Reddy, I tend to shun away from applets at all costs, so I can't claim to know a great deal about them, but I find it highly unlikely for sun's UrlConnection to be able to consult browser's cookie cache.
Firstly, please have a look at the following demo applications and see if there's anything that you might be doing differently in your application Form logon: http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/FormLoginDemo.java?rev=HEAD Cookie management: http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/CookieDemoApp.java?rev=HEAD For instance, I am pretty sure I know why adding headers with cookies stolen from the UrlConnection did not help. HttpClient expects cookies to be managed through HttpState API. Therefore, it overwrites 'cookie' headers set manually with those automatically generated based on HttpState cookie collection content. Secondly, please have a look at our logging guide and try to activate HttpClietn's wire log. You will be able to see in details what exactly HttpClient is doing. http://jakarta.apache.org/commons/httpclient/logging.html Thirdly, my guess is that things do not work because you do not keep the instance of HttpState between method invocations. See FormLoginDemo for details If you still can't get things to work after having consulted with our sample applications, send us the wire log of your HTTP session and we'll try to help further. Cheers Oleg On Fri, 2003-08-01 at 01:22, Reddy Annapareddy wrote: > All, > > I am trying to use httpclient in an applet that runs in jdk 1.4.2 jre. Our > web application (j2ee 1.3) security enabled and uses form login > (j_security_check) and deployed on websphere 5.x app server . After > successful login user gets applet page. When ever we make sun's > URLConnection to my server, websphere recognizes me as previously > authenticated user since sun's URLConnection using Java Plug-in, Java > Plug-in consults the browser to determine if a cookie should be sent along > with it which it received after login. If so, the HTTP/HTTPS request will > contain the cookie as part of the header. Typically websphere sends a > session cookie and security cookie (encrypted LTPAToken). > > Where httpclient request to server after login, websphere treating as > unauthenticated user and forcing user to provide login information again. > http client uses sockets directly rather than suns URLConnection. > > I have tried following > > After successful login. we contacted the server through sun's URLConnection > to steel the all headers & cookies. > Copied all header/cookies form a sun's URLConnection to my server to > httpclient connection. Still my server recognizes me as new > user/unauthenticated user. > > Help me if anybody knows what else suns urlconnection is doing we are not > doing through httpclient... > > Reddy > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
