hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ggcampbell <g...@comcast.net>
Subject Re: Problem with redirection on password protected website
Date Thu, 08 Nov 2007 22:10:52 GMT

Sure you have the correct user/password?



Giuseppe wrote:
> 
> 
> Hello,
> I've to submit post form with username,password and 2 hidden parameters.
> It seems to be logged in, but then redirection fails:
>  
> import java.io.IOException;
> import org.apache.commons.httpclient.*;import
> org.apache.commons.httpclient.cookie.CookiePolicy;import
> org.apache.commons.httpclient.cookie.CookieSpec;import
> org.apache.commons.httpclient.methods.*;
>  
> public class FormLogin{    static final String LOGON_SITE =
> "www.website.org";    static final int    LOGON_PORT = 80;
>     public FormLogin() {        super();    }
>     public static void main(String[] args) throws Exception {
>         HttpClient client = new HttpClient();       
> client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT, "http");       
> client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);     
> // 'developer.java.sun.com' has cookie compliance problems        // Their
> session cookie's domain attribute is in violation of the RFC2109        //
> We have to resort to using compatibility cookie policy
>         GetMethod authget = new GetMethod("/servlet/SessionServlet");
>         client.executeMethod(authget);        System.out.println("Login
> form get: " + authget.getStatusLine().toString());         // release any
> connection resources used by the method       
> authget.releaseConnection();        // See if we got any cookies       
> CookieSpec cookiespec = CookiePolicy.getDefaultSpec();        Cookie[]
> initcookies = cookiespec.match(            LOGON_SITE, LOGON_PORT, "/",
> false, client.getState().getCookies());        System.out.println("Initial
> set of cookies:");            if (initcookies.length == 0) {           
> System.out.println("None");            } else {            for (int i = 0;
> i < initcookies.length; i++) {                System.out.println("- " +
> initcookies[i].toString());                }        }               
> PostMethod authpost = new PostMethod("/");        // Prepare login
> parameters        NameValuePair action   = new NameValuePair("submit",
> "entra!");        NameValuePair url      = new NameValuePair("statuslg",
> "ok");        NameValuePair userid   = new NameValuePair("usr", "user");       
> NameValuePair password = new NameValuePair("pwd", "password");       
> authpost.setRequestBody(           new NameValuePair[] {action, url,
> userid, password});                client.executeMethod(authpost);       
> System.out.println("Login form post: " +
> authpost.getStatusLine().toString());         // release any connection
> resources used by the method        authpost.releaseConnection();       
> // See if we got any cookies        // The only way of telling whether
> logon succeeded is         // by finding a session cookie        Cookie[]
> logoncookies = cookiespec.match(            LOGON_SITE, LOGON_PORT, "/",
> false, client.getState().getCookies());        System.out.println("Logon
> cookies:");            if (logoncookies.length == 0) {           
> System.out.println("None");            } else {            for (int i = 0;
> i < logoncookies.length; i++) {                System.out.println("- " +
> logoncookies[i].toString());                }        }        // Usually a
> successful form-based login results in a redicrect to         // another
> url        int statuscode = authpost.getStatusCode();        if
> ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||            (statuscode
> == HttpStatus.SC_MOVED_PERMANENTLY) ||            (statuscode ==
> HttpStatus.SC_SEE_OTHER) ||            (statuscode ==
> HttpStatus.SC_TEMPORARY_REDIRECT)) {        
> //authpost.setFollowRedirects(true);            Header header =
> authpost.getResponseHeader("location");            if (header != null) {            
  
> String newuri = header.getValue();                if ((newuri == null) ||
> (newuri.equals(""))) {                    newuri = "/";                }            
                 
> System.out.println("Redirect target: " + newuri);                
> GetMethod redirect = new GetMethod(newuri);               
> redirect.setRequestHeader("Cookie",logoncookies.toString());               
> client.executeMethod(redirect);                  byte[] responseBody =
> redirect.getResponseBody();               System.out.println("Redirect: "
> + redirect.getStatusLine().toString());               
> System.out.println("Redirect: " + redirect.getRequestHeader("path"));               
                
> // release any connection resources used by the method               
> redirect.releaseConnection();            } else {               
> System.out.println("Invalid redirect");                System.exit(1);           
> }        }    }
>  
> I obtain code 302 for login page,
> andauthpost.getResponseHeader("location")=/default.php (that's correct)but
> redirection doesn't work and variable responseBody  contains html code
> from login page (index.php)Any idea, please?
> _________________________________________________________________
> Scarica GRATIS la versione personalizzata MSN di Internet Explorer 7!
> http://optimizedie7.msn.com/default.aspx?mkt=it-it
> 

-- 
View this message in context: http://www.nabble.com/Problem-with-redirection-on-password-protected-website-tf4732137.html#a13657026
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message