Thanx for your explanation. I'll try out the Netscape cookie draft spec. However the httpclient code generates only 3 cookies out of it, not 4.
Jan -----Original Message----- From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] Sent: maandag 20 februari 2006 15:36 To: HttpClient Project Subject: Re: cookie processing On Mon, 2006-02-20 at 14:34 +0100, Hoef, Jan wrote: > Hi, > > I am working with the jakarta project slide that uses the > commons-httpclient-2.0.2. > I have written a client that sends requests via webdav to the microsoft > exchange server 2003. > In the exchange server form based authentication is active. > Wenn I enter my logon credentials in my post request, the server > responds containing 2 cookies that are needed in all next request. > These cookies are, e.g.: > - sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828, 0x409; path=/ > - > cadata=1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QUHsu > P+E2OfwYC4rWCMgGe; HttpOnly; secure; path=/ > > However at parsing the cookies, 3 cookies are recognized, i.e.: > - sessionid=4241de88-1c21-4f39-b7b7-f50a87d6a828 > - 0x409 > - > cadata=1,kou8Vc9O9nrV4YRnTwVz6QMNbuiWuIg2NprLOkMT4NEcDtGkSTB2P9ORB2QUHsu > P+E2OfwYC4rWCMgGe > > The 0x409 part should not be a cookie but should be a part of the > sessionid cookie!!! > No, this is wrong. The cookie sessionid clearly violates the HTTP spec and the Cookie and Cookie2 specs. Please report this bug to the software manufacturer. Actually you should be getting 4 cookies in total, as the cadata cookie is invalid as well. HttpClient 3.0 provides the Netscape Draft cookie spec which may work with these cookies. Netscape Cookie Draft is the only spec that permits the use of special separator characters, such as comma, in cookie values that are not enclosed in quotes Hope this explains the situation Oleg > The ideal solution would be to correct this in the cookie parser. > Because I am no expert in cookies and httpclient, Ii changed the > httpstate class in such a way that I can manipulate the cookies. See > path below. > > Jan > > > > [patch] > Index: > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > ava > =================================================================== > --- > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > ava (revision 379076) > +++ > D:/jakarta/httpclient/src/java/org/apache/commons/httpclient/HttpState.j > ava (working copy) > @@ -1,7 +1,7 @@ > /* > * $Header: > /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commo > ns//httpclient/src/java/org/apache/commons/httpclient/HttpState.java,v > 1.22.2.3 2003/10/29 03:08:49 mbecke Exp $ > * $Revision: 1.22.2.3 $ > - * $Date: 2003/10/29 03:08:49 $ > + * $Date$ > * > * ==================================================================== > * > @@ -96,7 +96,7 @@ > * @author <a href="mailto:[EMAIL PROTECTED]">Mike > Bowler</a> > * @author <a href="mailto:[EMAIL PROTECTED]">Adrian Sutton</a> > * > - * @version $Revision: 1.22.2.3 $ $Date: 2003/10/29 03:08:49 $ > + * @version $Revision: 1.22.2.3 $ $Date$ > * > */ > public class HttpState { > @@ -199,6 +199,7 @@ > public synchronized void addCookie(Cookie cookie) { > LOG.trace("enter HttpState.addCookie(Cookie)"); > > + int i = 0; > if (cookie != null) { > // first remove any old cookie that is equivalent > for (Iterator it = cookies.iterator(); it.hasNext();) { > @@ -207,13 +208,37 @@ > it.remove(); > break; > } > + i++; > } > if (!cookie.isExpired()) { > - cookies.add(cookie); > + if (i==0) > + cookies.add(cookie); > + else > + cookies.add(i,cookie); > } > } > } > + /** > + * Remove an [EMAIL PROTECTED] Cookie HTTP cookie}, any existing > equivalent > cookies. > + * > + * @param cookie the [EMAIL PROTECTED] Cookie cookie} to be removed > + * > + */ > + public synchronized void removeCookie(Cookie cookie) { > + LOG.trace("enter HttpState.removeCookie(Cookie)"); > > + if (cookie != null) { > + // first remove any old cookie that is equivalent > + for (Iterator it = cookies.iterator(); it.hasNext();) { > + Cookie tmp = (Cookie) it.next(); > + if (cookie.equals(tmp)) { > + it.remove(); > + break; > + } > + } > + } > + } > + > /** > * Adds an array of [EMAIL PROTECTED] Cookie HTTP cookies}. Cookies are added > individually and > * in the given array order. If any of the given cookies has > already expired it will > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
