On Fri, 2008-01-11 at 14:30 -0500, Michael Prichard wrote: > I am doing it like this: > > PostMethod fbaAuth = new PostMethod(https://10.0.1.197/exchweb/bin/ > auth/owaauth.dll); > > I am, however, also applying my own CustomSSLSocket to bypass self- > signed certs. But I thought that would still keep using HTTPS. > > Thanks! >
And I bet your custom socket factory does not implement SecureProtocolSocketFactory, does it? http://hc.apache.org/httpclient-3.x/xref/org/apache/commons/httpclient/protocol/SecureProtocolSocketFactory.html Oleg > On Jan 11, 2008, at 2:22 PM, Oleg Kalnichevski wrote: > > > > > > On Fri, 2008-01-11 at 13:39 -0500, Michael Prichard wrote: > >> Hello Oleg! > >> > >> This helped a lot! Thanks so much. I do have a question on how > >> HTTPClient handles cookies. If you look at this Debug info: > >> > >> 2008/01/11 13:31:18:443 EST [DEBUG] header - << "Set-Cookie: > >> sessionid=bf1658c3-fdc9-4f4a-aea7-abc2045dbae4; path=/[\r][\n]" > >> 2008/01/11 13:31:18:443 EST [DEBUG] header - << "Set-Cookie: > >> cadata="1tTw0QI/b5VZGmsN2tzyk+oXwkKDw3L3oN3JvlkTE23FC5 > >> +7NIp4EwiupiXOuSEat3L2yPap67t7YwoAAzPAnH4YtK+11cUJ05VU9Zw=="; > >> HttpOnly; secure; path=/[\r][\n]" > > > > The secure attribute is the reason. This cookie can only be sent > > over a > > secure connection (that usually means SSL). Are you using SSL when > > connecting to the server? > > > > Oleg > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
