You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Leena Borle <ls...@gmail.com> on 2008/07/17 01:18:42 UTC
HttpClient invalidates session
Hi,
I have a struts-2 application running on Tomcat-5 with Single Sign on
enabled. What I am trying to do is , use HttpClient(struts2 app) to access
data other WAR(say WAR2) which also has Form Based login system. To avoid
sending user's credentials(Which I don't have in my application), I am
trying to send cookie-JSESSIOIDSSO in the request header.
Everything works fine, I get the data back. But after that, my application
throws error that, session is invalidated.
How do I stop HttpClient from invalidating the session ?
Thanks
Leena.
Here is the code in my application ,
(Struts-2) HttpServletRequest request = ServletActionContext.getRequest();
//try out httpclient
javax.servlet.http.Cookie[] cookies = request.getCookies();
HttpState newState = new HttpState();
javax.servlet.http.Cookie ssoID = null;
for(int c = 0; c < cookies.length; c ++) {
javax.servlet.http.Cookie k = cookies[c];
if(k.getName().equalsIgnoreCase("JSESSIONIDSSO"))
ssoID=k;
}
HttpClient client = new HttpClient();
client.setState(newState);
GetMethod getMethod = new GetMethod("
http://localhost:8080/war2/exceuteServlet");
getMethod.getParams().setCookiePolicy(org.apache.commons.httpclient.cookie.CookiePolicy.IGNORE_COOKIES);
getMethod.setRequestHeader("Cookie", ssoID.getName() + "=" +
ssoID.getValue());
try {
int responseCode =
client.executeMethod(null,getMethod,newState);
String body = getMethod.getResponseBodyAsString();
AppLogger.getLogger().debug("Response code = " + responseCode+ "
\nResponse is " + body);
} catch (HttpException e) {
// TODO Auto-generated catch block
} catch (IOException e) {
// TODO Auto-generated catch block
} finally {
// release any connection resources used by the method
getMethod.releaseConnection();
}
Re: HttpClient invalidates session
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, 2008-07-16 at 16:18 -0700, Leena Borle wrote:
> Hi,
> I have a struts-2 application running on Tomcat-5 with Single Sign on
> enabled. What I am trying to do is , use HttpClient(struts2 app) to access
> data other WAR(say WAR2) which also has Form Based login system. To avoid
> sending user's credentials(Which I don't have in my application), I am
> trying to send cookie-JSESSIOIDSSO in the request header.
> Everything works fine, I get the data back. But after that, my application
> throws error that, session is invalidated.
> How do I stop HttpClient from invalidating the session ?
>
> Thanks
> Leena.
>
Leena,
The HTTP session can only be invalidated by the server. HttpClient
merely uses the session cookie to inform the server that requests are
logically related.
Oleg
> Here is the code in my application ,
>
> (Struts-2) HttpServletRequest request = ServletActionContext.getRequest();
>
> //try out httpclient
>
> javax.servlet.http.Cookie[] cookies = request.getCookies();
> HttpState newState = new HttpState();
> javax.servlet.http.Cookie ssoID = null;
> for(int c = 0; c < cookies.length; c ++) {
> javax.servlet.http.Cookie k = cookies[c];
> if(k.getName().equalsIgnoreCase("JSESSIONIDSSO"))
> ssoID=k;
> }
>
>
> HttpClient client = new HttpClient();
> client.setState(newState);
> GetMethod getMethod = new GetMethod("
> http://localhost:8080/war2/exceuteServlet");
>
> getMethod.getParams().setCookiePolicy(org.apache.commons.httpclient.cookie.CookiePolicy.IGNORE_COOKIES);
>
> getMethod.setRequestHeader("Cookie", ssoID.getName() + "=" +
> ssoID.getValue());
> try {
>
> int responseCode =
> client.executeMethod(null,getMethod,newState);
> String body = getMethod.getResponseBodyAsString();
>
> AppLogger.getLogger().debug("Response code = " + responseCode+ "
> \nResponse is " + body);
>
> } catch (HttpException e) {
> // TODO Auto-generated catch block
>
> } catch (IOException e) {
> // TODO Auto-generated catch block
>
> } finally {
> // release any connection resources used by the method
> getMethod.releaseConnection();
> }
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org