hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Does HTTPClient consults with browser when it is running under java plugin.
Date Sat, 02 Aug 2003 08:39:54 GMT
Reddy,

I tend to shun away from applets at all costs, so I can't claim to know
a great deal about them, but I find it highly unlikely for sun's
UrlConnection to be able to consult browser's cookie cache.

Firstly, please have a look at the following demo applications and see
if there's anything that you might be doing differently in your
application

Form logon:

http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/FormLoginDemo.java?rev=HEAD

Cookie management:

http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/CookieDemoApp.java?rev=HEAD

For instance, I am pretty sure I know why adding headers with cookies
stolen from the UrlConnection did not help. HttpClient expects cookies
to be managed through HttpState API. Therefore, it overwrites 'cookie'
headers set manually with those automatically generated based on
HttpState cookie collection content.


Secondly, please have a look at our logging guide and try to activate
HttpClietn's wire log. You will be able to see in details what exactly
HttpClient is doing. 

http://jakarta.apache.org/commons/httpclient/logging.html

Thirdly, my guess is that things do not work because you do not keep the
instance of HttpState between method invocations. See FormLoginDemo for
details

If you still can't get things to work after having consulted with our
sample applications, send us the wire log of your HTTP session and we'll
try to help further.

Cheers

Oleg






On Fri, 2003-08-01 at 01:22, Reddy Annapareddy wrote:
> All,
> 
> I am trying to use httpclient in an applet that runs in jdk 1.4.2 jre. Our
> web application (j2ee 1.3) security enabled and uses form login
> (j_security_check) and deployed on websphere 5.x app server . After
> successful login user gets applet page. When ever we make sun's
> URLConnection to my server, websphere recognizes me as previously
> authenticated user since sun's URLConnection using Java Plug-in, Java
> Plug-in consults the browser to determine if a cookie should be sent along
> with it which it received after login. If so, the HTTP/HTTPS request will
> contain the cookie as part of the header. Typically websphere sends a
> session cookie and security cookie (encrypted LTPAToken).
> 
> Where httpclient request to server after login, websphere treating as
> unauthenticated user and forcing user to provide login information again.
> http client uses sockets directly rather than suns URLConnection.
> 
> I have tried  following
> 
> After successful login. we contacted the server through sun's URLConnection
> to steel the all headers & cookies.
> Copied all header/cookies form a sun's URLConnection to my server to
> httpclient connection. Still my server recognizes me as new
> user/unauthenticated user.
> 
> Help me if anybody knows what else suns urlconnection is doing we are not
> doing through httpclient...
> 
> Reddy
> 
> 
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
> 


Mime
View raw message