[Hidden-tech] Proxy server to access protected website

[Gyepi SAM]

Hi George,

I think 'EZproxy software' refers to this: http://www.oclc.org/ezproxy/default.htm

The listed configuration should be:

  U -form=post videatives http://streaming.videatives.com/session
  FormVariable authenticity_token=
  FormVariable login=USERNAME
  FormVariable password=PASSWORD
  FormVariable remember_me=
  FormVariable commit=Log in


It looks like streaming.videatives.com is using Ruby on Rails so the POST
url should be http://streaming.videatives.com/session, without the '/new' suffix.
Unfortunately, this may still not work because your site is also using the
'Request Forgery Protection' (denoted by the authenticity_token parameter)
and that requires the proxy server to first connect to the '/session/new' page (where it's
assigned the token) before it POSTS to '/session'.
I don't think EZproxy supports multistep authentication of that sort but it's worth trying.

Looking at the documentation, it appears that most of the resources accessible
through EZproxy use IP whitelists, which makes sense if users are proxied
through a single (or a small set of) IP addresses. Some also appear to use
single key authentication (probably in combination with whitelisting).

Regards

-Gyepi


On Tue, Nov 17, 2009 at 10:26:29AM -0500, George Forman wrote:
>    Dear Hidden Tech,
> 
>    Would anyone have a reference for where we might find a answer to this
>    person's question about using a proxy server to create a one click
>    login to our username and password protected video library at
>    [1]www.videatives.com.  A reference to an article or FQA would do fine.
> 
> 
>    BTY, the abbreviation VSS below stands for "video streaming service,"
>    our video library of over 160 clips that deal with child development
>    and early childhood education.
> 
>    Thanks,
> 
>    George Forman
> 
>    Amherst, Massachussets