
>>
>> $browser = LWP::UserAgent->new();
>> $browser->timeout(10);
>>
>> @fields = [username => 'myusername',
>> password => 'mypassword'
>> ];
>>
>> my $response = $browser->post($url,@fields);
>>
>> if ($response->is_error())
>> {
>> printf "Error!";
>> printf "%s\n", $response->status_line;
>> }
>> $contents = $response->content();
>> print $contents;
>>
>>
>> But this returns nothing in the contents (but it does not error, which
>> leads me to believe that it logged in correctly). When I login with my
>> real browser, the POST redirects me to a new page at
>> https://www.mbnanetaccess.com/NASApp/NetAccess/RegisteredAcc ountsDisplay?&ehn=670
>> which is where I want to extract some information.
>>
>
> In that case, take a look at the requests_redirectable variable in
> LWP::UserAgent when creating a new object. By default it will not redirect
> posted data.
>

s/variable/argument/

I don't know why I care, but I do...

Matt

Re: HTTPS and Secure Sessions

On Tue, 13 Dec 2005 13:38:48 -0800, jamesjacobyu wrote:

> I want to be able to check a secure page that I login to to access some
> data.
> Anyone have other suggestions?

LWP::UserAgent does not work properly with SSL(https) or even doesn't
support it at all, I'm not sure. Anyway, it doesn't work. Try
::SSLeay Make a search on SSLeay and you'll figure
out ;)

Redirects are not enabled on POST by default. Enable it manually. Look
into LWP::UserAgent for details.