ecp-get-cookie¶
Authenticate and store session cookies.
ecp-get-cookie queries a SAML/ECP-enabled service, automatically performing authentication where required, and saves cookies to use in future requests to the same service.
There are two usages:
$ ecp-get-cookie -i ‘My Institution’ -u jsmith https://campus01.edu/my/secret/page
to authenticate with a password prompt, or
$ ecp-get-cookie -i ‘My Institution’ -k https://campus01.edu/my/secret/page
to reuse an existing kerberos (kinit
) credential.
By default the cookie file is created and stored in a location defined by either
/tmp/ecpcookie.u{uid}
(Unix), orC:\Windows\Temp\ecpcookie.{username}
(Windows)
Usage: ecp-get-cookie [-i IDENTITY_PROVIDER] [-k] [-u USERNAME] [-h] [-l] [-V]
[-c cookiefile] [-d] [-r] [-v] [-X]
URL
Required arguments¶
- URL
service URL for which to generate cookies
Authentication options¶
- -i, --identity-provider
name of institution providing the identity (e.g. ‘Cardiff University’), or domain name of IdP host (e.g. idp.cf.ac.uk), see –list-idps for a list of Identity Provider (IdPs) and their IdP URL. Shortened institution names (e.g. ‘Cardiff’) can be given as long as they uniquely match a full institution name known by CILogon
- -k, --kerberos
enable kerberos negotiation
Default: False
- -u, --username
authentication username, will be prompted for if not given and not using –kerberos
Other options¶
- -c, --cookiefile
cookie file to create/reuse/destroy
Default: “/tmp/ecpcookie.u1005”
- -d, --debug
write debug output to stdout (implies –verbose)
Default: False
- -r, --reuse
reuse existing cookies if possible
Default: False
- -v, --verbose
write verbose output to stdout
Default: False
- -X, --destroy
destroy existing cookie file
Default: False
Helper arguments¶
- -l, --list-idps
show IdP names and URLs and exit
- -V, --version
show program’s version number and exit