3 Replies Latest reply: Dec 23, 2011 7:46 AM by Mahesh Krishnapillai RSS

How to deny portal login with logon values directly using as URL parameters

Atul Dumbre
Currently Being Moderated

Dear All,

 

we are planning to externalise our portal.

but the issue we are facing is that ,when er directly enter user and password in url we are able to login to the portal.

 

e.g.:- http://portal.com/irj/portal?j_user=username&j_password=password

 

after entering above url we are able to enter in the portal .

in order to keep our portal secure we need to denyy such kind of login.

Please help how to cope up with this issue.

 

Thanks and Regards,

Atul

Actions