Encrypted Code Genrerated By The Client for the password on Every Request

Hello All,

URL of my application is asking userid and password but while recording it is showing passowrd as decoded . Every time password is changing and i am not able to corelate. Please provide the solution asap - 

web_submit_data("DoRiskLogin", 
        "Action=https://r1sb10.reval.com/itsweb01/core/DoRiskLogin?", 
        "Method=POST", 
        "RecContentType=application/json", 
        "Referer=https://r1sb10.reval.com/itsweb01/core/default_login.aspx", 
        "Snapshot=t6.inf", 
        "Mode=HTTP", 
        ITEMDATA, 
        "Name=_tid", "Value=DlgLogin", ENDITEM, 
        "Name=_rqId", "Value=", ENDITEM, 
        "Name=_opmTriggerId", "Value=NaN", ENDITEM, 
        "Name=_action", "Value=id12", ENDITEM, 

//userid
        "Name=id8", "Value=XYZ", ENDITEM, 

//password
        "Name=id9", "Value=xzctvraerP2Se23r12uvbbcx2__:DlgLogin:41d81d6ab019df05c64c07a02928a41cef102258b9b3b5c7ef8222c661f80fa72374924e96df77adffd6b47a6d215f7e565cca5001c9be5541e282dee4c4d4044acb3e33815e203bb5f605d8b0031b276aac65572390c97cb287a7263d530a7080aa0333c81f3e6a718abfb3d484fbf6499353e007b9774c8368d2b3c8ba5ccc", ENDITEM,
      
                         "Name=Mandant", "Value=", ENDITEM,
        "Name=SiteId", "Value=", ENDITEM, 
        "Name=siteIdhost", "Value=r1sb10.reval.com", ENDITEM, 
        "Name=token", "Value={token}", ENDITEM, 
        LAST);

We are not sure what algorithm third party vendor is using, Is there any way we can resolve this ?

  • It looks like that some java script is encrypting your password when you enter it on the form before it gets submitted.

    I've once had a comparable issue. I isolated the java script function and ran it with help of lr_js_run(). The java script code stored the value in a LR-parameter that I used in my web_submit_data call.

    When you need to script the page of your stakeholder, you might get help from the development organization.