hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ronald Geneblazo" <rgenebl...@analysts.com>
Subject RE: How to redirect after a successful form-based authentication
Date Wed, 23 Jul 2003 18:06:29 GMT
Oleg,

I got it working using the code below:

(from the jsp)
String indexPage = authpost.getResponseHeader("location").getValue();
GetMethod redirect = new GetMethod(indexPage);
client.executeMethod(redirect);

path = new URL(contextURL).getPath();
response.addHeader("Set-Cookie", "JSESSIONID=" + jsessionid + ";Path=" +
path);
response.sendRedirect(indexPage);

The JSP is now redirected to the index page of remote
J2EE web app that requires authentication, form-based.

Thanks!
Ronald



-----Original Message-----
From: Ronald Geneblazo [mailto:rgeneblazo@analysts.com]
Sent: Wednesday, July 23, 2003 9:21 AM
To: olegk@apache.org
Subject: RE: How to redirect after a successful form-based
authentication


Thanks again Oleg. I hate to send more follow up emails,
but I believe you can help me.

Yes, it's sort of a proxy. From Website A I have links to
website B (both J2EE web apps). When user clicks on website
B links, since it is a protected resource, webapp B will redirect
to the login page. I don't want the user to do another login,
since the user has done that with A. So instead, A will have to
use HTTPClient to login to B, using the same user credentials.

In the code, I was able to get past B's form-based authentication.
However, when I try to use response.sendRedirect(B_Absolute_Index_Page),
where B_Absolute_Index_Page is the newuri, redirect location,
it brings me back to B's login page, even after authentication.

My problem is how to be redirected to B's index page. If I just
display B' index page text from A using
out.println(redirect.getResponseBodyAsString()),
it didn't work either, lots of broken links, and some HTTP 404, since
B's context is not visible from A.

Hope this is clear, thanks again.
Ronald




-----Original Message-----
From: Oleg Kalnichevski [mailto:olegk@apache.org]
Sent: Tuesday, July 22, 2003 5:36 PM
To: rgeneblazo@analysts.com
Subject: RE: How to redirect after a successful form-based
authentication



>
> I used response.sendRedirect(newuri) from the jsp with no success.
> Thanks.
>
>

Hhmm. You are really doing some weird stuff. I am still not quite sure
that I correctly understand what you are trying to achieve. Are you
developing a proxy of a sort?

Anyways, I think the problem is that redirect URL you are getting is
relative, so you should be doing something like that:

 response.sendRedirect("http://www.whatever.com/" + newuri);

Oleg


> -----Original Message-----
> From: Oleg Kalnichevski [mailto:olegk@apache.org]
> Sent: Tuesday, July 22, 2003 4:30 PM
> To: rgeneblazo@analysts.com
> Subject: Re: How to redirect after a successful form-based
> authentication
>
>
> Ronald,
>
> If I understand it right, you are using HttpUrlConnection compatibility
> layer. I have to say in its current state it is quite flaky. I would
> strongly discourage the use of HttpUrlConnection compatibility layer at
> the moment.
>
> Have a look at the following sample
>
>
http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/FormLo
> ginDemo.java?rev=HEAD
>
> It should give you a fairly good overview of how things can be done
> using HttpClient native API
>
> Oleg
>
>
> On Tue, 2003-07-22 at 18:22, Ronald Geneblazo wrote:
> > Hi,
> >
> > I'm new to the list, thanks for any pointers. I'm using HTTPClient from
a
> > jsp, trying to
> > login to a j2ee web app (localhost). After using PostMethod and
providing
> > the
> > credentials, I got SC_MOVED_TEMPORARILY to the index page. I used
> GetMethod
> > to that redirect location and got 200 OK. So far so good.
> >
> > My problem is how to redirect to that (index page) location from the
jsp.
> > At that point, I'm already authenticated. I tried
> > response.sendRedirect(redirectLocation)
> > but the browser displays the login page. If I display the response body,
I
> > got HTTP 404
> > on some links (of the web app) since they are visible to the jsp
context.
> I
> > tried to set
> > setFollowRedirects(true) without success.
> >
> > ...(jsp code)
> > HttpURLConnection urlConnection = new HttpURLConnection(authpost, url);
> > if (urlConnection.getResponseCode() == HttpStatus.SC_MOVED_TEMPORARILY)
{
> >    String indexPage = authpost.getResponseHeader("location").getValue();
> >
> >    GetMethod redirect = new GetMethod(indexPage);
> >    //redirect.setFollowRedirects(true);
> >    client.executeMethod(redirect);
> >
> >    //what's next?
> >    //response.sendRedirect(indexPage);
> >    //out.println(redirect.getResponseBodyAsString());
> > }
> >
> > Please help.
> > Thanks, Ronald
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > ______________________________________________________________________
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
>


Mime
View raw message