hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From distortion <mathias.soederb...@gmail.com>
Subject Re: Another Form-problem, cookies?
Date Thu, 29 Nov 2007 16:16:02 GMT


Roland Weber wrote:
> 
> So the POST of the login form returns a page instead of a redirect.
> Have you taken a look at that page? Maybe it's the one you want.
> If not, it may contain an error description.
> 
> cheers,
>   Roland
> 

I had the code a bit messed up, but changed it and got another result this
time. I now get a redirect-status (302), but in some way the redirect isn't
working as intended. 

Did some scanning with WireShark and noticed that when i log in to the site
using Firefox the GET /my.php, which is redirected from /login.php, the
http-packet contains a Referer, that says:
Referer: http://www.torrentbytes.net/login.php\r\n

And when i attempt the same thing with my Java-program the http-packet for
GET /my.php doesn't have any Referer at all, so I'm guessin' that this is
what's causing my problems. Is it possible to send a Referer-attribute or
something?

Here is the result I'm getting while running my app, the last Redirect says
OK, but I'm unable to GET any of the "logged-in"-pages:

[RESULT]
Login form get: HTTP/1.1 200 OK
Initial set of cookies:
- PHPSESSID=f47e4d079b3f68d1a3547ed45c9c9e58
- checksum=3b8e2b8efcee77a88fe61182d0ed3a60

Login form post: HTTP/1.1 302 Found
Logon cookies:
- PHPSESSID=8db18443f72b735a40aa27e5ed62676f
- uid=*****
- pass=**************************
- validation=/* same as the checksum beneath */
- checksum=/* same as the validation above */
Location: http://www.torrentbytes.net/my.php

Redirect target: http://www.torrentbytes.net/my.php
Redirect: HTTP/1.1 200 OK
[/RESULT]

Any help is appreciated
// Mathias



[CODE]
import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.httpclient.methods.*;
import java.io.*;
import java.util.*;

/**
 * <p>
 * A example that demonstrates how HttpClient APIs can be used to perform 
 * form-based logon.
 * </p>
 *
 * @author Oleg Kalnichevski
 *
 */
public class FormBasedTest {

    static final String LOGON_SITE = "www.torrentbytes.net";
    static final int LOGON_PORT = 80;

    public FormBasedTest() {
        super();
    }

    public static void main(String[] args) throws Exception {

        /*System.setProperty("org.apache.commons.logging.Log",
"org.apache.commons.logging.impl.SimpleLog");
       
System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
"true");
       
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire.header",
"debug");
       
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient",
"debug");*/


        HttpClient client = new HttpClient();
        client.getParams().setParameter("http.useragent", "Mozilla/5.0,
(Windows; U; Windows NT 5.2; en-US; rv:1.8.1.10) Gecko/20071025
Firefox/2.0.0.10");
        client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT,
"http");
       
client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
        // 'developer.java.sun.com' has cookie compliance problems
        // Their session cookie's domain attribute is in violation of the
RFC2109
        // We have to resort to using compatibility cookie policy

        GetMethod authget = new GetMethod("/login.php");

        client.executeMethod(authget);

        System.out.println("Login form get: " +
authget.getStatusLine().toString());
        //System.out.println(authget.getResponseBodyAsString());
        // release any connection resources used by the method
        authget.releaseConnection();
        // See if we got any cookies
        CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
        Cookie[] initcookies = cookiespec.match(
                LOGON_SITE, LOGON_PORT, "/", false,
client.getState().getCookies());
        System.out.println("Initial set of cookies:");
        if (initcookies.length == 0) {
            System.out.println("None");
        } else {
            for (int i = 0; i < initcookies.length; i++) {
                System.out.println("- " + initcookies[i].toString());
            }
        }

        PostMethod authpost = new PostMethod("/takelogin.php");

        // Prepare login parameters
        NameValuePair action = new NameValuePair("action",
"/takelogin.php");
        NameValuePair userid = new NameValuePair("username", "username");
        NameValuePair password = new NameValuePair("password", "password");
        NameValuePair login = new NameValuePair("login", "Log in!");
        authpost.setRequestBody(
                new NameValuePair[]{action, userid, password, login});

        client.executeMethod(authpost);
        System.out.println(authpost.getResponseBodyAsString());
        System.out.println("Login form post: " +
authpost.getStatusLine().toString());
        // release any connection resources used by the method
        authpost.releaseConnection();

        // See if we got any cookies
        // The only way of telling whether logon succeeded is
        // by finding a session cookie
        Cookie[] logoncookies = cookiespec.match(
                LOGON_SITE, LOGON_PORT, "/", false,
                client.getState().getCookies());

        System.out.println("Logon cookies:");

        if (logoncookies.length == 0) {

            System.out.println("None");

        } else {

            for (int i = 0; i < logoncookies.length; i++) {
                System.out.println("- " + logoncookies[i].toString());
            }

        }

        // Usually a successful form-based login results in a redicrect to
        // another url
        int statuscode = authpost.getStatusCode();

        if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
                (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
                (statuscode == HttpStatus.SC_SEE_OTHER) ||
                (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {

            Header header = authpost.getResponseHeader("location");
            System.out.println(header);

            if (header != null) {

                String newuri = header.getValue();

                if ((newuri == null) || (newuri.equals(""))) {
                    newuri = "/";
                }

                System.out.println("Redirect target: " + newuri);
                GetMethod redirect = new GetMethod(newuri);

                client.executeMethod(redirect);
                System.out.println("Redirect: " +
                        redirect.getStatusLine().toString());


                /*BufferedReader in = new BufferedReader(new
InputStreamReader(redirect.getResponseBodyAsStream()));
                Scanner sc = new Scanner(in);
                while (sc.hasNextLine()) {
                System.out.println(sc.nextLine());
                }*/



                // release any connection resources used by the method
                redirect.releaseConnection();

            } else {

                System.out.println("Invalid redirect");
                System.exit(1);

            }
        }
    }
}
[/CODE]
-- 
View this message in context: http://www.nabble.com/Another-Form-problem%2C-cookies--tf4893593.html#a14029044
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message