You're doing: 1. POST /index.php 2. GET /index.php
Sometimes it helps to also mimic the browser step that downloaded the login <form> in the first place! So try this, instead! 1. GET /index.php 2. POST /index.php 3. GET /index.php You should never send a cookie unless a server gave you a "Set-Cookie" first. Step #1 here (the initial GET) will hopefully get the initial cookies. yours, Julius On 2/25/07, Christophe AGUETTAZ <[EMAIL PROTECTED]> wrote:
Hi all, I've lately been trying to code a pretty simple application using HttpClient, but, being a relative newbie, I've had some trouble. I'm trying to do a very simple thing : login to a website, using POST to send a simple form. That's pretty much what's described here : http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners. The thing is, no matter what I do, I keep on getting the login page and never actually get logged, despite the fact that I successfully store the session cookies, and follow the redirections. I captured the HTTP headers sent via my web browser during the login process, and compared them with the wire logs that I got from my java app, and couldn't find any flagrant difference. The cookies that my application gets and then sends during my second GET request are correct, and, I'm sure of that, are the only thing needed to log in. I must have missed something... but what ? I really can't see. I joined the logs from my browser, and then from my app, and commented them. Any help would be great ! Thanx, Chris. ***********Logs from my browser************* 1) POST request to http://www.dummysite.com/index.php?cookie=1 POST /index.php?cookie=1 HTTP/1.1 Host: www.dummysite.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://www.dummysite.com/index.php //State of the cookies before they get updated Cookie: passc=dummyPass; cont=; mdpc=; loginc= Content-Type: application/x-www-form-urlencoded //this data is exactly the one send by my java application... Content-Length: 46 login=DummyLogin&pass=dummyPass&contform=3&ok=Login //Response to the POST request -> redirection HTTP/1.x 302 Found Date: Mon, 26 Feb 2007 01:12:54 GMT Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i X-Powered-By: PHP/4.4.2 //as you can see, 3 session cookies are set... Set-Cookie: loginc=DummyLogin; expires=Mon, 26 Feb 2007 02:52:54 GMT Set-Cookie: passc=dummyPass; expires=Mon, 26 Feb 2007 02:52:54 GMT Set-Cookie: cont=3; expires=Mon, 26 Feb 2007 02:52:54 GMT //redirection : to index.php Location: index.php Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 1205 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html 2) GET request following the redirection, here the browser gets the 'logged' page. GET uri : http://www.dummysite.com/index.php GET /index.php HTTP/1.1 Host: www.dummysite.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://www.dummysite.com/index.php //the cookies are set Cookie: passc=dummyPass; cont=3; mdpc=; loginc=DummyLogin //and here we get the correct page... HTTP/1.x 200 OK Date: Mon, 26 Feb 2007 01:12:54 GMT Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i X-Powered-By: PHP/4.4.2 Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 1777 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Content-Type: text/html ---------------------------------------------------------- **************************Logs from my application************************** Let's now see the exact same thing performed by my application... 2007/02/26 01:30:12:305 CET [DEBUG] HttpConnection - Open connection to www.dummysite.com:80 // POSTing the form data... 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "POST /index.php?cookie=1 HTTP/1.1[\r][\n]" 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Adding Host request header 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Default charset used: ISO-8859-1 2007/02/26 01:30:12:633 CET [DEBUG] HttpMethodBase - Default charset used: ISO-8859-1 //it mimics mozilla firefox 2.0... 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2[\r][\n]" 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Host: www.dummysite.com[\r][\n]" //same data sent 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Content-Length: 46[\r][\n]" 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "Content-Type: application/x-www-form-urlencoded[\r][\n]" 2007/02/26 01:30:12:633 CET [DEBUG] header - >> "[\r][\n]" 2007/02/26 01:30:12:633 CET [DEBUG] EntityEnclosingMethod - Request body sent //then the redirection reply : 2007/02/26 01:30:12:712 CET [DEBUG] header - << "HTTP/1.1 302 Found[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Date: Mon, 26 Feb 2007 00:30:33 GMT[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "X-Powered-By: PHP/4.4.2[\r][\n]" //gets the session cookies : 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie: loginc=DummyLogin; expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie: passc=dummyPass; expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Set-Cookie: cont=3; expires=Mon, 26 Feb 2007 02:10:33 GMT[\r][\n]" //and the correct redirection, of course 2007/02/26 01:30:12:712 CET [DEBUG] header - << "location: index.php[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Vary: Accept-Encoding,User-Agent[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Transfer-Encoding: chunked[\r][\n]" 2007/02/26 01:30:12:712 CET [DEBUG] header - << "Content-Type: text/html[\r][\n]" //the cookies are accepted 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted: "$Version=0; loginc=DummyLogin" 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted: "$Version=0; passc=dummyPass" 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Cookie accepted: "$Version=0; cont=3" 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodDirector - Redirect required 2007/02/26 01:30:12:743 CET [INFO] HttpMethodDirector - Redirect requested but followRedirects is disabled POST REQUEST : 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Default charset used: ISO-8859-1 //then my application handles the redirection... 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Resorting to protocol version default close connection policy 2007/02/26 01:30:12:743 CET [DEBUG] HttpMethodBase - Should NOT close connection, using HTTP/1.1 2007/02/26 01:30:12:743 CET [DEBUG] HttpConnection - Releasing connection back to connection manager. //...and get the correct page 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "GET /index.php HTTP/1.1[\r][\n]" 2007/02/26 01:30:12:758 CET [DEBUG] HttpMethodBase - Adding Host request header 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2[\r][\n]" 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Host: www.dummysite.com[\r][\n]" //sending the correct cookies... 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0; loginc=DummyLogin[\r][\n]" 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0; passc=dummyPass[\r][\n]" 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "Cookie: $Version=0; cont=3[\r][\n]" 2007/02/26 01:30:12:758 CET [DEBUG] header - >> "[\r][\n]" //everything goes just fine...except for the fact that the data that I get represents...the login page 2007/02/26 01:30:12:821 CET [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]" 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Date: Mon, 26 Feb 2007 00:30:33 GMT[\r][\n]" 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Server: Apache/2.0.58 (Unix) mod_ssl/2.0.58 OpenSSL/0.9.7i[\r][\n]" 2007/02/26 01:30:12:821 CET [DEBUG] header - << "X-Powered-By: PHP/4.4.2[\r][\n]" 2007/02/26 01:30:12:821 CET [DEBUG] header - << "Vary: Accept-Encoding,User-Agent[\r][\n]" 2007/02/26 01:30:12:837 CET [DEBUG] header - << "Transfer-Encoding: chunked[\r][\n]" 2007/02/26 01:30:12:837 CET [DEBUG] header - << "Content-Type: text/html[\r][\n]" 2007/02/26 01:30:12:852 CET [DEBUG] HttpMethodBase - Resorting to protocol version default close connection policy 2007/02/26 01:30:12:852 CET [DEBUG] HttpMethodBase - Should NOT close connection, using HTTP/1.1 2007/02/26 01:30:12:852 CET [DEBUG] HttpConnection - Releasing connection back to connection manager. //Any idea ? ;) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- yours, Julius Davies 416-652-0183 http://juliusdavies.ca/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
