I have a need to automatically retrieve a document stored in a secure
remote site. Thus, I need to simulate a logon to the remote site (which
is driven by ASP.NET, but that shouldn't be relevant). This should be
easy as pie: do a cfhttp POST to simulate a logon, then do a cfhttp GET
to retrieve the document I need. But it's not working (and it's not
even giving me any error indications), and I can't figure out why.
The logon page my browser is retrieving from the remote site contains
the following login form code:
<form action="" method="post"
id="IndividualLogon" name="IndividualLogon">
<input type="hidden" name="ReturnURL" value="">
Please enter your SWOG Roster ID number and Password:
SWOG Roster ID number:
<input type="text" name="Username" size="10" maxlength="5"
id="Username">
Password:
<input type="password" name="Password" size="10" maxlength="10"
id="Password">
<input type="submit" name="Action" value="Logon">
</form>
(I've stripped out a bunch of table and other formatting code so you
could quickly see the bare essence of the form.) Seems like a
straightforward logon form. User ID, password, submit. Simple, right?
(Well, almost. Turns out the remote site is also returning an
ASPSESSIONID.... cookie along with this form. This is the only cookie
the remote site returns.)
So I coded a template on my ColdFusion server like this:
<cfhttp method="GET" url=""> </cfhttp>
<!---Pick out the cookie so the POST can send it back--->
<cfset swogsessioncookie = #cfhttp.responseHeader["Set-Cookie"]#>
<cfset cookiename =
#left(swogsessioncookie,find("=",swogsessioncookie)-1)#>
<cfset cookievalue =
#mid(swogsessioncookie,find("=",swogsessioncookie)+1,200)#>
<cfset cookievalue = #left(cookievalue,find(";",cookievalue)-1)#>
<!---End of cookie parsing--->
<cfhttp method="POST" url=""> <cfhttpparam type="FormField" name="Username"
value="known-valid-userID">
<cfhttpparam type="FormField" name="Password"
value="known-valid-password">
<cfhttpparam type="FormField" name="ReturnURL" value="">
<cfhttpparam type="Cookie" name="#cookiename#" value="#cookievalue#">
</cfhttp>
When I enter my user ID and password into the login form in my browser,
I get back a normal post-logon congratulatory page.
But when I run the above template, the cfhttp.fileContent that I get
back from the POST is the same logon page I get back from the GET, with
no error messages or any other helpful indicators. It's as if the
server isn't even seeing the user ID and password that my CF server is
POSTing and instead thinks I'm just repeating the original GET.
I've done bunches of cfdumps, and I know I'm parsing the cookie
properly, so CF should be sending back the ASP session ID OK.
I also tried supplying a normal IE6 userAgent header in both cfhttp's,
to no avail.
I'm at my wit's end. Why might the remote site not be happy with the
logon I'm POSTing? Any ideas? Not that it should make a difference,
but my CF server is 6.0 on Linux.
-- Larry Afrin
Medical University of South Carolina
[EMAIL PROTECTED]
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
