The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM Remote Login, Please Help

Discussion in 'cPanel Developers' started by JohnJ, Oct 25, 2008.

  1. JohnJ

    JohnJ Registered

    Joined:
    May 23, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    I want a way to go from index.php to /WHM via a button, without displaying the password whatsoever. I don't want it to show when doing 'right click > view source' or by pass=blahblah via $_GET... Just a 99.9% safe way to do the above.
     
  2. stoo2000

    stoo2000 Active Member

    Joined:
    Jul 26, 2003
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Leicestershire, UK
    cPanel Access Level:
    Root Administrator
    Send it via $_POST then, you might want to make sure that page uses SSL though..
     
  3. JohnJ

    JohnJ Registered

    Joined:
    May 23, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Is there any way that I can do this without using an SSL? I basically want my customers to be able to click a button and access their WHM without their password showing whatsoever.
     
  4. SNN

    SNN Well-Known Member

    Joined:
    Oct 5, 2007
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    You could have the user/pass in a database, then the button redirects the page to the WHM, and the page that redirects to WHM creates a $_POST in the background of the user's session and logs in for them.
    Or it could just redirect to http://1.2.3.4:2086/ and it'll prompt them for their user/pass.
     
  5. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    18
    We have a new module for this:

    http://httpupdate.cpanel.net/cpanelsync/EDGE/cpanel/Cpanel/LogMeIn.pm

    This will allow you to query a server for a URL that allows the client to log directly into cPanel. The URL is good for a single use and the session is destroyed once the URL is clicked on. There's a sample script after __END__ in the module which shows a simple way to redirect them, by printing the URL directly as the location to their browser.

    This module is currently only available in EDGE builds but will make its way to other builds soon.
     
  6. host911

    host911 Member

    Joined:
    Jan 8, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Canada, Toronto
    How can we use this modual do I need to have a logmein account?
    I upgraded my cPanel 11.24.4-R32603 but can't find this modual anywhere.

    Thank you,
     
  7. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    18
    You'll need to download the module from the link above to /usr/local/cpanel/Cpanel/LogmeIn.pm

    Then you can interact through the module with your login script. Something like this:

    Code:
    #!/usr/bin/perl
    
    use lib '/usr/local/cpanel';
    use Cpanel::LogMeIn ();
    
    my $user = '__USERNAME__'; #or lookup from your records
    my $pass = '__PASSWORD__'; #or lookup from your records
    my $host = '__HOSTNAME__'; #or lookup from your records
    my $service = 'cpanel'; #or whm or webmail to access those interfaces
    
    my($login_ok,$login_message,$login_url) = Cpanel::LogMeIn::get_loggedin_url('user'=>$user,'pass'=>$pass,'hostname'=>$host,'service'=>$service,'goto_uri'=>'/');
    
    if ($login_ok) {
        print "Location: $login_url\r\n\r\n";
    } else {
        print "Content-type: text/plain\r\n\r\n";
        print "LOGIN FAILED: $login_message\n";
    }
    
    exit (0);
    




    This script above will output a secure URL that can be used only once to login. If you're looking for a login form instead, you can use this example: http://www.cpanel.net/cpanel-login.phps
     
  8. fanfavorite

    fanfavorite Active Member

    Joined:
    Jun 1, 2008
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Any idea when this is going to be a feature in an official release?
     
  9. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    18
    This feature was added to the RELEASE tree on:

    Release 32486
    2008-12-19 15:50:30

    You can get updates about when it is included into STABLE by subscribing to the RSS feed at http://changelog.cpanel.net
     
  10. bkeep

    bkeep Member

    Joined:
    Feb 6, 2009
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    this may work also may not be very secure as it uses GET to pass to the server

    Code:
    https://$domain:2082/login/?user=$username&pass=$password"
    
     
  11. cynux

    cynux Well-Known Member

    Joined:
    Jul 30, 2005
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    I was wondering if it is possible to log a user in.. without knowing the password. following is the possible scenario:
    1. User visits our website and logs in (using his email/account id and password, it's not same as the cpanel login)
    2. now, user has more then one account on our server and I want to log them in.. without the the password prompt for cpanel..


    PS: I don't want to end up creating a password database.. since that'll be useless if user changed the password from cpanel..
     
  12. MattDees

    MattDees cPanel Product Owner
    Staff Member

    Joined:
    Apr 29, 2005
    Messages:
    417
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Well, of the top of my head - it's not going to be possible to log a user in without knowing the password (at this time).

    You will have to keep a password database, however we do have hooks so this database can be kept up to date.

    WritingFunctionHooks < DevHooks < TWiki

    That being said, I am never an advocate of keeping a password database


    Also, are you wanting this for JUST WHM or for cPanel and webmail as well?

    If it's just WHM.. you could use accesshashes to log the user in.
     
  13. cynux

    cynux Well-Known Member

    Joined:
    Jul 30, 2005
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    I'm only trying to use this for Cpanel, not for WHM or Webmail.
     
  14. grindlay

    grindlay Active Member

    Joined:
    Dec 8, 2004
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Edinburgh, Scotland
    cPanel Access Level:
    Root Administrator
    The wiki sample branded login
    SampleBrandedLogin < AllDocumentation < TWiki

    shows a good way of taking a username/email address/pass from within a client-accessed area of your site and passing that to a cPanel service. I found this a bit simpler than using the Perl module.
     
  15. cynux

    cynux Well-Known Member

    Joined:
    Jul 30, 2005
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    The reason behind asking for this function is that we sell domain names as well as web hosting and we want to be able to allow users to login to cpanel by just one click? i.e. a url that can be use once to login to cpanel. User will be already logged into our website, before we give them this url, hence there is no need to authenticate the user twice.
     
Loading...

Share This Page