>According to Chipper C. Cuntz: >> >> If I submit a URL via the browser to the respective cgi the browser then >> presents the user with a window asking for User/Pass. >> >> Goal: >> >> What I would like to do is simulate this entry of User/Pass with a >> (hopefully minor) change to the code snippet to get URLs. This would >> enable a download of the file I am after. What are the mechanics of this? >> Can this be done via MacPerl? >> >Well, I'm not sure what anyone else will say, but here is >my response: > >The reason your browser asks for a userid and password is >because you are logging into another system or your own >system via the browser. Once on your system (or the other >system), the userid and password are not needed. You >either DO have access to the web pages or you do not have >access to them. Like Yoda said: "No. Try not. Do or do >not. There is no try." If you do have access to the web >pages, then the socket program Paul posted will work >regardless to where you are coming from. If the pages are >locked in some manner (like no read or some such) you will >not be able to view the documents. > >Also, if you are asking us how to circumvent this, then you >are asking us how to break into a computer system and I >don't think there are many of us who will willingly tell >you how to go about doing that. :-) uhh... not exactly. The question was not about hacking in via telnet, but in providing authentication tokens for a "protected" page via a socket connection to an http server. There are three modes, more or less, for a file on a web server- publicly available, write-protected/non-existent, and "authentication required"- available, but only if you have a user id and password. Remember, HTTP is a stateless protocol. You ask for a page- if the server is instructed to authenticate before serving pages, it asks for your authentication information. If your browser has authentication information for that particular server, it supplies it. If it does not, it throws up the standard login/password dialog box. This process goes on for every page and image you access from an authentication-required area. it just happens behind the scenes, where the user isn't aware of it. The user id and password actually are needed for every transaction. Good docs on this are covered on the ncsa site, in the description of the .htaccess file. Tim ----------------=============================---------------- Tim Howland VSI New Media Director 44 N Main, Norwalk, CT 06854 (203) 852-1010, ex. 248 F:(203) 831-5116 thowland@vsicom.com http://www.vsicom.com