On Thu, 6 Dec 2007 17:29:13 +0000
sebb <[EMAIL PROTECTED]> wrote:
...
> Here's the gist of the problem:
>
> Cookies are not enabled on your browser. Please adjust this in
>your
> security preferences before continuing
>
> yep - that's what I get back no matter what I do now. yes, I make
> sure the cookies look like a valid session from a browser. I've
>gone
> into firefox and pulled out all the cookies made for this domain -
>and
> mimic'd each and every one.
You can't normally re-use cookies from another session.
ummm - why not? they're nothing but name-value pairs, rite?
So, if I copy those values - I should be able to mimic what's been
put in there, rite? Most of the time, the cookies are only written at
the beginning and then the next times they're just read for things
like timeout parameters, login values, etc. So, mimic-ing one
shouldn't be that big a deal, I would think.
Anyhoo - I'll look into that - but I think you missed the point to my
message. The message being returned is that the site is thinks that
cookies are not turned on! Sooooo - is there some parameter or
setting that needs to be set in the CookieSpec or Client to let it
know that cookies are turned on? How exactly does this work?
Just so you know - I've mapped the set-cookie calls and they're all
read and properly set - I output both the name and the attribute value
and compare against the cached values - each time it was a perfect
match.
other than maybe a time differential issue or time expiration problem,
I can't see that my cookie creation is the problem - I believe it's a
setting that needs to occur. Anybody know this?
cool.
peace. JOe...
>
> Yes, I've tried emulating different Browsers. My current one is
>set
> to Mozilla 5.0.
>
> I've gotten rid of the dread httpOnly tag by re-writing the
> CookieSpecBase class to ignore this parameter. From what I can
>tell,
> the site only sends it - it never tries to recover it - and the
>cookie
> itself doesn't even seem to store it as an attribute of the
>session.
>
> So, has anyone else seen this message - or could maybe direct me
>to
> possible solutions?
Are you sure that the application is logging in correctly?
yes - it is. When the values for logging in (login and password) are
passed in through the cookies and through the calls - the site comes
back with the login value pulled in to the login field with that error
message - so it definitely knows that it's the login value - and I
know for a fact that the password is correct.
> The next thing I'm going to try is to attach a mechanism to watch
>how
> the cookie is formatted coming down and installed on a browser and
>see
> if it differs much from mine - and - vice versa - how the cookie
>looks
> going up and seeing if I match it.
HttpClient supports logging:
http://jakarta.apache.org/httpcomponents/httpclient-3.x/logging.html
yes - I know this - I have both the wire debugging on and regular
debugging to see all the messages going by. I don't think I'm missing
anything.
Just as an aside - how do I know the values for the cookies are loaded
to the site. That is - do they have a format on how to pass the data
(ie, "semi-colon" separate list of name-value pairs - what?)... Does
this make sense?
peace. JOe...
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
