You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Brijesh Deo <bd...@SonicWALL.com> on 2009/03/25 14:02:08 UTC
Not getting the Redirect Status Code and the Location header after a Form based Successful Login with HC 4.0
Hi,
We have a server where there is Redirect to another page after a
successful Form based login and that happens fine while using the older
api (HttpClient 3.1). With the new API (4.0) however I don't get a
Redirect status code (302) and also the Location header is not present
in the HttpResponse. Instead I get a Http Status Code as 200 in the
Response to HttpPost to the Login Form. But if I use the Older Api, I
get the 302 status and also the Location header with the Redirect URL
value. So there is nothing wrong on the server side.
The Code I am using with HttpClient 3.1 is a modified form of the Sample
code FomLoginDemo.java and it works fine for me.
And the Code I am using with HttpClient 4.0 is the modified form of the
Sample code ClientFormLogin.java. And after a successful login it
returns a status code 200 instead of 302. And there is no Location
header in the response. The entire code is given below.
I have the following questions:
1) What am I missing to do?
2) Do I need to set a RedirectHandler and a RequestInterceptor as I have
done below?
3) Why do I get a response status as 200 after a login instead of a 302
(redirect)? I also get the Post Login cookie indicating that the Login
was successful.
4) Please point to anything extra/wrong that I am doing in my code
below. I have tried to set the request headers in the same way as
Mozilla Firefox does it; still does not work.
5) I have implemented SecureProtocolProxySocketFactory (implements
org.apache.http.conn.scheme.SocketFactory, LayeredSocketFactory) for
dealing with Self Signed Certs and its working fine.
Please help.
Thanks,
Brijesh
public class MyClientFormLogin {
public static void main(String[] args) throws Exception {
// Create and initialize HTTP parameters
HttpParams params = new BasicHttpParams();
ConnManagerParams.setMaxTotalConnections(params, 100);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setUseExpectContinue(params, false);
ConnManagerParams.setTimeout(params, 10000);//in millisecs
//set the cookie policy
HttpClientParams.setCookiePolicy(params, CookiePolicy.RFC_2109);
//redirect true
HttpClientParams.setRedirecting(params, true);
// Create and initialize scheme registry
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http",
PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("https", new
SecureProtocolProxySocketFactory(), 443));
// Create an HttpClient with the ThreadSafeClientConnManager.
ClientConnectionManager cm = new
ThreadSafeClientConnManager(params, schemeRegistry);
DefaultHttpClient httpclient = new DefaultHttpClient(cm,
params);
//setting RedirectHandler and DefaultHeaders
httpclient.setRedirectHandler(new DefaultRedirectHandler());
httpclient.addRequestInterceptor(new RequestDefaultHeaders());
//Create the target HttpHost
HttpHost target = new HttpHost("10.XXX.XXX.96", 443, "https");
//fetch the Login page
HttpGet httpget = new HttpGet("/login.html");
HttpResponse response = httpclient.execute(target, httpget);
HttpEntity entity = response.getEntity();
System.out.println("Login form get: " +
response.getStatusLine());
if (entity != null) {
entity.consumeContent();
}
System.out.println("Initial set of cookies:");
List<Cookie> cookies = httpclient.getCookieStore().getCookies();
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
HttpPost httpost = new HttpPost("/login.html");
//Set the headers similar to what a Mozilla browser does
httpost.addHeader("Cookie", cookies.get(0).getName() + "=" +
cookies.get(0).getValue());
httpost.setHeader("User-Agent", "Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7");
httpost.setHeader("Accept",
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
httpost.setHeader("Accept-Charset",
"ISO-8859-1,utf-8;q=0.7,*;q=0.7");
httpost.setHeader("Connection", "keep-alive");
httpost.setHeader("Accept-Encoding", "gzip,deflate");
httpost.setHeader("Keep-Alive", "300");
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("userid", "admin"));
nvps.add(new BasicNameValuePair("password", "password"));
nvps.add(new BasicNameValuePair("login", "Log In"));
httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
response = httpclient.execute(target, httpost);
entity = response.getEntity();
System.out.println("Login form Post: " +
response.getStatusLine());
// See if we got any cookies
cookies = httpclient.getCookieStore().getCookies();
System.out.println("Post logon cookies:");
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
CookieSpec cookiespec = new RFC2109Spec();
CookieOrigin cookieOrigin = new CookieOrigin("10.XXX.XXX.96",
443, "/", true);
//match the cookies
for (int i = 0; i < cookies.size(); i++) {
Cookie cookie = cookies.get(i);
if (cookiespec.match(cookie, cookieOrigin)) {
System.out.println("Cookie Matched - " +
cookie.toString());
}
}
// Usually a successful form-based login results in a redirect to
another url
int statuscode = response.getStatusLine().getStatusCode();
if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
(statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
(statuscode == HttpStatus.SC_SEE_OTHER) ||
(statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
Header header = response.getFirstHeader("Location");
if (header != null) {
String redirectURI = header.getValue();
if ((redirectURI != null) && (!redirectURI.equals("")))
{
System.out.println("Redirect target: " + redirectURI);
}
} else {
System.out.println("Invalid redirect");
}
}
}
}
Re: Not getting the Redirect Status Code and the Location header
after a Form based Successful Login with HC 4.0
Posted by Sam Berlin <sb...@gmail.com>.
I don't believe anything is wrong here, Brijesh. HttpClient 4 is
automatically doing the redirects for you. A 200 status code and a
successful login is the ultimate goal, right? Is there something else
you need from the intermediary redirect request/response? If so, you
can use setRedirectHandler on AbstractHttpClient and set a custom
RedirectHandler that stops automatically redirecting. The
DefaultRedirectHandler that you're using (which is there by default)
will tell HttpClient to behind-the-scenes automatically do the
redirect.
Sam
On Wed, Mar 25, 2009 at 9:02 AM, Brijesh Deo <bd...@sonicwall.com> wrote:
> Hi,
>
>
>
> We have a server where there is Redirect to another page after a
> successful Form based login and that happens fine while using the older
> api (HttpClient 3.1). With the new API (4.0) however I don't get a
> Redirect status code (302) and also the Location header is not present
> in the HttpResponse. Instead I get a Http Status Code as 200 in the
> Response to HttpPost to the Login Form. But if I use the Older Api, I
> get the 302 status and also the Location header with the Redirect URL
> value. So there is nothing wrong on the server side.
>
>
>
> The Code I am using with HttpClient 3.1 is a modified form of the Sample
> code FomLoginDemo.java and it works fine for me.
>
>
>
> And the Code I am using with HttpClient 4.0 is the modified form of the
> Sample code ClientFormLogin.java. And after a successful login it
> returns a status code 200 instead of 302. And there is no Location
> header in the response. The entire code is given below.
>
>
>
> I have the following questions:
>
> 1) What am I missing to do?
>
> 2) Do I need to set a RedirectHandler and a RequestInterceptor as I have
> done below?
>
> 3) Why do I get a response status as 200 after a login instead of a 302
> (redirect)? I also get the Post Login cookie indicating that the Login
> was successful.
>
> 4) Please point to anything extra/wrong that I am doing in my code
> below. I have tried to set the request headers in the same way as
> Mozilla Firefox does it; still does not work.
>
> 5) I have implemented SecureProtocolProxySocketFactory (implements
> org.apache.http.conn.scheme.SocketFactory, LayeredSocketFactory) for
> dealing with Self Signed Certs and its working fine.
>
>
>
> Please help.
>
>
>
> Thanks,
>
> Brijesh
>
>
>
>
>
>
>
> public class MyClientFormLogin {
>
>
>
> public static void main(String[] args) throws Exception {
>
>
>
>
>
> // Create and initialize HTTP parameters
>
> HttpParams params = new BasicHttpParams();
>
> ConnManagerParams.setMaxTotalConnections(params, 100);
>
> HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
>
> HttpProtocolParams.setUseExpectContinue(params, false);
>
> ConnManagerParams.setTimeout(params, 10000);//in millisecs
>
>
>
> //set the cookie policy
>
> HttpClientParams.setCookiePolicy(params, CookiePolicy.RFC_2109);
>
>
>
> //redirect true
>
> HttpClientParams.setRedirecting(params, true);
>
>
>
> // Create and initialize scheme registry
>
> SchemeRegistry schemeRegistry = new SchemeRegistry();
>
> schemeRegistry.register(new Scheme("http",
> PlainSocketFactory.getSocketFactory(), 80));
>
> schemeRegistry.register(new Scheme("https", new
> SecureProtocolProxySocketFactory(), 443));
>
>
>
> // Create an HttpClient with the ThreadSafeClientConnManager.
>
> ClientConnectionManager cm = new
> ThreadSafeClientConnManager(params, schemeRegistry);
>
> DefaultHttpClient httpclient = new DefaultHttpClient(cm,
> params);
>
> //setting RedirectHandler and DefaultHeaders
>
> httpclient.setRedirectHandler(new DefaultRedirectHandler());
>
> httpclient.addRequestInterceptor(new RequestDefaultHeaders());
>
>
>
> //Create the target HttpHost
>
> HttpHost target = new HttpHost("10.XXX.XXX.96", 443, "https");
>
>
>
> //fetch the Login page
>
> HttpGet httpget = new HttpGet("/login.html");
>
> HttpResponse response = httpclient.execute(target, httpget);
>
> HttpEntity entity = response.getEntity();
>
>
>
> System.out.println("Login form get: " +
> response.getStatusLine());
>
> if (entity != null) {
>
> entity.consumeContent();
>
> }
>
> System.out.println("Initial set of cookies:");
>
>
>
> List<Cookie> cookies = httpclient.getCookieStore().getCookies();
>
> if (cookies.isEmpty()) {
>
> System.out.println("None");
>
> } else {
>
> for (int i = 0; i < cookies.size(); i++) {
>
> System.out.println("- " + cookies.get(i).toString());
>
> }
>
> }
>
>
>
> HttpPost httpost = new HttpPost("/login.html");
>
> //Set the headers similar to what a Mozilla browser does
>
> httpost.addHeader("Cookie", cookies.get(0).getName() + "=" +
> cookies.get(0).getValue());
>
> httpost.setHeader("User-Agent", "Mozilla/5.0 (Windows; U;
> Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7");
>
> httpost.setHeader("Accept",
> "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
>
> httpost.setHeader("Accept-Charset",
> "ISO-8859-1,utf-8;q=0.7,*;q=0.7");
>
> httpost.setHeader("Connection", "keep-alive");
>
> httpost.setHeader("Accept-Encoding", "gzip,deflate");
>
> httpost.setHeader("Keep-Alive", "300");
>
>
>
>
>
> List <NameValuePair> nvps = new ArrayList <NameValuePair>();
>
> nvps.add(new BasicNameValuePair("userid", "admin"));
>
> nvps.add(new BasicNameValuePair("password", "password"));
>
> nvps.add(new BasicNameValuePair("login", "Log In"));
>
>
>
> httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
>
>
>
> response = httpclient.execute(target, httpost);
>
> entity = response.getEntity();
>
>
>
> System.out.println("Login form Post: " +
> response.getStatusLine());
>
>
>
> // See if we got any cookies
>
> cookies = httpclient.getCookieStore().getCookies();
>
>
>
> System.out.println("Post logon cookies:");
>
>
>
> if (cookies.isEmpty()) {
>
> System.out.println("None");
>
> } else {
>
> for (int i = 0; i < cookies.size(); i++) {
>
> System.out.println("- " + cookies.get(i).toString());
>
> }
>
> }
>
>
>
> CookieSpec cookiespec = new RFC2109Spec();
>
> CookieOrigin cookieOrigin = new CookieOrigin("10.XXX.XXX.96",
> 443, "/", true);
>
> //match the cookies
>
> for (int i = 0; i < cookies.size(); i++) {
>
> Cookie cookie = cookies.get(i);
>
> if (cookiespec.match(cookie, cookieOrigin)) {
>
> System.out.println("Cookie Matched - " +
> cookie.toString());
>
> }
>
> }
>
>
>
> // Usually a successful form-based login results in a redirect to
> another url
>
> int statuscode = response.getStatusLine().getStatusCode();
>
> if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
>
> (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
>
> (statuscode == HttpStatus.SC_SEE_OTHER) ||
>
> (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
>
>
>
> Header header = response.getFirstHeader("Location");
>
> if (header != null) {
>
> String redirectURI = header.getValue();
>
> if ((redirectURI != null) && (!redirectURI.equals("")))
> {
>
> System.out.println("Redirect target: " + redirectURI);
>
> }
>
>
>
> } else {
>
> System.out.println("Invalid redirect");
>
> }
>
> }
>
> }
>
> }
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org