hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joseph Jupin" <joe.ju...@fe77.com>
Subject Re: Problem with HttpClient and cookies...
Date Thu, 06 Dec 2007 17:58:56 GMT
On Thu, 6 Dec 2007 17:29:13 +0000
  sebb <sebbaz@gmail.com> wrote:
>> > Here's the gist of the problem:
>> >
>> > Cookies are not enabled on your browser. Please adjust this in 
>> >your
>> > security preferences before continuing
>> >
>> > yep - that's what I get back no matter what I do now.  yes, I make
>> > sure the cookies look like a valid session from a browser.  I've 
>> >gone
>> > into firefox and pulled out all the cookies made for this domain - 
>> >and
>> > mimic'd each and every one.
>> You can't normally re-use cookies from another session.

ummm - why not?  they're nothing but name-value pairs, rite?
So, if I copy those values - I should be able to mimic what's been
put in there, rite?  Most of the time, the cookies are only written at 
the beginning and then the next times they're just read for things 
like timeout parameters, login values, etc.  So, mimic-ing one 
shouldn't be that big a deal, I would think.

Anyhoo - I'll look into that - but I think you missed the point to my 
message.  The message being returned is that the site is thinks that 
cookies are not turned on!  Sooooo - is there some parameter or 
setting that needs to be set in the CookieSpec or Client to let it 
know that cookies are turned on?  How exactly does this work?

Just so you know - I've mapped the set-cookie calls and they're all 
read and properly set - I output both the name and the attribute value 
and compare against the cached values - each time it was a perfect 
other than maybe a time differential issue or time expiration problem, 
I can't see that my cookie creation is the problem - I believe it's a 
setting that needs to occur.  Anybody know this?


peace.  JOe...

>> >
>> > Yes, I've tried emulating different Browsers.  My current one is 
>> >set
>> > to Mozilla 5.0.
>> >
>> > I've gotten rid of the dread httpOnly tag by re-writing the
>> > CookieSpecBase class to ignore this parameter.  From what I can 
>> >tell,
>> > the site only sends it - it never tries to recover it - and the 
>> >cookie
>> > itself doesn't even seem to store it as an attribute of the 
>> >session.
>> >
>> > So, has anyone else seen this message - or could maybe direct me 
>> >to
>> > possible solutions?
>> Are you sure that the application is logging in correctly?

yes - it is.  When the values for logging in (login and password) are 
passed in through the cookies and through the calls - the site comes 
back with the login value pulled in to the login field with that error 
message - so it definitely knows that it's the login value - and I 
know for a fact that the password is correct.

>> > The next thing I'm going to try is to attach a mechanism to watch 
>> >how
>> > the cookie is formatted coming down and installed on a browser and 
>> >see
>> > if it differs much from mine - and - vice versa - how the cookie 
>> >looks
>> > going up and seeing if I match it.
>> HttpClient supports logging:
>> http://jakarta.apache.org/httpcomponents/httpclient-3.x/logging.html

yes - I know this - I have both the wire debugging on and regular 
debugging to see all the messages going by.  I don't think I'm missing 

Just as an aside - how do I know the values for the cookies are loaded 
to the site.  That is - do they have a format on how to pass the data 
(ie, "semi-colon" separate list of name-value pairs - what?)...  Does 
this make sense?

peace.  JOe...

To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org

View raw message