Re: Trying to pass through firewall programmatically

You can use get_basic_credentials if credentials isn't working for you.

{
   package MyUserAgent;
   @ISA = qw(LWP::UserAgent);

   sub get_basic_credentials
    {
      my ($self, $realm, $uri) = @_;

      #do stuff with $realm and $uri if desired
      return ('myuserid', 'mypassword');
    }
}

my $ua = MyUserAgent->new();
[download]

Since it sounds like you are doing this to circumvent company security policy, you should probably get permission to do this if you haven't already.

Comment on Re: Trying to pass through firewall programmatically Download Code

Replies are listed 'Best First'.
Re: Re: Trying to pass through firewall programmatically by idnopheq (Chaplain) on Sep 10, 2001 at 23:59 UTC
Since it sounds like you are doing this to circumvent company security policy, you should probably get permission to do this if you haven't already. I *respectfully* disagree with this statement in principle. I agree one should check their corporate IT security policy before programatically passing through. But to infer non-compliance ( at best ) or intentional misuse ( at worst ) based off the parent node is IMHO not logical. I have used this very technique to do things like update my installed modules via PPM; to verify a web server is answering on the public internet from my corporate gateway as part of systems monitoring; etc. Such methods were not addressed in the corporate guidelines nor was I ever asked to investigate any such doings as a Security Administrator. I anticipate that, as proxy access is performed via username and password, this user has requested and was granted such access. /s?he/ is then monitorable and auditable. Nothing in the original node leads me to anticipate ( even as a sceptical security admin ) that anything is amiss. I believe one should make as certain as possible than the data they acquire in this fashion offers no threat to the corporate assets. But to my eyes the threat here is no better or worse than that the average l`^H`user can accomplish via IE or Netscape interactively. Anyway, I rant. YMMV :-) UPDATE: corrected typos ... HTH -- idnopheq Apply yourself to new problems without preparation, develop confidence in your ability to to meet situations as they arrise. ~ Shunryu Suzuki	[reply]
Re: Re: Trying to pass through firewall programmatically by dze27 (Pilgrim) on Sep 11, 2001 at 00:17 UTC
I think the credentials part was working, it was the proxy part that I was missing. Thanks though. As for the "circumventing company security policy" I appreciate the concern but I have read our AUP many times (to make sure the many things i do that most users don't do are OK) and there's nothing against doing this sort of thing. Every web access is logged with my machine name anyways, this wouldn't circumvent that. I have used that news alert program for 2 years, which has presumably generated 288 requests a day (one every 5 minutes) including Saturdays and Sundays and I have never heard anything about it. So I'm not going to be worried about the odd additional request. Obviously, as idnopheq says i had better be careful about what i'm accessing, but that applies in general.	[reply]


Think about Loose Coupling
	PerlMonks