On Fri, 2006-02-03 at 12:21 +0100, MENNO ANGELO (Esterno) wrote:
> I did it.
> I've used a better analyzer and i discovered some differences in "2-cookies
> request".
>
> the solution :
> -I've imported the httpClient source
> -I've changed code in HttpMethodBase.addCookieRequestHeader(HttpState state,
> HttpConnection conn)
> from :
> ...
> for (int i = 0; i < cookies.length; i++) {
> String s = matcher.formatCookie(cookies[i]);
> getRequestHeaderGroup().addHeader(new Header("Cookie", s, true));
> }
> ....
>
> that generate :
> Cookie: cookieName=blablabla Cookie: cookie2Name=blablabla
>
> to :
> ...
> String s = "";
> for (int i = 0; i < cookies.length; i++) {
> s += matcher.formatCookie(cookies[i]) + "; ";
> }
> if (!s.equals("")) {
> s = s.substring(0, s.length()-2);
> getRequestHeaderGroup().addHeader(new Header("Cookie", s, true));
> }
> ...
>
> that generate :
> Cookie: cookieName=blablabla; cookie2Name=blablabla
>
> And,ohh at last, it works!
>
> Thank you Oleg, you gave me the light!
>
> Tyler
>
Actually, the same net result can be achieved without forking
HttpClient. One can instruct HttpClient to put all cookies into one
request header just by setting a parameter. For details see
http://jakarta.apache.org/commons/httpclient/cookies.html#Browser%
20Compatibility
People, RTFM!
Oleg
>
>
> -----Messaggio originale-----
> Da: Oleg Kalnichevski [mailto:[EMAIL PROTECTED]
> Inviato: mercoledì 1 febbraio 2006 19.13
> A: HttpClient User Discussion
> Cc: MENNO ANGELO (Esterno)
> Oggetto: Re: R: R: Proxy ssl problem
>
> On Tue, 2006-01-31 at 16:00 +0100, MENNO ANGELO (Esterno) wrote:
> > Hi Oleg,
> > i followed your directive about traffic analyzer (I used Packetyzer),
> > confronting httpClient and browsers behaviors.
> >
> > On http everything seems to be ok.
> > On https connections, Packetyzer gives me just the connect-to-proxy phase
> > in clear mode (others packets are encrypted).
> > This phase have three steps, CONNECT, NEGOTIATE, AUTH (all from Local to
> > Proxy).
> >
> > The last one gives me some interesting informations on proxy authorization.
> > The differences are that with httpClient :
> > - "NTLM Response" value is "Empty"
> > - Flag "Negotiate 56" value is "Not set"
> > - Flag "Negotiate 128" value is "Not set"
> > - Flag "Negotiate 0x02000000" value is "Not set"
> > - Flag "Negotiate NTLM2 key" value is "Not set"
> > - Flag "Negotiate Always Sign" value is "Not set"
> > - Flag "Negotiate This is Local Call" value is "Set"
> > - Flag "Negotiate Domain Supplied" value is "Set"
> > - Flag "Negotiate OEM" value is "Set"
> > - Flag "Negotiate UNICODE" value is "Not set"
> >
> > Can be this the heart of my problem?
>
> No, it can not. As far as I understand the real problem is about
> authentication with the target site and not about authentication with
> the proxy.
>
> Then you are left with only one option. Get a plug-in for your browser
> that can reveal what HTTP packets the browser receives and sends. Log in
> into the site using the browser, capture all the packets transmitted
> over the wire and simulate the same session using HttpClient
>
> Oleg
>
> > How can I change this parameters?
> >
> > Thanks a lot,
> > Tyler
> >
> >
> > -----Messaggio originale-----
> > Da: Oleg Kalnichevski [mailto:[EMAIL PROTECTED]
> > Inviato: venerdì 27 gennaio 2006 12.56
> > A: HttpClient User Discussion
> > Cc: MENNO ANGELO (Esterno)
> > Oggetto: Re: R: Proxy ssl problem
> >
> > On Fri, 2006-01-27 at 12:46 +0100, Oleg Kalnichevski wrote:
> > > On Fri, 2006-01-27 at 12:36 +0100, MENNO ANGELO (Esterno) wrote:
> > > > >This is likely to be due to the 'stale' connection check. If you think
> > > > >this may be the cause of some problems, disable the 'stale' connection
> > > > >check.
> > > > >
> > > > >For details see
> > > > >http://jakarta.apache.org/commons/httpclient/performance.html#Stale%
> > > > >20connection%20check
> > > >
> > > > done, it works, great!
> > > >
> > > > >What cookie policy have you been using?
> > > >
> > > > I tried all 4 options, Default, Compatibility, Netscape, RFC_2109.
> > > > different headers, same wrong results and behavior.
> > > >
> > > > There is a strange fact,
> > > > I'm logging headers in post-excecution :
> > > > for (int i = 0; i < post.getRequestHeaders().length; i++)
> > > > System.out.println("post Headers : " +
> > > > post.getRequestHeaders()[i].getName() + ", " +
> > > > post.getRequestHeaders()[i].getValue());
> > > >
> > > > next, I log the cookies :
> > > > Cookie[] cookies = httpclient.getState().getCookies();
> > > > for (int i = 0; i < cookies.size(); i++) {
> > > > System.out.println("cookieName[" + i + "] = " +
> > > > cookies[i].getName() + ", cookieValue[" + i + "] = " +
> > > > cookies[i].getValue());
> > > > }
> > > >
> > > > ibveSession value is different, and the header one is correct (the one
> > > > i posted before in request phase, i suppose).
> > > >
> > >
> > > Tyler,
> > >
> > > The best thing you can do in this situation is to capture the HTTP
> > > session generated by a browser using a browser plug-in (you cannot just
> > > use a traffic analyzer because the data is encrypted in transport) and
> > > try to emulate this HTTP session using HttpClient
> > >
> > > Oleg
> > >
> >
> > Wait. You are hitting the site via a proxy, right? So, just use a
> > traffic analyzer to capture the traffic between the browser and the
> > proxy. You can see what HTTP packets HttpClient generated by turning on
> > the wire log. Comparing the two will surely let see what HttpClient does
> > differently
> >
> > Oleg
> >
> >
> > >
> > >
> > > > Thanks,
> > > > Tyler
> > > >
> > > > -----Messaggio originale-----
> > > > Da: Oleg Kalnichevski [mailto:[EMAIL PROTECTED]
> > > > Inviato: venerdì 27 gennaio 2006 11.33
> > > > A: HttpClient User Discussion
> > > > Cc: MENNO ANGELO (Esterno)
> > > > Oggetto: Re: Proxy ssl problem
> > > >
> > > > On Fri, 2006-01-27 at 10:39 +0100, MENNO ANGELO (Esterno) wrote:
> > > > > Hi,
> > > > > i'm trying to use httpClient to connect my bank site.
> > > > > I 'have a proxy and the bank site use the https protocol.
> > > > > Login process give me an Ok Response and a javascript redirect to
> > > > > another page.
> > > > > I follow that redirect and it give me another redirect.
> > > > > This second one take me to a new home page with a login button! (it is
> > > > > different from the first home page).
> > > > >
> > > > > If i try to get a know internal page it give me an error one with
> > > > > message "Session expired. You have to reconnect"
> > > > >
> > > > > By Dolphin browser i discovered that the first redirect is correct
> > > > > (login is ok), not the second.
> > > > >
> > > > > By Netscape broser i saw that :
> > > > > - the session cookie are 3, called ibveSession, Ibno0Session, SHARK.
> > > > > - connection is AES-256 256 bit of encryption grade.
> > > > >
> > > > > -My httpClient the sequense is :
> > > > > - call the http home page, it give me the ibveSession with a value,
> > > > > for
> > > > > example A.
> > > > > - call the https login link, simulating the login form.
> > > > > - response is ok, ibveSession is still A and the new Ibno0Session
> > > > > cookie
> > > > > is obtained.
> > > > > - follow the redirect, ibveSession is changed (sic!), Ibno0Session
> > > > > remains the same (sic sic!!).
> > > > >
> > > > > Using debug and -Djavax.net.debug=all options, i don't find errors,
> > > > > just
> > > > > :
> > > > > AWT-EventQueue-0, setSoTimeout(1) called
> > > > > AWT-EventQueue-0, handling exception: java.net.SocketTimeoutException:
> > > > > Read timed out
> > > > > AWT-EventQueue-0, setSoTimeout(0) called
> > > > >
> > > >
> > > > This is likely to be due to the 'stale' connection check. If you think
> > > > this may be the cause of some problems, disable the 'stale' connection
> > > > check.
> > > >
> > > > For details see
> > > > http://jakarta.apache.org/commons/httpclient/performance.html#Stale%
> > > > 20connection%20check
> > > >
> > > > >
> > > > > that seems to be right cause it is followed by a correct comunication.
> > > > >
> > > > > I have put my attention on html post parameters and everything seems
> > > > > to
> > > > > be ok.
> > > > >
> > > > > I tried to give them a wrong User/password and it correctly give me an
> > > > > error page.
> > > > >
> > > > > I conclude that the problem is at cookie/session level.
> > > > >
> > > > > I have no more ideas so i try with your help.
> > > > >
> > > > > Does httpclient support 256 encription rate?
> > > >
> > > > HttpClient relies on JSSE for the SSL/TLS support. Any encryption
> > > > algorithm supported by JVM's JSSE providers can be used by HttpClient.
> > > >
> > > > For details see
> > > > http://jakarta.apache.org/commons/httpclient/sslguide.html
> > > >
> > > > > Does httpclient support 3 session cookies?
> > > > >
> > > >
> > > > HttpClient supports infinite number of cookies (limited only by the size
> > > > of the JVM's heap)
> > > >
> > > > What cookie policy have you been using?
> > > >
> > > > For details see
> > > > http://jakarta.apache.org/commons/httpclient/cookies.html
> > > >
> > > > Oleg
> > > >
> > > > > thanks,
> > > > > Tyler
> > > > >
> > > > > ps: Dolphin doesn't use httpClient... :|
> > > > >
> > > > >
> > > > > -----------------------------------------------------------------------------------------
> > > > >
> > > > > Il contenuto del messaggio e di ogni suo allegato e' da ritenersi
> > > > > riservato e confidenziale ed e' indirizzato esclusivamente al
> > > > > destinatario. Chi ricevesse il presente messaggio senza esserne
> > > > > l'effettivo destinatario e' tenuto a non divulgarlo, diffonderlo o
> > > > > riprodurlo in alcun modo.
> > > > >
> > > > > Qualora abbiate ricevuto la presente comunicazione per errore siete
> > > > > pregati di rispedirla al mittente e di cancellare il messaggio
> > > > > originale dal Vostro sistema di posta elettronica. Grazie
> > > > >
> > > > > Agos S.p.A.
> > > > > via Bernina, 7
> > > > > 20158 MILANO
> > > >
> > > >
> > > > -----------------------------------------------------------------------------------------
> > > >
> > > > Il contenuto del messaggio e di ogni suo allegato e' da ritenersi
> > > > riservato e confidenziale ed e' indirizzato esclusivamente al
> > > > destinatario. Chi ricevesse il presente messaggio senza esserne
> > > > l'effettivo destinatario e' tenuto a non divulgarlo, diffonderlo o
> > > > riprodurlo in alcun modo.
> > > >
> > > > Qualora abbiate ricevuto la presente comunicazione per errore siete
> > > > pregati di rispedirla al mittente e di cancellare il messaggio
> > > > originale dal Vostro sistema di posta elettronica. Grazie
> > > >
> > > > Agos S.p.A.
> > > > via Bernina, 7
> > > > 20158 MILANO
> > > >
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
> > -----------------------------------------------------------------------------------------
> >
> > Il contenuto del messaggio e di ogni suo allegato e' da ritenersi riservato
> > e confidenziale ed e' indirizzato esclusivamente al destinatario. Chi
> > ricevesse il presente messaggio senza esserne l'effettivo destinatario e'
> > tenuto a non divulgarlo, diffonderlo o riprodurlo in alcun modo.
> >
> > Qualora abbiate ricevuto la presente comunicazione per errore siete pregati
> > di rispedirla al mittente e di cancellare il messaggio originale dal Vostro
> > sistema di posta elettronica. Grazie
> >
> > Agos S.p.A.
> > via Bernina, 7
> > 20158 MILANO
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
> -----------------------------------------------------------------------------------------
>
> Il contenuto del messaggio e di ogni suo allegato e' da ritenersi riservato e
> confidenziale ed e' indirizzato esclusivamente al destinatario. Chi ricevesse
> il presente messaggio senza esserne l'effettivo destinatario e' tenuto a non
> divulgarlo, diffonderlo o riprodurlo in alcun modo.
>
> Qualora abbiate ricevuto la presente comunicazione per errore siete pregati
> di rispedirla al mittente e di cancellare il messaggio originale dal Vostro
> sistema di posta elettronica. Grazie
>
> Agos S.p.A.
> via Bernina, 7
> 20158 MILANO
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
