Hello there! I'm building a app to get some contents from a remote
site that has authentication (it uses struts, and its just a simple
auth).
Well, here's what I'm doing:
private boolean authenticate(){
String url = "http://acme.com/login.do";;
HttpClient client = new HttpClient();
PostMethod post = new PostMethod(url);
NameValuePair[] data = { new
NameValuePair("email","[EMAIL PROTECTED]"), new
NameValuePair("password","123456")};
post.setRequestBody(data);
try {
client.executeMethod(post);
this.cookies = client.getState().getCookies();
for(Cookie cookie : cookies){
System.out.println(cookie.toExternalForm());
}
} catch (HttpException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}finally{
post.releaseConnection();
}
return (this.cookies != null && this.cookies.length > 0);
}
Well ok, the JSESSIONID cookie is fetched, no problem at all. So i try
to access a forbiden page:
boolean authenticated = authenticate();
if(authenticated){
HttpState state = new HttpState();
state.addCookies(cookies);
HttpClient client = new HttpClient();
client.setState(state);
client.getParams().setCookiePolicy(CookiePolicy.RFC_2109);
GetMethod method = new GetMethod();
method.setURI(new URI(url,true));
client.executeMethod(method);
String contents =
method.getResponseBodyAsString();
method.releaseConnection();
}
Well, instead of receiving the right page, what I'm getting is a one
of our pages that is shown when a forbidden resource is accessed
without the user having the proper permission.
What am I doing wrong here, isn't the user already authenticathed?
Regards
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
