Oleg, Thank you for prompt reply.. I agree with you about using applets but unfortunately our app requires rich ui functionality that can not be fulfilled by html/java script.
Sun's plugin documentation clearly talks about how plugin consult browser and it is available here http://java.sun.com/j2se/1.4.2/docs/guide/plugin/developer_guide/cookie_supp ort.html I have looked httpclient form login examples and used them already in the case where I have userid & password. There HttpState is maintained from form login to subsequent method invocations and it works.. But In this application I do not have the userid & password. we are coming to applet page after successful (J2EE 1.2/1.3 J_Security_check) form login page (simple jsp page posts userid/password to web container inbuilt servlet J_Security_check does the authentication). The result of successful authentication is applet page which contains some session / encrypted security cookies. Here onwards any of new sun's urlconnections to my server works with out redirecting me to login jsp since my server is getting all session / encrypted security cookies which are sent after login page. Any of new httpclient connections to my server treated as unauthenticated and directing me login jsp due to a new HttpState and missing session / encrypted security cookies. So, Tried to Steel and copying session / encrypted security cookies to httpconnection and it did not work. All I am trying to do here, connect my server like suns urlconnection doing.... As I understood from your explanation, It is look like httpclient's initial httpstate can not set to with above session / encrypted security cookies? Is that right... reddy ********************************************************************** Reddy, I tend to shun away from applets at all costs, so I can't claim to know a great deal about them, but I find it highly unlikely for sun's UrlConnection to be able to consult browser's cookie cache. Firstly, please have a look at the following demo applications and see if there's anything that you might be doing differently in your application Form logon: http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/FormLo ginDemo.java?rev=HEAD Cookie management: http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/examples/Cookie DemoApp.java?rev=HEAD For instance, I am pretty sure I know why adding headers with cookies stolen from the UrlConnection did not help. HttpClient expects cookies to be managed through HttpState API. Therefore, it overwrites 'cookie' headers set manually with those automatically generated based on HttpState cookie collection content. Secondly, please have a look at our logging guide and try to activate HttpClietn's wire log. You will be able to see in details what exactly HttpClient is doing. http://jakarta.apache.org/commons/httpclient/logging.html Thirdly, my guess is that things do not work because you do not keep the instance of HttpState between method invocations. See FormLoginDemo for details If you still can't get things to work after having consulted with our sample applications, send us the wire log of your HTTP session and we'll try to help further. Cheers Oleg On Fri, 2003-08-01 at 01:22, Reddy Annapareddy wrote: > All, > > I am trying to use httpclient in an applet that runs in jdk 1.4.2 jre. Our > web application (j2ee 1.3) security enabled and uses form login > (j_security_check) and deployed on websphere 5.x app server . After > successful login user gets applet page. When ever we make sun's > URLConnection to my server, websphere recognizes me as previously > authenticated user since sun's URLConnection using Java Plug-in, Java > Plug-in consults the browser to determine if a cookie should be sent along > with it which it received after login. If so, the HTTP/HTTPS request will > contain the cookie as part of the header. Typically websphere sends a > session cookie and security cookie (encrypted LTPAToken). > > Where httpclient request to server after login, websphere treating as > unauthenticated user and forcing user to provide login information again. > http client uses sockets directly rather than suns URLConnection. > > I have tried following > > After successful login. we contacted the server through sun's URLConnection > to steel the all headers & cookies. > Copied all header/cookies form a sun's URLConnection to my server to > httpclient connection. Still my server recognizes me as new > user/unauthenticated user. > > Help me if anybody knows what else suns urlconnection is doing we are not > doing through httpclient... > > Reddy > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
