Difference between revisions of "Bypassing the Login Page"

From SmartWiki
Jump to: navigation, search
Line 1: Line 1:
If you need to bypass '''Login Page Scripting''' that you have added to the Login Page, you use the following type of URL:
+
#REDIRECT [[Login Page#Disable External Login Shortcut]]
 
 
http://Alias.smartsimple.biz/exlogin.jsp?alias=alias&user=username&password=password
 
 
 
* Note: '''exlogin.jsp''' is Case Sensitive
 
 
 
 
 
'''IMPORTANT:''' There are security implications with using this technique. See below.
 
 
 
 
 
You will need to use this technique when:
 
 
 
* The '''Login Page Scripting''' is not functioning correctly
 
* When you '''Clone''' a copy of [[SmartSimple]] and the original copy contains a Login Script preventing you from accessing the Clone.
 
 
 
Note: this technique should not be used to create as [[Browser|browser]] shortcut, as the [[Username|username]] and [[Password|password]] are exposed.
 
 
 
 
 
'''This method of accessing your instance can be disabled in your [[Global Settings]] > [[Security Settings]].'''
 
 
 
==Security Implications==
 
Using this technique can expose your password. Accordingly it should only be used when necessary.
 
* '''You should change your password immediately after using this technique'''
 
* The URL being opened may be available to other users on the same machine on which you are browsing.
 
* The URL retrieved from the remote machine may be logged elsewhere (ie: Proxy Server history, DNS server).
 
* Your browser history may retain the URL including your password.
 
 
 
To remove these possible security concerns this method of accessing SmartSimple can be disabled via [[Global Settings]] > [[Security Settings]].'''
 
 
 
 
 
[[Category:Global Settings]][[Category:System Management]][[Category:Security]] [[Category:Login Pages]]
 

Revision as of 09:29, 26 June 2019