Return-Path: Delivered-To: apmail-hc-httpclient-users-archive@www.apache.org Received: (qmail 95013 invoked from network); 20 Oct 2008 16:43:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Oct 2008 16:43:25 -0000 Received: (qmail 73216 invoked by uid 500); 20 Oct 2008 16:43:25 -0000 Delivered-To: apmail-hc-httpclient-users-archive@hc.apache.org Received: (qmail 73196 invoked by uid 500); 20 Oct 2008 16:43:25 -0000 Mailing-List: contact httpclient-users-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpClient User Discussion" Delivered-To: mailing list httpclient-users@hc.apache.org Received: (qmail 73176 invoked by uid 99); 20 Oct 2008 16:43:25 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Oct 2008 09:43:25 -0700 X-ASF-Spam-Status: No, hits=-0.4 required=10.0 tests=DNS_FROM_OPENWHOIS,RCVD_IN_DNSWL_MED,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [192.18.43.133] (HELO sca-es-mail-2.sun.com) (192.18.43.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Oct 2008 16:42:15 +0000 Received: from fe-sfbay-09.sun.com ([192.18.43.129]) by sca-es-mail-2.sun.com (8.13.7+Sun/8.12.9) with ESMTP id m9KGghdY010554 for ; Mon, 20 Oct 2008 09:42:43 -0700 (PDT) Received: from conversion-daemon.fe-sfbay-09.sun.com by fe-sfbay-09.sun.com (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) id <0K9100K01PRHX400@fe-sfbay-09.sun.com> (original mail from mock+apache@fakebelieve.org) for httpclient-users@hc.apache.org; Mon, 20 Oct 2008 09:42:43 -0700 (PDT) Received: from [129.146.110.110] by fe-sfbay-09.sun.com (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) with ESMTPSA id <0K91004FLQEI5PD0@fe-sfbay-09.sun.com> for httpclient-users@hc.apache.org; Mon, 20 Oct 2008 09:42:18 -0700 (PDT) Date: Mon, 20 Oct 2008 09:42:14 -0700 From: Joseph Mocker Subject: Re: HttpClient and cookies In-reply-to: <48FC308F.1060200@isis-papyrus.com> Sender: Joseph.Mocker@Sun.COM To: HttpClient User Discussion Message-id: <48FCB4E6.1060805@fakebelieve.org> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7BIT References: <48FC308F.1060200@isis-papyrus.com> User-Agent: Thunderbird 2.0.0.16 (X11/20080808) X-Virus-Checked: Checked by ClamAV on apache.org It sounds like your webserver, or whatever is generating & processing the session cookie, is in error. From my reads of RFC2109 & RFC2068, quotes are reserved characters, they are not allowed in the cookie value. They say the cookie value can be either token | quoted-string where token = 1* tspecials = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <"> | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT and quoted-string = ( <"> *(qdtext) <"> ) qdtext = > So in your example, the quoted-string form is used, therefore the quotes are not part of the cookie value. Perhaps one of the developers can comment? --joe Reinhard Pagitsch wrote: > Hello to all, > > From our webserver I get a session cookie in the form > POSESSIONID="dfgsdfgsdg=" > But the HTTPClient sends back the cookie in the form > POSESSIONID=dfgsdfgsdg=. > Therefore no authentication is done. Is there a way to configure the > HttpClient to send back > the session cookie as it is and do no modifications? > > Thank you, > Reinhard > > --------------------------------------------------------------------- > To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org > For additional commands, e-mail: httpclient-users-help@hc.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org For additional commands, e-mail: httpclient-users-help@hc.apache.org