Form Fill

Configure Content Provider URI Pattern using Form Fill

Reverse proxy can send form post to specified url. For some web applications that can allow automatic login, using form post.

Form post can be configred the same way as headers and cookies, you just need to add 'Meta Data' to specified 'URI pattern' in content provider.

Usually 'URI pattern' for form post is exact uri where real form post should be send. To find, it, you can open HTML source of web application with login form and find action attribute of <form> HTML tag. Or you can run some network analyzing tool, such as Fiddler or Wireshark, login to web application and then check in logs what url should be used.

When you know url and needed fields, you just need to create 'Meta data', select 'Send form post' as Meta data type and add needed fields. You can use static values or groovy scripts the same way as for headers and cookies. Then in URI pattern, it is possible to create Meta data and fill it with needed values. Name of header or cookie should be specified, but value can be static value, or some data from user, currently available username and password, or groovy script. Using groovy scripts, it is possible to send any values, just need to write this script.

  • Go to Content Providers


  • Click on edit on Content Provider where you want to add changes


  • Scroll down to URI Patterns Create new URI Pattern:


or click edit on existing:


For newly created URI pattern, add Pattern.


  • On URI Pattern screen, scroll down to Meta Data and click on plus button.


  • You need to give some name to it:


  • After that, change it type: click on `Metadata Type. And in opened dropdown list, select Form Post Processor. You can name it like you want:


  • Form POST can be filled using either "application/x-www-form-urlencoded" or "multipart/form-data". In field named: Content-Type type: 'application/x-www-form-urlencoded' or 'multipart/form-data', or simply 'urlencoded' or 'form-data':


  • Now all ready to add form post field. It is depend on webapplication what fields is need to be send. Usually it is enough to look at HTML source and find corresponding fields in <form> tag. Or you can use some network monitor utilities.



After that metatdata for Form Fill will look like this:


Then you will hit this url next time in browser, OpenIAM rProxy will change GET request to POST request, fill all listed fields and send this form post to backend. Content-type in 'Meta data' for form post should be set to 'urlencoded' or 'multipart-form-data'

Some web appliactions can need captcha or security settings that prevent filling form outside browser. For that web applications filling form post is inpossible.

But if web application using something like hidden fields in HTML, it is possible to fetch data from HTML page and send in form post. For example some .NET applications can set hidden fields named __VIEWSTATE, __VIEWSTATEGENERATOR, __EVENTVALIDATION, __EVENTTARGET, __EVENTARGUMENT or others and then check it. It is possible to fetch that hidden fields and send in form post, but sometimes this can be tricky.