hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julius Davies" <juliusdav...@gmail.com>
Subject Re: Trouble with simple login
Date Mon, 26 Feb 2007 03:08:08 GMT
You're doing:

1.  POST /index.php
2.  GET /index.php

Sometimes it helps to also mimic the browser step that downloaded the
login <form> in the first place!  So try this, instead!

1.  GET /index.php
2.  POST /index.php
3.  GET /index.php

You should never send a cookie unless a server gave you a "Set-Cookie"
first.  Step #1 here (the initial GET) will hopefully get the initial
cookies.

yours,

Julius


On 2/25/07, Christophe AGUETTAZ <aguettaz@gmail.com> wrote:
> Hi all,
> I've lately been trying to code a pretty simple application using
> HttpClient, but, being a relative newbie, I've had some trouble.
> I'm trying to do a very simple thing : login to a website, using POST
> to send a simple form.
> That's pretty much what's described here :
> http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners.
>
> The thing is, no matter what I do, I keep on getting the login page
> and never actually get logged, despite the fact that I successfully
> store the session cookies, and follow the redirections.
>
> I captured the HTTP headers sent via my web browser during the login
> process, and compared them with the wire logs that I got from my java
> app, and couldn't find any flagrant difference.
> The cookies that my application gets and then sends during my second
> GET request are correct, and, I'm sure of that, are the only thing
> needed to log in.
>
> I must have missed something... but what ? I really can't see.
>
> I joined the logs from my browser, and then from my app, and commented them.
> Any help would be great !
>
> Thanx,
> Chris.
>
> ***********Logs from my browser*************
>
> 1) POST request to http://www.dummysite.com/index.php?cookie=1
>
> POST /index.php?cookie=1 HTTP/1.1
> Host: www.dummysite.com
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2)
> Gecko/20070219 Firefox/2.0.0.2
> Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://www.dummysite.com/index.php
>
> //State of the cookies before they get updated
>
> Cookie: passc=dummyPass; cont=; mdpc=; loginc=
> Content-Type: application/x-www-form-urlencoded
>
> //this data is exactly the one send by my java application...
>
> Content-Length: 46
> login=DummyLogin&pass=dummyPass&contform=3&ok=Login
>
> //Response to the POST request -> redirection
>
> HTTP/1.x 302 Found
> Date: Mon, 26 Feb 2007 01:12:54 GMT
> Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i
> X-Powered-By: PHP/4.4.2
>
> //as you can see, 3 session cookies are set...
>
> Set-Cookie: loginc=DummyLogin; expires=Mon, 26 Feb 2007 02:52:54 GMT
> Set-Cookie: passc=dummyPass; expires=Mon, 26 Feb 2007 02:52:54 GMT
> Set-Cookie: cont=3; expires=Mon, 26 Feb 2007 02:52:54 GMT
>
> //redirection : to index.php
>
> Location: index.php
> Vary: Accept-Encoding,User-Agent
> Content-Encoding: gzip
> Content-Length: 1205
> Keep-Alive: timeout=15, max=100
> Connection: Keep-Alive
> Content-Type: text/html
>
>
> 2) GET request following the redirection, here the browser gets the
> 'logged' page. GET uri : http://www.dummysite.com/index.php
>
> GET /index.php HTTP/1.1
> Host: www.dummysite.com
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2)
> Gecko/20070219 Firefox/2.0.0.2
> Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: http://www.dummysite.com/index.php
>
> //the cookies are set
>
> Cookie: passc=dummyPass; cont=3; mdpc=; loginc=DummyLogin
>
> //and here we get the correct page...
>
> HTTP/1.x 200 OK
> Date: Mon, 26 Feb 2007 01:12:54 GMT
> Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i
> X-Powered-By: PHP/4.4.2
> Vary: Accept-Encoding,User-Agent
> Content-Encoding: gzip
> Content-Length: 1777
> Keep-Alive: timeout=15, max=99
> Connection: Keep-Alive
> Content-Type: text/html
> ----------------------------------------------------------
>
> **************************Logs from my application**************************
>
> Let's now see the exact same thing performed by my application...
>
> 2007/02/26 01:30:12:305 CET [DEBUG] HttpConnection - Open connection
> to www.dummysite.com:80
>
> // POSTing the form data...
>
>
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "POST
> /index.php?cookie=1 HTTP/1.1[\r][\n]"
> 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Adding Host request header
> 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Default charset
> used: ISO-8859-1
> 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Default charset
> used: ISO-8859-1
>
> //it mimics mozilla firefox 2.0...
>
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "User-Agent:
> Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2)
> Gecko/20070219 Firefox/2.0.0.2[\r][\n]"
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Host:
> www.dummysite.com[\r][\n]"
>
> //same data sent
>
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Content-Length: 46[\r][\n]"
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Content-Type:
> application/x-www-form-urlencoded[\r][\n]"
> 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "[\r][\n]"
> 2007/02/26 01:30:12:633 CET [DEBUG] EntityEnclosingMethod - Request body sent
>
>
> //then the redirection reply :
>
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "HTTP/1.1 302 Found[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Date: Mon, 26 Feb
> 2007 00:30:33 GMT[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Server: Apache/2.0.58
> (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "X-Powered-By:
> PHP/4.4.2[\r][\n]"
>
> //gets the session cookies :
>
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie:
> loginc=DummyLogin; expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie:
> passc=dummyPass; expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie: cont=3;
> expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]"
>
> //and the correct redirection, of course
>
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "location: index.php[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Vary:
> Accept-Encoding,User-Agent[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Transfer-Encoding:
> chunked[\r][\n]"
> 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Content-Type:
> text/html[\r][\n]"
>
> //the cookies are accepted
>
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted:
> "$Version=0; loginc=DummyLogin"
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted:
> "$Version=0; passc=dummyPass"
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted:
> "$Version=0; cont=3"
>
>
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodDirector - Redirect required
> 2007/02/26 01:30:12:743 CET [INFO] HttpMethodDirector - Redirect
> requested but followRedirects is disabled
> POST REQUEST : 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase -
> Default charset used: ISO-8859-1
>
> //then my application handles the redirection...
>
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Resorting to
> protocol version default close connection policy
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Should NOT close
> connection, using HTTP/1.1
> 2007/02/26 01:30:12:743 CET [DEBUG] HttpConnection - Releasing
> connection back to connection manager.
>
> //...and get the correct page
>
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "GET /index.php
> HTTP/1.1[\r][\n]"
> 2007/02/26 01:30:12:758 CET [DEBUG] HttpMethodBase - Adding Host request header
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "User-Agent:
> Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2)
> Gecko/20070219 Firefox/2.0.0.2[\r][\n]"
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Host:
> www.dummysite.com[\r][\n]"
>
> //sending the correct cookies...
>
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0;
> loginc=DummyLogin[\r][\n]"
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0;
> passc=dummyPass[\r][\n]"
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0;
> cont=3[\r][\n]"
> 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "[\r][\n]"
>
>
> //everything goes just fine...except for the fact that the data that I
> get represents...the login page
>
> 2007/02/26 01:30:12:821 CET [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
> 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Date: Mon, 26 Feb
> 2007 00:30:33 GMT[\r][\n]"
> 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Server: Apache/2.0.58
> (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i[\r][\n]"
> 2007/02/26 01:30:12:821 CET [DEBUG] header - << "X-Powered-By:
> PHP/4.4.2[\r][\n]"
> 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Vary:
> Accept-Encoding,User-Agent[\r][\n]"
> 2007/02/26 01:30:12:837 CET [DEBUG] header - << "Transfer-Encoding:
> chunked[\r][\n]"
> 2007/02/26 01:30:12:837 CET [DEBUG] header - << "Content-Type:
> text/html[\r][\n]"
> 2007/02/26 01:30:12:852 CET [DEBUG] HttpMethodBase - Resorting to
> protocol version default close connection policy
> 2007/02/26 01:30:12:852 CET [DEBUG] HttpMethodBase - Should NOT close
> connection, using HTTP/1.1
> 2007/02/26 01:30:12:852 CET [DEBUG] HttpConnection - Releasing
> connection back to connection manager.
>
> //Any idea ? ;)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
>
>


-- 
yours,

Julius Davies
416-652-0183
http://juliusdavies.ca/

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message