[ale] OT: Java and Cookies

Christopher Fowler cfowler at outpostsentinel.com
Fri Aug 29 15:31:44 EDT 2003


On Fri, Aug 29, 2003 at 02:21:18PM -0500, Denny Chambers wrote:
> I am having my own problem, that maybe you can help with. I send a POST 
> request to a URL with HttpURLConnection. tha URL sends back a 302 
> Redirect. The problem happens when the HttpURLConnection goes to follow 
> the redirect, it changes the request to a GET, and I loose the data that 
> I was passing. Any clue on getting around this, before I start hacking 
> it up and handling the redirect myself? Does this sound like a bug, or 
> is this just the way redirects work? Sounds like a bug to me?

This is the problem that I'm having.  So either we are experiencing the
same thing or we both suck.  I fixed it with my hacked up code. When
I get the 302 I have to get the files and also pass the cookie.  The only
way I found this out is by using a redirector I wrote in C that simply logs
all data going to the remote site to a file.  I just then tell Java to connect
to 127.0.0.1

I dump html to /tmp and use appletviewer to look at it.  I tried to
use JEditPane.setPage("file:/tmp/test.html") to run the html file
with the applet but it says I have not java.  Is there a way to
fix that?


> 
> Denny
> 
> 
> 
> 
> Christopher Fowler wrote:
> 
> >On Fri, Aug 29, 2003 at 01:18:21PM -0500, Denny Chambers wrote:
> > 
> >
> >>Hey, It just so happens I am working on HttpURLConnection stuff right 
> >>now. It sounds like the page that returns the frame sets does not return 
> >>a Set-Cookie, but frame source URLs do return cookies. Is this correct?
> >>   
> >>
> >
> >
> >Actually it does do a set cookie.  Look at my hack code:
> >
> >import java.net.*;
> >import java.io.*;
> >
> >public class Soc {
> >
> >   public static void main (String args[]) {
> >       String cookie = null;
> >       String message = new String (
> >                   "POST /auth.asp HTTP/1.1\r\n" +
> >                   "Content-Length: 45\r\n" +
> >                   "Content-Type: application/x-www-form-urlencoded\r\n" +
> >                   "User-Agent: Java/1.4.1_02\r\n" +
> >                   "Host: 127.0.0.1\r\n" +
> >                   "Accept: text/html, image/gif, image/jpeg, *; q=.2, 
> >                   */*; q=.2\r\n" +
> >                   "Connection: keep-alive\r\n" +
> >                   "\r\n" +
> >                   "login=super&password=smart&action_login=Login");
> >       try {
> >           Socket soc = new Socket("127.0.0.1", 80);
> >           OutputStream os = soc.getOutputStream();
> >           BufferedReader br = new BufferedReader(
> >                                   new 
> >                                   InputStreamReader(soc.getInputStream()));
> >           os.write(message.getBytes());
> >           String s;
> >           while((s = br.readLine()) != null) {
> >               if(s.startsWith("Set-Cookie:") == true) {
> >                   cookie = s.substring(12, s.indexOf(';'));
> >               }
> >           }
> >           soc.close();
> >       } catch (Exception exp) {
> >           System.err.println("Error: " + exp.getMessage());
> >           System.exit(1);
> >       }
> >
> >       if(cookie == null) {
> >           System.err.println("Authentication failure!\n");
> >           System.exit(1);
> >       }
> >
> >       try {
> >           String s;
> >           URL url = new URL("http://127.0.0.1/title_app.asp");
> >           HttpURLConnection connection = 
> >           (HttpURLConnection)url.openConnection();
> >           connection.setRequestProperty("Cookie", cookie);
> >           connection.setRequestProperty("Referrer", 
> >           "http://127.0.0.1/auth.asp");
> >           BufferedReader br = new BufferedReader(new 
> >           InputStreamReader(connection.getInputStream()));
> >           while((s = br.readLine()) != null) {
> >               System.out.println(s);
> >           }
> >       } catch (Exception exp) {
> >           System.err.println("Error: " + exp.getMessage());
> >           System.exit(1);
> >       }
> >
> >   }
> >}
> >
> >/* vi: set ts=4 sw=4 :*/
> >
> >
> >This is crappy hack code.  I'd prefer to do it wit classes.  
> > 
> >
> >>I am not sure how the HttpURLConnection works with frames. Does it try 
> >>to download each frame URL automatically? If so what you need are those 
> >>URLConnections. From looking at your code what your looking for is a 
> >>Set-Cookie header from the response that is returning the FrameSet HTML 
> >>code, if that code does not send a cookie, you will not get one looking 
> >>at that response data. If the HttpURLConnection is automatically making 
> >>the request for all of the frame src, then that is telling me that the 
> >>HttpURLConnection has a ContentHandler class that is parsing the html 
> >>data, and making the necessary request. If that is true, then your 
> >>answer may be in the ContentHandler class.
> >>   
> >>
> >
> >Could be.  The response is a redirect response.  The redirected page
> >is the page with all the framesets.
> >
> > 
> >
> >>HTH,
> >>Denny
> >>
> >>
> >>
> >>   
> >>
> >>>I'm trying to do a POST and grab a cookie to be used for later 
> >>>authentication. I hope that maybe you guys have done this
> >>>before.  The aut.asp page is a simple POST form.  When the
> >>>form is submitted it returns a frameset and a cookie.  I can
> >>>not seem to get the the HttpURLConnection to get the cookie.  It
> >>>seems that the conneciton does the post and then tries to
> >>>receive each page of the framset.  However, I do not see
> >>>and Cookies: being sent with those GET requests.  Is there a
> >>>way to get this code to use the Set-Cookie that is being sent
> >>>back.   
> >>>
> >>>---------- Cut Here --------------------------------
> >>>
> >>> public static void main(String args[]) {
> >>>     InputStream is;
> >>>     int data;
> >>>     String s;
> >>>     DataOutputStream    printout;
> >>>     String c;
> >>>     try {
> >>>         URL url = new URL("http://127.0.0.1/auth.asp");
> >>>         HttpURLConnection connection = 
> >>>         (HttpURLConnection)u.openConnection();
> >>>         String emit = "login=super&password=smart&action_login=Login";
> >>>         connection.setRequestProperty("Content-Length", "" + 
> >>>         emit.length());
> >>>         connection.setRequestProperty("Content-Type", 
> >>>         "application/x-www-form-urlencoded");
> >>>         connection.setUseCaches (false);
> >>>         connection.setDoInput(true);
> >>>         connection.setDoOutput(true);
> >>>         connection.setFollowRedirects(false);
> >>>         /* Not used now
> >>>         connection.setRequestProperty(
> >>>             "Authorization", 
> >>>             "Basic " + "cm9vdDpwYXNzd29yZA=="
> >>>         );      
> >>>         */
> >>>         connection.setDoOutput(true);
> >>>         connection.setDoInput(true);
> >>>         printout = new DataOutputStream (connection.getOutputStream ());
> >>>         printout.writeBytes (emit);
> >>>         printout.flush ();
> >>>         printout.close ();
> >>>         c = connection.getHeaderField("Set-Cookie");
> >>>         System.out.println("Cookie: " + c);
> >>>         BufferedReader br = new BufferedReader(new 
> >>>         InputStreamReader(connection.getInputStream()));
> >>>         System.out.flush();
> >>>         while((s = br.readLine()) != null) {
> >>>             System.out.println(s);
> >>>         }
> >>>     } catch (Exception Exp) {
> >>>         System.err.println("Error: " + Exp.getMessage());
> >>>         System.exit(1);
> >>>     }
> >>> }
> >>>
> >>>
> >>>---------- Cut Here --------------------------------
> >>>_______________________________________________
> >>>Ale mailing list
> >>>Ale at ale.org
> >>>http://www.ale.org/mailman/listinfo/ale
> >>>
> >>>
> >>>
> >>>
> >>>     
> >>>
> >
> >
> >_______________________________________________
> >Ale mailing list
> >Ale at ale.org
> >http://www.ale.org/mailman/listinfo/ale
> >
> >
> > 
> >


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list