Re: Simple question about CAS with Apache HTTPClient

[Scott Battaglia]

Are you sending back any cookies you've received? (i.e. the session cookie)

On Mon, Mar 10, 2008 at 6:00 AM, Sven Feldberg <[EMAIL PROTECTED]>
wrote:

> Hi to all,
> I'm looking for a solution to my problem. First of all I have to program a
> Java client based on Apache HTTPClient. The user must feed his username and
> password as parameter in this application. The CAS server should
> authenticate the user. The client does two requests to CAS server. For the
> first GET request to ".../cas/login" get the client as response a normal
> login page. From this response I can extract a login ticket and construct a
> second POST request with tree parameters: username, password and lt. For
> this POST request I should get a response about my successful or not
> authentication. But the problem is I get the same login page back. I've
> installed the CAS server in the Tomcat. I don't know what can I do else? Can
> somebody help me with my problem? Maybe I should make some changes in CAS
> settings? Here is the source code that I've used:
>
> static String service = "www.google.de";
>    static String LOGON_SITE = "localhost";
>    static int    LOGON_PORT = 8080;
>
>    public static void StartHTTPClient()
>    {
>      try{
>                  HttpClient client = new HttpClient();
>                client.getHostConfiguration().setHost(LOGON_SITE,
> LOGON_PORT, "http");
>                client.getParams().setCookiePolicy(
> CookiePolicy.BROWSER_COMPATIBILITY);
>                client.getParams().setParameter("
> http.protocol.content-charset", "UTF-8");
>                GetMethod authget = new GetMethod("/cas/login");
>                NameValuePair serv = new NameValuePair("service",service);
>                client.executeMethod(authget);
>                System.out.println("Login form get: " +
> authget.getStatusLine().toString());
>                String response=authget.getResponseBodyAsString();
>                System.out.println("Server response:\n" + response.trim());
>                int c1=response.indexOf("name=\"lt\"", 0);
>                System.out.println(c1);
>                String lt=response.substring(c1+17, c1+93);
>                System.out.println(lt);
>                int c2=response.indexOf("method=\"post\" action=\"", 0);
>                System.out.println(c2);
>                String path=response.substring(c2+27,
> c2+85+service.length());
>                System.out.println(path);
>                // release any connection resources used by the method
>                authget.releaseConnection();
>
>                PostMethod authpost = new PostMethod("/cas/login");
>                // Prepare login parameters
>                NameValuePair ltP      = new NameValuePair("lt", lt);
>                NameValuePair userid   = new NameValuePair("username",
> URLEncoder.encode("aaaa", "UTF-8"));
>                NameValuePair password = new NameValuePair("password",
> URLEncoder.encode("aaaa", "UTF-8"));
>                authpost.setRequestBody(new NameValuePair[] {ltP, userid,
> password});
>
>                //authpost.setDoAuthentication(true);
>                client.executeMethod(authpost);
>                System.out.println("Login form post: " +
> authpost.getStatusLine().toString());
>                // release any connection resources used by the method
>                System.out.println(authpost.getResponseBodyAsString());
>                authpost.releaseConnection();
>
>                int statuscode = authpost.getStatusCode();
>                if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
>                    (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
>                    (statuscode == HttpStatus.SC_SEE_OTHER) ||
>                    (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
>                    Header header = authpost.getResponseHeader("location");
>                    if (header != null) {
>                        String newuri = header.getValue();
>                        if ((newuri == null) || (newuri.equals(""))) {
>                            newuri = "/";
>                        }
>                        System.out.println("Redirect target: " + newuri);
>                        GetMethod redirect = new GetMethod(newuri);
>
>                        client.executeMethod(redirect);
>                        System.out.println("Redirect: " +
> redirect.getStatusLine().toString());
>                        // release any connection resources used by the
> method
>                        redirect.releaseConnection();
>                    } else {
>                        System.out.println("Invalid redirect");
>                        System.exit(1);
>                    }
>                }
>      }
>      catch(Exception exc)
>      {
>            System.out.println(exc.toString());
>      }
>    }
>
> Thanks.
>
> Regards Sven
> _______________________________________________
> Yale CAS mailing list
> cas@tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>



-- 
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas