hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: No Cookie when running FormLoginDemo
Date Wed, 15 Mar 2006 19:23:38 GMT
On Wed, 2006-03-15 at 11:05 -0500, Wagner, John (MED US) wrote:
> Hi All,
> 
> I am trying to run the FormLoginDemo example from the Samples page on an
> internal web site, but I do not get any cookies back from the post.  It
> says to verify that the code worked you need to check for a cookie
> coming back.  I viewed the source of the web page to check what the
> names of the parameters I would be passing and they where USERID,
> PASSWORD and the logon button was Submit.  Where did I go wrong?
> 

John,

The log clearly shows 4 cookies 

[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
6C7E6064157B70; $Path=/b0be-nta2-bin/" 
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebView=1504111A; $Path=/b0be-nta2-bin/" 
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsUrlInputParms=0" 
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0; SmsWebSC=1;
$Path=/b0be-nta2-bin/"

This bit is obviously the culprit. None of the four cookies returned
apparently match the criteria:

Cookie[] logoncookies = cookiespec.match(
 LOGON_SITE, LOGON_PORT, "/", false,
 client.getState().getCookies());

Hope this helps

Oleg


> Here is my code:
> 
> import org.apache.commons.httpclient.*;
> import org.apache.commons.httpclient.cookie.CookiePolicy;
> import org.apache.commons.httpclient.cookie.CookieSpec;
> import org.apache.commons.httpclient.methods.*;
> 
> /**
>  * <p>
>  * A example that demonstrates how HttpClient APIs can be used to
> perform
>  * form-based logon.
>  * </p>
>  *
>  * @author Oleg Kalnichevski
>  *
>  */
> public class FormLoginDemo
> {
>     static final String LOGON_SITE = "mlvv20oa";
>     static final int    LOGON_PORT = 80;
> 
>     public FormLoginDemo() {
>         super();
>     }
> 
>     public static void main(String[] args) throws Exception {
>     
>        System.setProperty("org.apache.commons.logging.Log",
> "org.apache.commons.logging.impl.SimpleLog");
> 
> System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
> "true");
> 
> System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.
> wire.header", "debug");
> 
> System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.
> commons.httpclient", "debug");
>       
>         HttpClient client = new HttpClient();
>         client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT,
> "http");
> 
> //client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY)
> ;
>       // 'developer.java.sun.com' has cookie compliance problems
>         // Their session cookie's domain attribute is in violation of
> the RFC2109
>         // We have to resort to using compatibility cookie policy
> 
>         GetMethod authget = new
> GetMethod("/b0be-nta2-bin/webclogn.exe/tst");
> 
>         client.executeMethod(authget);
>         System.out.println("Login form get: " +
> authget.getStatusLine().toString());
>         // release any connection resources used by the method
>         authget.releaseConnection();
>         // See if we got any cookies
>         CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
>         Cookie[] initcookies = cookiespec.match(
>             LOGON_SITE, LOGON_PORT, "/", false,
> client.getState().getCookies());
>         System.out.println("Initial set of cookies:");   
>         if (initcookies.length == 0) {
>             System.out.println("None");   
>         } else {
>             for (int i = 0; i < initcookies.length; i++) {
>                 System.out.println("- " + initcookies[i].toString());
> 
>             }
>         }
>        
>         PostMethod post = new
> PostMethod("/b0be-nta2-bin/webclogn.exe/tst");
>         // Prepare login parameters
>         post.addParameter("USERID", "userid");
>      post.addParameter("PASSWORD", "password");
>      post.addParameter("Submit", "Signon");
>        
>         client.executeMethod(post);
>        
>         System.out.println("Login form post: " +
> post.getStatusLine().toString());
>         // release any connection resources used by the method
>         post.releaseConnection();
>         // See if we got any cookies
>         // The only way of telling whether logon succeeded is
>         // by finding a session cookie
>         Cookie[] logoncookies = cookiespec.match(
>             LOGON_SITE, LOGON_PORT, "/", false,
> client.getState().getCookies());
>         System.out.println("Logon cookies:");   
>         if (logoncookies.length == 0) {
>             System.out.println("None");   
>         } else {
>             for (int i = 0; i < logoncookies.length; i++) {
>                 System.out.println("- " + logoncookies[i].toString());
> 
>             }
>         }
>         // Usually a successful form-based login results in a redicrect
> to
>         // another url
>         int statuscode = post.getStatusCode();
>         if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
>             (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
>             (statuscode == HttpStatus.SC_SEE_OTHER) ||
>             (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
>             Header header = post.getResponseHeader("location");
>             if (header != null) {
>                 String newuri = header.getValue();
>                 if ((newuri == null) || (newuri.equals(""))) {
>                     newuri = "/";
>                 }
>                 System.out.println("Redirect target: " + newuri);
>                 GetMethod redirect = new GetMethod(newuri);
> 
>                 client.executeMethod(redirect);
>                 System.out.println("Redirect: " +
> redirect.getStatusLine().toString());
>                 // release any connection resources used by the method
>                 redirect.releaseConnection();
>             } else {
>                 System.out.println("Invalid redirect");
>                 System.exit(1);
>             }
>         }
>     }
> }
> 
> Here is the log output:
> 2006/03/15 10:55:48:969 EST [DEBUG] HttpClient - -Java version: 1.4.2_10
> 
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Java vendor: Sun
> Microsystems Inc.
> 
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Java class path:
> D:\Java\Phil;D:\Java\EasySSL\commons-httpclient-3.0-rc4.jar;D:\Java\rx_h
> ub\log4j-1.2.7.jar;D:\Java\rx_hub\commons-logging.jar;D:\Java\rx_hub\com
> mons-logging-api.jar;D:\Java\HttpClientNTLM\commons-codec-1.3.jar
> 
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system name:
> Windows XP
> 
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system
> architecture: x86
> 
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system
> version: 5.1
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SUN 1.42: SUN (DSA
> key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
> CertPathBuilder; LDAP, Collection CertStores)
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJSSE 1.42: Sun JSSE
> provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories,
> SSLv3, TLSv1)
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunRsaSign 1.42: SUN's
> provider for RSA signatures
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJCE 1.42: SunJCE
> Provider (implements DES, Triple DES, AES, Blowfish, PBE,
> Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJGSS 1.0: Sun
> (Kerberos v5)
> 
> 2006/03/15 10:55:49:126 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.useragent = Jakarta Commons-HttpClient/3.0-rc4
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.version = HTTP/1.1
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.connection-manager.class = class
> org.apache.commons.httpclient.SimpleHttpConnectionManager
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.cookie-policy = rfc2109
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.element-charset = US-ASCII
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.content-charset = ISO-8859-1
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.method.retry-handler =
> org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@1f436f5
> 
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE,
> dd-MMM-yy HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy
> HH:mm:ss z, EEE, dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE
> dd-MMM-yyyy HH:mm:ss z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy
> HH-mm-ss z, EEE dd-MMM-yy HH:mm:ss z, EEE dd MMM yy HH:mm:ss z,
> EEE,dd-MMM-yy HH:mm:ss z, EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy
> HH:mm:ss z]
> 
> 2006/03/15 10:55:49:204 EST [DEBUG] HttpConnection - -Open connection to
> mlvv20oa:80
> 
> 2006/03/15 10:55:49:235 EST [DEBUG] header - ->> "GET
> /b0be-nta2-bin/webclogn.exe/tst HTTP/1.1[\r][\n]"
> 
> 2006/03/15 10:55:49:235 EST [DEBUG] HttpMethodBase - -Adding Host
> request header
> 
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0-rc4[\r][\n]"
> 
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "Host:
> mlvv20oa[\r][\n]"
> 
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "HTTP/1.1 200
> OK[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Date: Wed, 15 Mar 2006
> 15:55:49 GMT[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Connection:
> close[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Content-type:
> text/html[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Pragma:
> No-Cache[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Cache-Control:
> No-Cache[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Expires: 0[\r][\n]"
> 
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebSId=0;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT[\r][\n]"
> 
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebSId=0; $Path=/"
> 
> Login form get: HTTP/1.1 200 OK
> 
> Initial set of cookies:
> 
> None
> 
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpMethodBase - -Should close
> connection in response to directive: close
> 
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpConnection - -Releasing
> connection back to connection manager.
> 
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpConnection - -Open connection to
> mlvv20oa:80
> 
> 2006/03/15 10:55:49:438 EST [DEBUG] header - ->> "POST
> /b0be-nta2-bin/webclogn.exe/tst HTTP/1.1[\r][\n]"
> 
> 2006/03/15 10:55:49:438 EST [DEBUG] HttpMethodBase - -Adding Host
> request header
> 
> 2006/03/15 10:55:49:438 EST [DEBUG] HttpMethodBase - -Default charset
> used: ISO-8859-1
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] HttpMethodBase - -Default charset
> used: ISO-8859-1
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0-rc4[\r][\n]"
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Host:
> mlvv20oa[\r][\n]"
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Content-Length:
> 39[\r][\n]"
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Content-Type:
> application/x-www-form-urlencoded[\r][\n]"
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "[\r][\n]"
> 
> 2006/03/15 10:55:49:454 EST [DEBUG] EntityEnclosingMethod - -Request
> body sent
> 
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "HTTP/1.1 100
> Continue[\r][\n]"
> 
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
> 
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "Date: Wed, 15 Mar 2006
> 15:55:49 GMT[\r][\n]"
> 
> 2006/03/15 10:55:49:469 EST [INFO] HttpMethodBase - -Discarding
> unexpected response: HTTP/1.1 100 Continue
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "HTTP/1.1 200
> OK[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Date: Wed, 15 Mar 2006
> 15:55:49 GMT[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Connection:
> close[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Content-type:
> text/html[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Pragma:
> No-Cache[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Cache-Control:
> No-Cache[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Expires: 0[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
> 6C7E6064157B70;Path=/b0be-nta2-bin/[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebView=1504111A;Path=/b0be-nta2-bin/[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsUrlInputParms=0;Expires=Thu, 01-Jan-1970 00:00:00 GMT[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebSC=1;Path=/b0be-nta2-bin/[\r][\n]"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0;
> SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
> 6C7E6064157B70; $Path=/b0be-nta2-bin/"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebView=1504111A; $Path=/b0be-nta2-bin/"
> 
> Login form post: HTTP/1.1 200 OK
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsUrlInputParms=0"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebSC=1; $Path=/b0be-nta2-bin/"
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Should close
> connection in response to directive: close
> 
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpConnection - -Releasing
> connection back to connection manager.
> 
> Logon cookies:
> 
> None
> 
> 
> 
> Thanks in advance.
> 
> 
> 
> 
> 
> -------------------------------------------------------------------------------
> This message and any included attachments are from Siemens Medical Solutions
> USA, Inc. and are intended only for the addressee(s). 
> The information contained herein may include trade secrets or privileged or
> otherwise confidential information.  Unauthorized review, forwarding, printing,
> copying, distributing, or using such information is strictly prohibited and may
> be unlawful.  If you received this message in error, or have reason to believe
> you are not authorized to receive it, please promptly delete this message and
> notify the sender by e-mail with a copy to Central.SecurityOffice@shs.siemens.com
> 
> Thank you


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message