Skip to content. | Skip to navigation

Sections
Personal tools
What is this?
Hi, my name is Tom Lazar and I'm a Plone and Zope developer based in Berlin, Germany and this is my personal and professional (no big difference, really...) website.
 

How to pass authorization credentials via URL

Some ftp or http servers accept login-credentials encoded in the target URL as username:password@hostname.tld/path/to/item. Plone does, too - just slightly differently.

Say, you want to access the RSS-feed of a private plone-based blog located at

http://someserver.tld/blog/RSS

In order for your feedreader to authorize itself towards plone, it needs to pass the necessary credentials in the above mentioned URL.

Looking at the login-form of any vanilla plone-site you will notice the two parameters __ac_name and __ac_password: voila!

<div class="field">
    <label for="__ac_password">Password</label>
    <br>
    <input size="10" alt="Password" accesskey="l" 
      tabindex="10003" 
        name="__ac_password" id="__ac_password" type="password" />
</div>

Enter the following URL in your feedreader and you'll be able to access private sections of your site without having to manually authorize.

http://someserver.tld/blog/RSS?__ac_name=USERNAME&__ac_password=PASSWORD

(substituting USERNAME and PASSWORD with your own values. of course)
Outdated Information
Please note that most of the information contained in this section is several years old and while most of it is still useful, hardly none of it applies directly to current versions of the software discussed. Proceed with caution, your mileage may vary etc. pp. ;-)