In article <[EMAIL PROTECTED]> you wrote:
> I want to be able to automatically log into a website and interact with the
> logged in, secure website. Unfortunately, it is 'protected' with one of those
> automatic login/password 'authorization' type boxes. How do you get around
> them?
You can't get around them, of course. All you can do is, when you're using a
batch-client, to automatically send the basic auth ingredients with the
requests. When you're using Netscape or Explorer you have to type in the
password at the first request (those browsers don't store it over GUI
sessions).
> And how do you get around the timeouts (ie: when someone has been logged
> in to a site for 5 mins, the site logs you out).
"Logged out?" A website doesn't you log out like a shell. What exactly do you
mean?
> Also, I don't want to have to get a certificate every single time I log in to
> a secure site... does openssl cache them for you?
When your browser connects to the secured website it either gets the server
certificate within the full handshake or can resume a previously session
(where no certificate is transferred). But usually because the certificate is
transferred and verified doesn't mean you've to worry about this. The only
time it can be annoying is when the client cannot verify the server cert (it
lacks information about the CA) the verification dialog pops up. But that's
then another problem...
> And finally, is there a FAQ? I didn't see one on www.openssl.org..
We've still no OpenSSL FAQ, but the SSLeay FAQ still applies. You can find it
under http://www.psy.uq.oz.au/~ftp/Crypto/.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
