Hi,
We have a server where there is Redirect to another page after a
successful Form based login and that happens fine while using the older
api (HttpClient 3.1). With the new API (4.0) however I don't get a
Redirect status code (302) and also the Location header is not present
in the HttpResponse. Instead I get a Http Status Code as 200 in the
Response to HttpPost to the Login Form. But if I use the Older Api, I
get the 302 status and also the Location header with the Redirect URL
value. So there is nothing wrong on the server side.
The Code I am using with HttpClient 3.1 is a modified form of the Sample
code FomLoginDemo.java and it works fine for me.
And the Code I am using with HttpClient 4.0 is the modified form of the
Sample code ClientFormLogin.java. And after a successful login it
returns a status code 200 instead of 302. And there is no Location
header in the response. The entire code is given below.
I have the following questions:
1) What am I missing to do?
2) Do I need to set a RedirectHandler and a RequestInterceptor as I have
done below?
3) Why do I get a response status as 200 after a login instead of a 302
(redirect)? I also get the Post Login cookie indicating that the Login
was successful.
4) Please point to anything extra/wrong that I am doing in my code
below. I have tried to set the request headers in the same way as
Mozilla Firefox does it; still does not work.
5) I have implemented SecureProtocolProxySocketFactory (implements
org.apache.http.conn.scheme.SocketFactory, LayeredSocketFactory) for
dealing with Self Signed Certs and its working fine.
Please help.
Thanks,
Brijesh
public class MyClientFormLogin {
public static void main(String[] args) throws Exception {
// Create and initialize HTTP parameters
HttpParams params = new BasicHttpParams();
ConnManagerParams.setMaxTotalConnections(params, 100);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setUseExpectContinue(params, false);
ConnManagerParams.setTimeout(params, 10000);//in millisecs
//set the cookie policy
HttpClientParams.setCookiePolicy(params, CookiePolicy.RFC_2109);
//redirect true
HttpClientParams.setRedirecting(params, true);
// Create and initialize scheme registry
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http",
PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("https", new
SecureProtocolProxySocketFactory(), 443));
// Create an HttpClient with the ThreadSafeClientConnManager.
ClientConnectionManager cm = new
ThreadSafeClientConnManager(params, schemeRegistry);
DefaultHttpClient httpclient = new DefaultHttpClient(cm,
params);
//setting RedirectHandler and DefaultHeaders
httpclient.setRedirectHandler(new DefaultRedirectHandler());
httpclient.addRequestInterceptor(new RequestDefaultHeaders());
//Create the target HttpHost
HttpHost target = new HttpHost("10.XXX.XXX.96", 443, "https");
//fetch the Login page
HttpGet httpget = new HttpGet("/login.html");
HttpResponse response = httpclient.execute(target, httpget);
HttpEntity entity = response.getEntity();
System.out.println("Login form get: " +
response.getStatusLine());
if (entity != null) {
entity.consumeContent();
}
System.out.println("Initial set of cookies:");
List<Cookie> cookies = httpclient.getCookieStore().getCookies();
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
HttpPost httpost = new HttpPost("/login.html");
//Set the headers similar to what a Mozilla browser does
httpost.addHeader("Cookie", cookies.get(0).getName() + "=" +
cookies.get(0).getValue());
httpost.setHeader("User-Agent", "Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7");
httpost.setHeader("Accept",
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
httpost.setHeader("Accept-Charset",
"ISO-8859-1,utf-8;q=0.7,*;q=0.7");
httpost.setHeader("Connection", "keep-alive");
httpost.setHeader("Accept-Encoding", "gzip,deflate");
httpost.setHeader("Keep-Alive", "300");
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("userid", "admin"));
nvps.add(new BasicNameValuePair("password", "password"));
nvps.add(new BasicNameValuePair("login", "Log In"));
httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
response = httpclient.execute(target, httpost);
entity = response.getEntity();
System.out.println("Login form Post: " +
response.getStatusLine());
// See if we got any cookies
cookies = httpclient.getCookieStore().getCookies();
System.out.println("Post logon cookies:");
if (cookies.isEmpty()) {
System.out.println("None");
} else {
for (int i = 0; i < cookies.size(); i++) {
System.out.println("- " + cookies.get(i).toString());
}
}
CookieSpec cookiespec = new RFC2109Spec();
CookieOrigin cookieOrigin = new CookieOrigin("10.XXX.XXX.96",
443, "/", true);
//match the cookies
for (int i = 0; i < cookies.size(); i++) {
Cookie cookie = cookies.get(i);
if (cookiespec.match(cookie, cookieOrigin)) {
System.out.println("Cookie Matched - " +
cookie.toString());
}
}
// Usually a successful form-based login results in a redirect to
another url
int statuscode = response.getStatusLine().getStatusCode();
if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
(statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
(statuscode == HttpStatus.SC_SEE_OTHER) ||
(statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) {
Header header = response.getFirstHeader("Location");
if (header != null) {
String redirectURI = header.getValue();
if ((redirectURI != null) && (!redirectURI.equals("")))
{
System.out.println("Redirect target: " + redirectURI);
}
} else {
System.out.println("Invalid redirect");
}
}
}
}
