tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Derek Lac" <d...@konaware.com>
Subject using httpclient to login into tomcat with authenication
Date Wed, 21 Jun 2006 01:02:39 GMT
 

I need to find a way to go into tomcat programmatically and bypassing the
form based authentication.

 

I turned on form based authenticated by adding  security-constraint in
web.xml. As a result of that, I need to type in admin, admin as user name
and password to assess a page called hello.jsp. The way the form based works
is that it uses j_security_check by passing user name and password using
NameValuePair. I can log in ok manually.

 

Here's the error when I used httpclient.jar:

 

The time allowed for the login process has been exceeded. If you wish to
continue you must either click back twice and re-click the link you
requested or close and re-open your browser</u></p><p><b>description</b>
<u>The client did not produce a request within the time that the server was
prepared to

wait (The time allowed for the login process has been exceeded. If you wish
to continue you must either click back twice and re-click the link you
requested or

close and re-open your browser). 

 

 

I've turned on debugging. Somehow the the AuthenticatorBase or
FormAuthenticator authenticates different from the httpclient.jar than my
browser.

 

 

Thanks for Any Help,

 

Derek

 

 

 

Below is the code using httpclient.jar:

 

 

 

 

import org.apache.commons.httpclient.*; 

import org.apache.commons.httpclient.auth.*;

import org.apache.commons.httpclient.methods.*; 

import org.apache.commons.httpclient.cookie.CookiePolicy;

import org.apache.commons.httpclient.cookie.CookieSpec;

import org.apache.commons.httpclient.params.HttpMethodParams; 

import java.io.*; 

public class DoForm { 

 

 

static{ 

System.setProperty("org.apache.commons.logging.Log", 

                   "org.apache.commons.logging.impl.SimpleLog"); 

System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
"true"); 

System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire
", "debug"); 

System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.comm
ons.httpclient", "debug"); 

}

 

 

 

    //private static String url = "http://128.18.245.102:14035"; 

    //    private static String
url1="http://128.18.245.102:14035/kw-saf-admin";

 

    static final String LOGON_SITE = "localhost";

    static final int    LOGON_PORT = 8080;

    static final String    LOGON_EXT="self-login";

    private static String
url1="http://"+LOGON_SITE+":"+LOGON_PORT+"/"+LOGON_EXT;    

public static void main(String[] args) { 

// Create an instance of HttpClient. 

HttpClient client = new HttpClient(); 

// Create a method instance. 

PostMethod method = new PostMethod(url1+"/j_security_check"); 

//GetMethod method = new GetMethod(url1+"/j_security_check"); 

 

NameValuePair [] data = { new NameValuePair("j_username", "admin"),

                          new NameValuePair("j_password", "admin"),

                          new NameValuePair("action", "j_security_check"),

                                      new NameValuePair("url", "login.jsp")
};

 

method.setRequestBody(data);

 

 

 

 

try {

 // Execute the method. 

int statusCode = client.executeMethod(method); 

if (statusCode != HttpStatus.SC_OK) { 

System.err.println("Method failed: " + method.getStatusLine()); 

} // Read the response body. 

System.out.println("Login form post: " + method.getStatusLine().toString());

// release any connection resources used by the method

byte[] responseBody = method.getResponseBody(); 

method.releaseConnection();

// See if we got any cookies

// The only way of telling whether logon succeeded is 

// by finding a session cookie

CookieSpec cookiespec = CookiePolicy.getDefaultSpec();

Cookie[] logoncookies = cookiespec.match(

       LOGON_SITE, LOGON_PORT, LOGON_EXT, false, 

       client.getState().getCookies());

     System.out.println("Logon cookies:"); 

        if (logoncookies.length == 0) {

                System.out.println("None"); 

        } else {

                for (int i = 0; i < logoncookies.length; i++) {

                        System.out.println("- " + 

logoncookies[i].toString()); 

                        }

            }

 

// Deal with the response. 

// Use caution: ensure correct character encoding and is not binary data 

System.out.println(new String(responseBody)); 

 

} catch (HttpException e) {

 System.err.println("Fatal protocol violation: " + e.getMessage()); 

e.printStackTrace();

 } catch (IOException e) {

 System.err.println("Fatal transport error: " + e.getMessage());

 e.printStackTrace();

 } finally { // Release the connection. method.releaseConnection(); 

 } 

} 

}


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message