I believe these two lines are the key to your problem:
> >'_rc' => 302 > 'location' => '/file/index.aspx' It appears that your login has succeeded, and you are being redirected to the index page. Your program now needs to send a GET for /file/index.aspx This is very common in web apps that use application-level security. A successful login results in a redirect. Why? So that a refresh from the index page does not result in re-processing of the login. It is a pet peeve of mine that a 302 response to a POST is not considered to be redirectable by default in lwp. Search the mailing list archives for code that makes lwp handle this automatically. I don't have a copy handy or I would include it - it's only a few lines. I would also recommend taking a look at WWW::Mechanize -- it is a client built on lwp that automates a lot of the form handling you're doing in your script. --- David Carter [EMAIL PROTECTED] > >-----Original Message----- > >From: Randall Perry [mailto:[EMAIL PROTECTED] > >Sent: Tuesday, August 19, 2003 9:16 PM > >To: [EMAIL PROTECTED] > >Subject: Post fails with 302, returns same page > > > >Am trying to automate access to a site which allows file upload. The 1st > >page is for login. The 2nd page is for file upload, which loads upon > >successful login from page 1. Code for these pages is written for .NET > >and > >running on IIS 6 (domain names changed to protect the guilty in code > >below). > > > >I've used the Perl & LWP book as a guide and done everything I can think > >of > >to post the form for the 1st page (like taking care of cookies, adding > >authentic UA headers, adding Referrer) but it keeps spitting back the > >same > >login page with a 302 status code. Login works fine in any browser I try > >(IE, Safari, Camino). > > > >Below are details of the login page form, my perl code to access it, and > >the > >response headers for the failed post. I've about exhausted my resources > >on > >this and would appreciate any info on how to make this work. > > > >TIA > > > > > >------------------------------------------------------------------------- > >--- > > > >************************************ > >The login page form has these fields > >************************************ > > > > name = __VIEWSTATE, type = hidden > > UcLogin1:txtUsername, type = text > > UcLogin1:txtPassword, type = text > > UcLogin1:cmdLogin, type = submit > > > >It also sets these cookies: > >.AUTHCOOKIE=3A3559513B6D1445231E8DF5BEBA661CE4D7CEEEFEB5FE08C9E025AE37697 > >BFF > >F7AC2DB7C411E0043B6447400A5C29A1CD776B2BF2566EB18CB12021218C8C87E76FB226B > >1DB > >A587; path="/"; domain="acme.com"; path_spec; discard; version=0 > > > >ASP.NET_SessionId=aol32cirlssfxoedaunelz55; path="/"; domain="acme.com"; > >path_spec; discard; version=0 > > > >ASP.NET_SessionId=1z42nverpm5alkfkryntkk3t; path="/"; > >domain="www.acme.com"; > >path_spec; discard; version=0 > > > > > >************ > >My perl code > >************ > > > >use LWP::UserAgent; > > > >$browser = LWP::UserAgent->new; > > > >$browser->cookie_jar( {} ); # enable cookies > >$response = $browser->get("https://www.acme.com/file/";); > >$doc = $response->content; > >$doc =~ m/name="__VIEWSTATE" value="(.*?)"/; # grab hidden viewstate > >form > >variable and add to $form_vars > >$viewstate = $1; > > > >$https_url = > >'https://acme.com/file/login.aspx?ReturnUrl=%2ffile%2findex.aspx'; # form > >action > >%form_headers = ( > > 'Referer' => > >'https://acme.com/File/login.aspx?ReturnUrl=%2ffile%2findex.aspx', > > 'User-Agent' => 'Mozilla/4.76 [en] (Win98; U)', > > 'Accept-Language' => 'en-US', > > 'Accept-Charset' => 'iso-8859-1,*,utf-8', > > 'Accept-Encoding' => 'gzip', > > 'Accept' => "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, > >image/png, */*", > > ); > > > >push(@$form_vars, '__VIEWSTATE' => $viewstate); > ># hidden var > >push(@$form_vars, 'UcLogin1:txtUsername' => 'uname'); > ># username > >push(@$form_vars, 'UcLogin1:txtPassword' => 'pword'); > ># password > >push(@$form_vars, 'UcLogin1:cmdLogin' => 'Login'); > ># named submit button with value > > > >$response = $browser->post($https_url, $form_vars, %form_headers); > ># post login form > >$doc = $response->content; > >print $doc; > > > >************************** > >Returned headers from post > >************************** > >'_headers' => HTTP::Headers=HASH(0x9b6d60) > > 'cache-control' => 'private' > > 'client-date' => 'Wed, 20 Aug 2003 00:29:23 GMT' > > 'client-response-num' => 1 > > 'client-ssl-cert-issuer' => '/C=GB/O=Comodo Limited/OU=Comodo Trust > >Network/OU=Terms and Conditions of use: > >http://www.comodo.net/repository/OU=(c)2002 Comodo Limited/CN=Comodo > >Class 3 > >Security Services CA' > > 'client-ssl-cert-subject' => > >'/C=US/2.5.4.17=46615/ST=Florida/L=Orlando/2.5.4.9=ORLANDO/2.5.4.9=3024 > >FLAMINGO AVE./O=ACME Inc/OU=ACME Inc/OU=InstantSSL Pro/CN=www.acme.com' > > 'client-ssl-cipher' => 'RC4-MD5' > > 'client-ssl-warning' => 'Peer certificate not verified' > > 'content-length' => 2993 > > 'content-type' => 'text/html; charset=utf-8' > > 'date' => 'Wed, 20 Aug 2003 00:29:24 GMT' > > 'location' => '/file/index.aspx' > > 'microsoftofficewebserver' => '5.0_Pub' > > 'server' => 'Microsoft-IIS/6.0' > > 'set-cookie' => ARRAY(0x36c2c0) > > 0 'ASP.NET_SessionId=aol32cirlssfxoedaunelz55; path=/' > > 1 > >'.AUTHCOOKIE=3A3559513B6D1445231E8DF5BEBA661CE4D7CEEEFEB5FE08C9E025AE3769 > >7BF > >FF7AC2DB7C411E0043B6447400A5C29A1CD776B2BF2566EB18CB12021218C8C87E76FB226 > >B1D > >BA587; path=/' > > 'title' => 'Object moved' > > 'x-aspnet-version' => '1.1.4322' > > 'x-powered-by' => 'ASP.NET' > >'_msg' => 'Found' > >'_protocol' => 'HTTP/1.1' > >'_rc' => 302 > >'_request' => HTTP::Request=HASH(0x988a34) > > '_content' => > >'__VIEWSTATE=dDwxNjEzNDcwNTY3Ozs%2BL8uvsmCZLzJf4Is91Q%2FsUSKiZxk%3D&UcLog > >in1 > >%3AtxtUsername=tasbill&UcLogin1%3AtxtPassword=tasbill&UcLogin1%3AcmdLogin > >=Lo > >gin' > > '_headers' => HTTP::Headers=HASH(0x98a75c) > > 'accept' => 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, > >image/png, */*' > > 'accept-charset' => 'iso-8859-1,*,utf-8' > > 'accept-encoding' => 'gzip' > > 'accept-language' => 'en-US' > > 'content-length' => 154 > > 'content-type' => 'application/x-www-form-urlencoded' > > 'referer' => > >'https://acme.com/File/login.aspx?ReturnUrl=%2ffile%2findex.aspx' > > 'user-agent' => 'Mozilla/4.76 [en] (Win98; U)' > > '_method' => 'POST' > > '_uri' => URI::https=SCALAR(0x9604b8) > > -> > >'https://acme.com/file/login.aspx?ReturnUrl=%2ffile%2findex.aspx' > > > > > > > >-- > >Randall Perry > >sysTame > > > >Xserve Web Hosting/Co-location > >Website Development/Promotion > >Mac Consulting/Sales > > > >http://www.systame.com/ > > > >
