Hello HTTPComponent Users,
I'm writing a small test-client to test the android authentication
against a Tomcat 7 Server. It uses Form-based POST authentication and
everything works, but two questions arose:
1. How can I see (from the client side), that I need to authenticate
myself to a page? The server internally redirects me to the login page
and returns a "200 OK". So the only way to find out is to analyze the
page content?
2. Do you really have to make three calls in order to get a resource
which needs authentication? Right now I am doing the following:
a) Request the resource http://localhost:8080/sample/protected/
login page is returned with a sessionId
b) Provide user credentials, call the authenticate url
http://localhost:8080/sample/protected/j_security_check
a "302 Moved Temporarily" is returned with the location header
"http://localhost:8080/sample/protected/";
a) Request the resource again http://localhost:8080/sample/protected/
finally get the desired page (but with another sessionId!)
best regards
Werner
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
