hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wagner, John (MED US)" <john.wag...@siemens.com>
Subject No Cookie when running FormLoginDemo
Date Thu, 16 Mar 2006 00:20:00 GMT

Oleg,

Not sure I follow you: 

The log clearly shows 4 cookies
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
6C7E6064157B70; $Path=/b0be-nta2-bin/"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebView=1504111A; $Path=/b0be-nta2-bin/"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsUrlInputParms=0"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0; SmsWebSC=1;
$Path=/b0be-nta2-bin/"

This bit is obviously the culprit. None of the four cookies returned
apparently match the criteria:

Cookie[] logoncookies = cookiespec.match(
LOGON_SITE, LOGON_PORT, "/", false,
client.getState().getCookies());

What do you mean This bit is obviously the culprit.  Why don't the
cookies match.  Sorry, if I'm asked a stupid question, but I'm new to
this.

Thanks,
Jack


On Wed, 2006-03-15 at 11:05 -0500, Wagner, John (MED US) wrote:
> Hi All,
>
> I am trying to run the FormLoginDemo example from the Samples page on
an
> internal web site, but I do not get any cookies back from the post.
It
> says to verify that the code worked you need to check for a cookie
> coming back.  I viewed the source of the web page to check what the
> names of the parameters I would be passing and they where USERID,
> PASSWORD and the logon button was Submit.  Where did I go wrong?
>

John,

The log clearly shows 4 cookies

[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
6C7E6064157B70; $Path=/b0be-nta2-bin/"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsWebView=1504111A; $Path=/b0be-nta2-bin/"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0;
SmsUrlInputParms=0"
[DEBUG] HttpMethodBase - -Cookie accepted: "$Version=0; SmsWebSC=1;
$Path=/b0be-nta2-bin/"

This bit is obviously the culprit. None of the four cookies returned
apparently match the criteria:

Cookie[] logoncookies = cookiespec.match(
 LOGON_SITE, LOGON_PORT, "/", false,
 client.getState().getCookies());

Hope this helps

Oleg


> Here is my code:
>
> import org.apache.commons.httpclient.*;
> import org.apache.commons.httpclient.cookie.CookiePolicy;
> import org.apache.commons.httpclient.cookie.CookieSpec;
> import org.apache.commons.httpclient.methods.*;
>
> /**
>  * <p>
>  * A example that demonstrates how HttpClient APIs can be used to
> perform
>  * form-based logon.
>  * </p>
>  *
>  * @author Oleg Kalnichevski
>  *
>  */
> public class FormLoginDemo
> {
>     static final String LOGON_SITE = "mlvv20oa";
>     static final int    LOGON_PORT = 80;
>
>     public FormLoginDemo() {
>         super();
>     }
>
>     public static void main(String[] args) throws Exception {
>    
>        System.setProperty("org.apache.commons.logging.Log",
> "org.apache.commons.logging.impl.SimpleLog");
>
>
System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
> "true");
>
>
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.
> wire.header", "debug");
>
>
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.
> commons.httpclient", "debug");
>      
>         HttpClient client = new HttpClient();
>         client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT,
> "http");
>
>
//client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY)
> ;
>       // 'developer.java.sun.com' has cookie compliance problems
>         // Their session cookie's domain attribute is in violation of
> the RFC2109
>         // We have to resort to using compatibility cookie policy
>
>         GetMethod authget = new
> GetMethod("/b0be-nta2-bin/webclogn.exe/tst");
>
>         client.executeMethod(authget);
>         System.out.println("Login form get: " +
> authget.getStatusLine().toString());
>         // release any connection resources used by the method
>         authget.releaseConnection();
>         // See if we got any cookies
>         CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
>         Cookie[] initcookies = cookiespec.match(
>             LOGON_SITE, LOGON_PORT, "/", false,
> client.getState().getCookies());
>         System.out.println("Initial set of cookies:");  
>         if (initcookies.length == 0) {
>             System.out.println("None");  
>         } else {
>             for (int i = 0; i < initcookies.length; i++) {
>                 System.out.println("- " + initcookies[i].toString());
>
>             }
>         }
>       
>         PostMethod post = new
> PostMethod("/b0be-nta2-bin/webclogn.exe/tst");
>         // Prepare login parameters
>         post.addParameter("USERID", "userid");
>      post.addParameter("PASSWORD", "password");
>      post.addParameter("Submit", "Signon");
>       
>         client.executeMethod(post);
>       
>         System.out.println("Login form post: " +
> post.getStatusLine().toString());
>         // release any connection resources used by the method
>         post.releaseConnection();
>         // See if we got any cookies
>         // The only way of telling whether logon succeeded is
>         // by finding a session cookie
>         Cookie[] logoncookies = cookiespec.match(
>             LOGON_SITE, LOGON_PORT, "/", false,
> client.getState().getCookies());
>         System.out.println("Logon cookies:");  
>         if (logoncookies.length == 0) {
>             System.out.println("None");  
>         } else {
>             for (int i = 0; i < logoncookies.length; i++) {
>                 System.out.println("- " + logoncookies[i].toString());
>
>             }
>         }
>         // Usually a successful form-based login results in a
redicrect
> to
>         // another url
>         int statuscode = post.getStatusCode();
>         if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
>             (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
>             (statuscode == HttpStatus.SC_SEE_OTHER) ||
>             (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
>             Header header = post.getResponseHeader("location");
>             if (header != null) {
>                 String newuri = header.getValue();
>                 if ((newuri == null) || (newuri.equals(""))) {
>                     newuri = "/";
>                 }
>                 System.out.println("Redirect target: " + newuri);
>                 GetMethod redirect = new GetMethod(newuri);
>
>                 client.executeMethod(redirect);
>                 System.out.println("Redirect: " +
> redirect.getStatusLine().toString());
>                 // release any connection resources used by the method
>                 redirect.releaseConnection();
>             } else {
>                 System.out.println("Invalid redirect");
>                 System.exit(1);
>             }
>         }
>     }
> }
>
> Here is the log output:
> 2006/03/15 10:55:48:969 EST [DEBUG] HttpClient - -Java version:
1.4.2_10
>
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Java vendor: Sun
> Microsystems Inc.
>
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Java class path:
>
D:\Java\Phil;D:\Java\EasySSL\commons-httpclient-3.0-rc4.jar;D:\Java\rx_h
>
ub\log4j-1.2.7.jar;D:\Java\rx_hub\commons-logging.jar;D:\Java\rx_hub\com
> mons-logging-api.jar;D:\Java\HttpClientNTLM\commons-codec-1.3.jar
>
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system
name:
> Windows XP
>
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system
> architecture: x86
>
> 2006/03/15 10:55:48:985 EST [DEBUG] HttpClient - -Operating system
> version: 5.1
>
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SUN 1.42: SUN (DSA
> key/parameter generation; DSA signing; SHA-1, MD5 digests;
SecureRandom;
> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
> CertPathBuilder; LDAP, Collection CertStores)
>
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJSSE 1.42: Sun
JSSE
> provider(implements RSA Signatures, PKCS12, SunX509 key/trust
factories,
> SSLv3, TLSv1)
>
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunRsaSign 1.42:
SUN's
> provider for RSA signatures
>
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJCE 1.42: SunJCE
> Provider (implements DES, Triple DES, AES, Blowfish, PBE,
> Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
>
> 2006/03/15 10:55:49:126 EST [DEBUG] HttpClient - -SunJGSS 1.0: Sun
> (Kerberos v5)
>
> 2006/03/15 10:55:49:126 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.useragent = Jakarta Commons-HttpClient/3.0-rc4
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.version = HTTP/1.1
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.connection-manager.class = class
> org.apache.commons.httpclient.SimpleHttpConnectionManager
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.cookie-policy = rfc2109
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.element-charset = US-ASCII
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.protocol.content-charset = ISO-8859-1
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.method.retry-handler =
> org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@1f436f5
>
> 2006/03/15 10:55:49:141 EST [DEBUG] DefaultHttpParams - -Set parameter
> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE,
> dd-MMM-yy HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy
> HH:mm:ss z, EEE, dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z,
EEE
> dd-MMM-yyyy HH:mm:ss z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy
> HH-mm-ss z, EEE dd-MMM-yy HH:mm:ss z, EEE dd MMM yy HH:mm:ss z,
> EEE,dd-MMM-yy HH:mm:ss z, EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy
> HH:mm:ss z]
>
> 2006/03/15 10:55:49:204 EST [DEBUG] HttpConnection - -Open connection
to
> mlvv20oa:80
>
> 2006/03/15 10:55:49:235 EST [DEBUG] header - ->> "GET
> /b0be-nta2-bin/webclogn.exe/tst HTTP/1.1[\r][\n]"
>
> 2006/03/15 10:55:49:235 EST [DEBUG] HttpMethodBase - -Adding Host
> request header
>
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0-rc4[\r][\n]"
>
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "Host:
> mlvv20oa[\r][\n]"
>
> 2006/03/15 10:55:49:266 EST [DEBUG] header - ->> "[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "HTTP/1.1 200
> OK[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Date: Wed, 15 Mar
2006
> 15:55:49 GMT[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Connection:
> close[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Content-type:
> text/html[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Pragma:
> No-Cache[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Cache-Control:
> No-Cache[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Expires: 0[\r][\n]"
>
> 2006/03/15 10:55:49:391 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebSId=0;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT[\r][\n]"
>
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebSId=0; $Path=/"
>
> Login form get: HTTP/1.1 200 OK
>
> Initial set of cookies:
>
> None
>
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpMethodBase - -Should close
> connection in response to directive: close
>
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpConnection - -Releasing
> connection back to connection manager.
>
> 2006/03/15 10:55:49:422 EST [DEBUG] HttpConnection - -Open connection
to
> mlvv20oa:80
>
> 2006/03/15 10:55:49:438 EST [DEBUG] header - ->> "POST
> /b0be-nta2-bin/webclogn.exe/tst HTTP/1.1[\r][\n]"
>
> 2006/03/15 10:55:49:438 EST [DEBUG] HttpMethodBase - -Adding Host
> request header
>
> 2006/03/15 10:55:49:438 EST [DEBUG] HttpMethodBase - -Default charset
> used: ISO-8859-1
>
> 2006/03/15 10:55:49:454 EST [DEBUG] HttpMethodBase - -Default charset
> used: ISO-8859-1
>
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "User-Agent: Jakarta
> Commons-HttpClient/3.0-rc4[\r][\n]"
>
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Host:
> mlvv20oa[\r][\n]"
>
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Content-Length:
> 39[\r][\n]"
>
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "Content-Type:
> application/x-www-form-urlencoded[\r][\n]"
>
> 2006/03/15 10:55:49:454 EST [DEBUG] header - ->> "[\r][\n]"
>
> 2006/03/15 10:55:49:454 EST [DEBUG] EntityEnclosingMethod - -Request
> body sent
>
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "HTTP/1.1 100
> Continue[\r][\n]"
>
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
>
> 2006/03/15 10:55:49:469 EST [DEBUG] header - -<< "Date: Wed, 15 Mar
2006
> 15:55:49 GMT[\r][\n]"
>
> 2006/03/15 10:55:49:469 EST [INFO] HttpMethodBase - -Discarding
> unexpected response: HTTP/1.1 100 Continue
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "HTTP/1.1 200
> OK[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Server:
> Microsoft-IIS/5.0[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Date: Wed, 15 Mar
2006
> 15:55:49 GMT[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Connection:
> close[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Content-type:
> text/html[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Pragma:
> No-Cache[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Cache-Control:
> No-Cache[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Expires: 0[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
>
SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
> 6C7E6064157B70;Path=/b0be-nta2-bin/[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebView=1504111A;Path=/b0be-nta2-bin/[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsUrlInputParms=0;Expires=Thu, 01-Jan-1970 00:00:00 GMT[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] header - -<< "Set-Cookie:
> SmsWebSC=1;Path=/b0be-nta2-bin/[\r][\n]"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0;
>
SmsWebSId=6668716B0B1B646D7A71720A006F1468761B0E607E6C7E7A67667668670407
> 6C7E6064157B70; $Path=/b0be-nta2-bin/"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebView=1504111A; $Path=/b0be-nta2-bin/"
>
> Login form post: HTTP/1.1 200 OK
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsUrlInputParms=0"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Cookie accepted:
> "$Version=0; SmsWebSC=1; $Path=/b0be-nta2-bin/"
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpMethodBase - -Should close
> connection in response to directive: close
>
> 2006/03/15 10:55:49:657 EST [DEBUG] HttpConnection - -Releasing
> connection back to connection manager.
>
> Logon cookies:
>
> None
>
>
>
> Thanks in advance.



-------------------------------------------------------------------------------
This message and any included attachments are from Siemens Medical Solutions
USA, Inc. and are intended only for the addressee(s). 
The information contained herein may include trade secrets or privileged or
otherwise confidential information.  Unauthorized review, forwarding, printing,
copying, distributing, or using such information is strictly prohibited and may
be unlawful.  If you received this message in error, or have reason to believe
you are not authorized to receive it, please promptly delete this message and
notify the sender by e-mail with a copy to Central.SecurityOffice@shs.siemens.com

Thank you

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message