In the code below I am running a post request on a website. What I dont understand is why the cookie shows up via the cookiemanager, but it does not show up in the POST header. See my comments in the code.
Can someone kindly explain what I am missing?
CookieManager cm = new CookieManager(null, CookiePolicy.ACCEPT_ALL);
CookieHandler.setDefault(cm);
...
connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
OutputStream outputStream = connection.getOutputStream();
outputStream.write(urlParams.getBytes(charset));
// Clear cookies to prove they are not from an old request.
cm.getCookieStore().removeAll();
if (connection.getResponseCode() != HttpURLConnection.HTTP_OK)
throw new Exception("Invalid response code.");
// No cookie prints here:
Log.d("Aero", connection.getHeaderFields().toString());
List<HttpCookie> cookies = cm.getCookieStore().getCookies();
for (HttpCookie cookie : cookies) {
if (cookie.getName().equals("ASP.NET_SessionId")) {
// But we do get a cookie here
Log.d("Aero", cookie.toString());
}
}
Ok with a clear head this morning I have managed to solve this one myself. The problem was that the response was a 302 redirect and the redirected page had no cookie in the response header.
I needed to use:
connection.setInstanceFollowRedirects(false);
To ensure I was reading the response from the original header not the redirected one.
Related
I'm trying to login web site using Java and I succeeded. Below is the code I used.
String query = "myquery";
URL url = new URL(loginUrl);
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-length", String.valueOf(query.length()));
con.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
con.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0;Windows98;DigExt)");
con.setDoOutput(true);
con.setDoInput(true);
DataOutputStream output = new DataOutputStream(con.getOutputStream());
output.writeBytes(query);
output.close();
DataInputStream input = new DataInputStream( con.getInputStream() );
for( int c = input.read(); c != -1; c = input.read() ) {
System.out.print( (char)c );
// this page returns JavaScript code
}
After this, I want to access another web page in same domain, so I tried below code.
URL url = new URL(anotherUrl);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
... similar to above code ...
But this page asks me to login again. I think connection has been disconnected in the process of changing URL. (Onlt login page uses HTTPS protocol and other pages use HTTP protocol)
How can I fix this?
Someone please help
Keep in mind that HTTP is completely stateless. The idea of "logging in" to a site translates to (usually) setting cookies from an HTTP perspective. Those cookies are simply HTTP headers and they are sent with each subsequent request by your browser. So for you to maintain the logged in state its up to you get the cookies from the response headers and send them along with future requests.
Here is how:
Retrieving cookies from a response:
Open a java.net.URLConnection to the server:
URL myUrl = new URL("http://www.hccp.org/cookieTest.jsp");
URLConnection urlConn = myUrl.openConnection();
urlConn.connect();
Loop through response headers looking for cookies:
Since a server may set multiple cookies in a single request, we will need to loop through the response headers, looking for all headers named "Set-Cookie".
String headerName=null;
for (int i=1; (headerName = uc.getHeaderFieldKey(i))!=null; i++) {
if (headerName.equals("Set-Cookie")) {
String cookie = urlConn.getHeaderField(i);
...
Extract cookie name and value from cookie string:
The string returned by the getHeaderField(int index) method is a series of name=value separated by semi-colons (;). The first name/value pairing is actual data string we are interested in (i.e. "sessionId=0949eeee22222rtg" or "userId=igbrown"), the subsequent name/value pairings are meta-information that we would use to manage the storage of the cookie (when it expires, etc.).
cookie = cookie.substring(0, cookie.indexOf(";"));
String cookieName = cookie.substring(0, cookie.indexOf("="));
String cookieValue = cookie.substring(cookie.indexOf("=") + 1, cookie.length());
This is basically it. We now have the cookie name (cookieName) and the cookie value (cookieValue).
Setting a cookie value in a request:
Values must be set prior to calling the connect method:
URL myUrl = new URL("http://www.hccp.org/cookieTest.jsp");
URLConnection urlConn = myUrl.openConnection();
Create a cookie string:
String myCookie = "userId=igbrown";
Add the cookie to a request:
Using the
setRequestProperty(String name, String value);
method, we will add a property named "Cookie", passing the cookie string created in the previous step as the property value.
urlConn.setRequestProperty("Cookie", myCookie);
Send the cookie to the server:
To send the cookie, simply call connect() on the URLConnection for which we have added the cookie property:
urlConn.connect()
I have a simple situation.
Given one URL, the server header response code will be HTTP 200.
Now I'm trying it with another URL where the server FIRST responded with HTTP 302 (Found) and THEN redirects and responded with the header HTTP 200 code.
Hence, in second case, why connection.getResponseCode() does not return HTTP 302 and instead directly returns HTTP 200. I'm actually interested in checking the header response within the initial HTTP 302 response.
Here's the simplified HttpUrlConnection code (almost a carbon copy of many open-source implementations).
private int responseCode;
private Map<String, List<String>> headerFields;
public String getString(String url)
{
String response = null;
try
{
URL mUrl = new URL(url);
HttpURLConnection connection = (HttpURLConnection) mUrl.openConnection();
connection.setRequestMethod("GET");
responseCode = connection.getResponseCode();
headerFields = connection.getHeaderFields();
/* boilerplate buffered reader stuffs for getting stream + StringBuilder etc etc.*/
}
finally
{
connection.disconnect();
}
return response;
}
Extra info: The HTTP 302 contains the header key: 'location', though as expected, connection.getheaderFields() does not contain it.
You can configure whether redirects are automatically followed; see http://docs.oracle.com/javase/7/docs/api/java/net/HttpURLConnection.html#setFollowRedirects%28boolean%29.
I am writing an application that will autocomplete a form on a website;(in Java)
The user must be logged in to do this, and this is where the issue appears:
this is a chunk of the response to the login request:
Set-Cookie: PHPSESSID=3fvr31tb3c1iplpi3vqpvloar3; path=/; domain=.bursatransport.com
Set-Cookie: PHPSESSID=eanaj1d9egd73uiome0jtsed43; path=/; domain=.bursatransport.com
As far as I have tested it, the last one is the correct one(I tested it by changing the PHPSESSID cookie in the browser)
My application retains the first cookie. As a result, when submitting a form, it behaves as if the user would not be logged in.
Sometines it retained the last cookie, but it did not succesfully submit the form(the same as before).
Here is my login code:
String query = String
.format("returnTo=/&Login[username]=%s&Login[password]=%s&Login[rememberMe]=0&yt4=",
URLEncoder.encode(name, charset),
URLEncoder.encode(password, charset));
CookieManager manager = new CookieManager();
manager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
CookieHandler.setDefault(manager);
URLConnection mycon = new URL(url).openConnection();
mycon.setDoOutput(true);
mycon.setRequestProperty("Accept-Language", "ro-RO,ro;q=0.8,en-US;q=0.6,en;q=0.4");
mycon.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
mycon.setRequestProperty("Accept-Charset", charset);
mycon.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded;charset=" + charset);
OutputStream output = null;
output = mycon.getOutputStream();
output.write(query.getBytes(charset));
mycon.getContent();
This is for sure not a server issue, since it responds correctly to browser requests(I am listening to them with fiddler)
I solved the problem(even if i still don't know the roots of it).
The response contained 2 "Set-Cookie" headers because(this is not your most consistent reason) my request did not contain a PHPSESSID cookie;
So I changed the code, so that it would first get the login page(with no login data).
The response to this request set's a PHPSESSID cookie(but I am not logged in)
Then I send my login request (which now contains a PHPSESSID cookie) and, boom, it works.
here is the code:
CookieManager manager = new CookieManager();
CookieHandler.setDefault(manager);
URLConnection mycon = new URL(url).openConnection();
mycon.getContent();
String query = String
.format("Login[username]=%s&Login[password]=%s&Login[rememberMe]=0&yt4=",
URLEncoder.encode(name, charset),
URLEncoder.encode(password, charset));
mycon = new URL(url).openConnection();
mycon.setDoOutput(true);
mycon.setRequestProperty("Accept-Language", "ro-RO,ro;q=0.8,en-US;q=0.6,en;q=0.4");
mycon.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
mycon.setRequestProperty("Accept-Charset", charset);
mycon.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded;charset=" + charset);
OutputStream output = null;
output = mycon.getOutputStream();
output.write(query.getBytes(charset));
output.close();
mycon.getContent();
mycon.getInputStream().close();
This the post that "opened my eyes":
Java: Handling cookies when logging in with POST
I am trying use the HTTPURLConnection class to open connection to a JSP and receive a response from a servlet. A response header is set in the JSP that need to be read in the servlet.
The code sample is as below
String strURL = "http://<host>:<port>/<context>/mypage.jsp";
String sCookies = getCookie();//method to get the authentication cookie(**SSOAUTH**) and its value for the current logged in user
URL url = new URL(strURL);
HttpURLConnection urlConnection = (HttpURLConnection)url.openConnection();
urlConnection.setRequestProperty("Cookie", URLEncoder.encode(sCookies, "UTF-8"));
urlConnection.setRequestMethod("POST");
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
DataOutputStream out = new DataOutputStream(urlConnection.getOutputStream());
out.writeBytes("lang=en");
out.flush();
out.close();
//reading the response received from JSP and retrieve header value
response.write(urlConnection.getHeaderField("commAuth") + "<br />");
The issue is the passed SSOAUTH cookie is not sent to the JSP. If I send the UID/PWD instead of cookie as below the authentication succeeds and response is sent correctly.
urlConnection.setRequestProperty("username", "testuser");
urlConnection.setRequestProperty("password", "testpwd");
Is this the right way of sending cookie over HTTPURLConnection? or are there other parameters that need to be set?
You may want to try removing the URLEncoder.encode from the entire sCookies String. The cookie format should be in the form of NAME=VALUE, but by URLEncoding the whole string you will escape the =.
I play a video url using streaming player on blackberry. If the url returns "200" status code it play successfully.
When i pass the below url, it returns "302" http status code.It won't play on streaming player.
http://belointr.rd.llnwd.net/KGW/ea398ac7b03a91c2ddf451f1fd7e3ef87f19da59_fl9.mp4?x-belo-vsect=kgw-basketball
When i check the statuscode for 302 its says redirect url.
When i pass the url on browser, it calls automatically below the redirect url.
http://belointr.vo.llnwd.net/kip0/_pxn=2+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxI1=A21907+_pxL1=begin+_pxM1=+_pxR1=13737+_pxK=20558/KGW/ea398ac7b03a91c2ddf451f1fd7e3ef87f19da59_fl9.mp4?x-belo-vsect=kgw-basketball
How can i get the redirect url programatically on blackberry.?
pls help me.
In the headers of the response, retrieve the value of the header 'Location', it contains the redirect url. This is standard in HTTP protocol
Edit: Real quick sample on how to get the location header (could be written a lot better and safer)
URL url = new URL("http://some.url");
int responseCode = -1;
while (responseCode != 200) {
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
responseCode = conn.getResponseCode();
if (responseCode > 299 && responseCode < 400) {
url = new URL(conn.getHeaderField("Location"));
}
}