Re: problem with https and cookies based session

nzaghini Thu, 11 Oct 2007 09:12:57 -0700

Hi Oleg,
this is what you asked me, of course running the same code just changing
protocol and port.


*** HTTP ***
2007/10/11 17:08:35:734 IST [DEBUG] HttpClient - Java version: 1.6.0_02
2007/10/11 17:08:35:734 IST [DEBUG] HttpClient - Java vendor: Sun
Microsystems Inc.
2007/10/11 17:08:35:734 IST [DEBUG] HttpClient - Java class path:
C:\developer\workspace\transformer-client\bin;C:\developer\eclipseTPTP\plugins\org.junit4_4.3.1\junit.jar;C:\developer\workspace\transformer-client\lib\commons-logging-1.1.jar;C:\developer\workspace\transformer-client\lib\log4j-1.2.14.jar;C:\developer\workspace\transformer-client\lib\axiom\axiom-api-1.2.5.jar;C:\developer\workspace\transformer-client\lib\axiom\axiom-impl-1.2.5.jar;C:\developer\workspace\transformer-client\lib\axiom\jaxen-1.1-beta-9.jar;C:\developer\workspace\transformer-client\lib\axiom\stax-api-1.0.1.jar;C:\developer\workspace\transformer-client\lib\axiom\xml-apis-1.3.03.jar;C:\developer\workspace\transformer-client\lib\httpclient\commons-codec-1.3.jar;C:\developer\workspace\transformer-client\lib\httpclient\commons-httpclient-3.1.jar;C:\developer\workspace\transformer-client\lib\spring\spring.jar;C:\developer\workspace\transformer-client\lib\tagsoup\tagsoup-1.1.3.jar;C:\developer\workspace\transformer-client\lib\spring\quartz-1.5.2.jar;C:\developer\workspace\transformer-client\lib\JCS\concurrent.jar;C:\developer\workspace\transformer-client\lib\JCS\jcs-1.2.7.9.jar
2007/10/11 17:08:35:750 IST [DEBUG] HttpClient - Operating system name:
Windows XP
2007/10/11 17:08:35:750 IST [DEBUG] HttpClient - Operating system
architecture: x86
2007/10/11 17:08:35:750 IST [DEBUG] HttpClient - Operating system version:
5.1
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SUN 1.6: SUN (DSA
key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;
JavaLoginConfig Configuration)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA
signature provider
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunJSSE 1.6: Sun JSSE
provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunJCE 1.6: SunJCE Provider
(implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
Diffie-Hellman, HMAC)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunJGSS 1.0: Sun (Kerberos
v5, SPNEGO)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunSASL 1.5: Sun SASL
provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - XMLDSig 1.0: XMLDSig (DOM
XMLSignatureFactory; DOM KeyInfoFactory)
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunPCSC 1.6: Sun PC/SC
provider
2007/10/11 17:08:35:796 IST [DEBUG] HttpClient - SunMSCAPI 1.6: Sun's
Microsoft Crypto API provider
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.useragent = Jakarta Commons-HttpClient/3.1
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.version = HTTP/1.1
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection-manager.class = class
org.apache.commons.httpclient.SimpleHttpConnectionManager
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.cookie-policy = default
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.element-charset = US-ASCII
2007/10/11 17:08:35:796 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.content-charset = ISO-8859-1
2007/10/11 17:08:35:812 IST [DEBUG] DefaultHttpParams - Set parameter
http.method.retry-handler =
[EMAIL PROTECTED]
2007/10/11 17:08:35:812 IST [DEBUG] DefaultHttpParams - Set parameter
http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss
z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
2007/10/11 17:08:35:812 IST [DEBUG] DefaultHttpParams - Set parameter
http.useragent =  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB;
rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7
2007/10/11 17:08:35:828 IST [DEBUG] DefaultHttpParams - Set parameter
http.tcp.nodelay = true
2007/10/11 17:08:35:828 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection.stalecheck = false
2007/10/11 17:08:35:828 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection-manager.max-per-host = {HostConfiguration[]=100}
2007/10/11 17:08:35:828 IST [DEBUG] DefaultHttpParams - Set parameter
http.method.retry-handler =
[EMAIL PROTECTED]
2007/10/11 17:08:35:843 IST [DEBUG] HttpConnection - Open connection to
nicola:8080
2007/10/11 17:08:35:859 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:08:35:859 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:08:35:859 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:08:35:859 IST [DEBUG] header - >> "Host: nicola:8080[\r][\n]"
2007/10/11 17:08:35:859 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Set-Cookie:
JSESSIONID=8F3B44D410B43CAF8B908F00255A756A; Path=/ssp[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:08:35 GMT[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Cookie accepted:
"$Version=0; JSESSIONID=8F3B44D410B43CAF8B908F00255A756A; $Path=/ssp"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:08:35:875 IST [DEBUG] content - << "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] content - << "0"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
2007/10/11 17:08:35:875 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "Host: nicola:8080[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "Cookie: $Version=0;
JSESSIONID=8F3B44D410B43CAF8B908F00255A756A; $Path=/ssp[\r][\n]"

0
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:08:35 GMT[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:08:35:875 IST [DEBUG] content - << "[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] content - << "1"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
2007/10/11 17:08:35:875 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.

1
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "Host: nicola:8080[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "Cookie: $Version=0;
JSESSIONID=8F3B44D410B43CAF8B908F00255A756A; $Path=/ssp[\r][\n]"
2007/10/11 17:08:35:875 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:08:35 GMT[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:08:35:890 IST [DEBUG] content - << "[\r][\n]"
2007/10/11 17:08:35:890 IST [DEBUG] content - << "2"
2

2007/10/11 17:08:35:890 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2007/10/11 17:08:35:890 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
2007/10/11 17:08:35:890 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*** HTTPS ***

2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Java version: 1.6.0_02
2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Java vendor: Sun
Microsystems Inc.
2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Java class path:
C:\developer\workspace\transformer-client\bin;C:\developer\eclipseTPTP\plugins\org.junit4_4.3.1\junit.jar;C:\developer\workspace\transformer-client\lib\commons-logging-1.1.jar;C:\developer\workspace\transformer-client\lib\log4j-1.2.14.jar;C:\developer\workspace\transformer-client\lib\axiom\axiom-api-1.2.5.jar;C:\developer\workspace\transformer-client\lib\axiom\axiom-impl-1.2.5.jar;C:\developer\workspace\transformer-client\lib\axiom\jaxen-1.1-beta-9.jar;C:\developer\workspace\transformer-client\lib\axiom\stax-api-1.0.1.jar;C:\developer\workspace\transformer-client\lib\axiom\xml-apis-1.3.03.jar;C:\developer\workspace\transformer-client\lib\httpclient\commons-codec-1.3.jar;C:\developer\workspace\transformer-client\lib\httpclient\commons-httpclient-3.1.jar;C:\developer\workspace\transformer-client\lib\spring\spring.jar;C:\developer\workspace\transformer-client\lib\tagsoup\tagsoup-1.1.3.jar;C:\developer\workspace\transformer-client\lib\spring\quartz-1.5.2.jar;C:\developer\workspace\transformer-client\lib\JCS\concurrent.jar;C:\developer\workspace\transformer-client\lib\JCS\jcs-1.2.7.9.jar
2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Operating system name:
Windows XP
2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Operating system
architecture: x86
2007/10/11 17:09:28:578 IST [DEBUG] HttpClient - Operating system version:
5.1
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SUN 1.6: SUN (DSA
key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;
JavaLoginConfig Configuration)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA
signature provider
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunJSSE 1.6: Sun JSSE
provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunJCE 1.6: SunJCE Provider
(implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
Diffie-Hellman, HMAC)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunJGSS 1.0: Sun (Kerberos
v5, SPNEGO)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunSASL 1.5: Sun SASL
provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - XMLDSig 1.0: XMLDSig (DOM
XMLSignatureFactory; DOM KeyInfoFactory)
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunPCSC 1.6: Sun PC/SC
provider
2007/10/11 17:09:28:640 IST [DEBUG] HttpClient - SunMSCAPI 1.6: Sun's
Microsoft Crypto API provider
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.useragent = Jakarta Commons-HttpClient/3.1
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.version = HTTP/1.1
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection-manager.class = class
org.apache.commons.httpclient.SimpleHttpConnectionManager
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.cookie-policy = default
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.element-charset = US-ASCII
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.protocol.content-charset = ISO-8859-1
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.method.retry-handler =
[EMAIL PROTECTED]
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss
z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
2007/10/11 17:09:28:640 IST [DEBUG] DefaultHttpParams - Set parameter
http.useragent =  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB;
rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7
2007/10/11 17:09:28:671 IST [DEBUG] DefaultHttpParams - Set parameter
http.tcp.nodelay = true
2007/10/11 17:09:28:671 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection.stalecheck = false
2007/10/11 17:09:28:671 IST [DEBUG] DefaultHttpParams - Set parameter
http.connection-manager.max-per-host = {HostConfiguration[]=100}
2007/10/11 17:09:28:671 IST [DEBUG] DefaultHttpParams - Set parameter
http.method.retry-handler =
[EMAIL PROTECTED]
2007/10/11 17:09:28:671 IST [DEBUG] HttpConnection - Open connection to
nicola:8443
2007/10/11 17:09:28:843 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:09:28:843 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:09:28:843 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:09:28:843 IST [DEBUG] header - >> "Host: nicola:8443[\r][\n]"
2007/10/11 17:09:28:843 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "Set-Cookie:
JSESSIONID=8E9B140A1D5365F99021565BDF53CE50; Path=/ssp; Secure[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:09:28:875 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:09:28 GMT[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Cookie accepted:
"$Version=0; JSESSIONID=8E9B140A1D5365F99021565BDF53CE50; $Path=/ssp"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:09:28:890 IST [DEBUG] content - << "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] content - << "0"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
0

2007/10/11 17:09:28:890 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "Host: nicola:8443[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Set-Cookie:
JSESSIONID=0B1ECE3AB1E95C9D1409928A072C1A32; Path=/ssp; Secure[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:09:28 GMT[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Cookie accepted:
"$Version=0; JSESSIONID=0B1ECE3AB1E95C9D1409928A072C1A32; $Path=/ssp"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:09:28:890 IST [DEBUG] content - << "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] content - << "0"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
0

2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
2007/10/11 17:09:28:890 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "GET /ssp/ HTTP/1.1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Adding Host request
header
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "User-Agent:  Mozilla/5.0
(Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7) Gecko/20070914
Firefox/2.0.0.7[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "Host: nicola:8443[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - >> "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Server:
Apache-Coyote/1.1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Set-Cookie:
JSESSIONID=5CFEA4AF7874FE652AA5FDC6562FED32; Path=/ssp; Secure[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Content-Type:
text/html;charset=ISO-8859-1[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Content-Length: 3[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "Date: Thu, 11 Oct 2007
16:09:28 GMT[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] header - << "[\r][\n]"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Cookie accepted:
"$Version=0; JSESSIONID=5CFEA4AF7874FE652AA5FDC6562FED32; $Path=/ssp"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Buffering response body
2007/10/11 17:09:28:890 IST [DEBUG] content - << "[\r][\n]"

0
2007/10/11 17:09:28:890 IST [DEBUG] content - << "0"
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2007/10/11 17:09:28:890 IST [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1
2007/10/11 17:09:28:890 IST [DEBUG] HttpConnection - Releasing connection
back to connection manager.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks again!
nicola



olegk wrote:
> 
> On Wed, 2007-10-10 at 08:49 -0700, nzaghini wrote:
>> I am really sorry my code before was incomplete, and of course it didn't
>> make
>> sense, unfortunately is not so easy.. (the get method was wrong too, i
>> apologize)
>> 
>> >HttpClient client = new HttpClient();
>> > client.getParams().setParameter(HttpMethodParams.USER_AGENT,
>> >         " Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7)
>> > Gecko/20070914 Firefox/2.0.0.7");
>> > 
>> > Protocol easyhttps = new Protocol("https", new
>> > EasySSLProtocolSocketFactory(), 443);
>> > Protocol.registerProtocol("https", easyhttps);
>> > 
>> 
>> GetMethod method = new GetMethod("https://nicola:8443/ssp/";);
>> 
>> > method.setDoAuthentication(true); // tryed with and without
>> > 
>> > HttpState state = new HttpState();
>> 
>> int statusCode = client.executeMethod(client.getHostConfiguration(),
>> method,
>> state);
>> String responseBody = method.getResponseBodyAsString();
>> 
>> 
>> statusCode = client.executeMethod(client.getHostConfiguration(), method,
>> state);
>> responseBody = method.getResponseBodyAsString();
>> 
>> 
>> statusCode = client.executeMethod(client.getHostConfiguration(), method,
>> state);
>> responseBody = method.getResponseBodyAsString();
>> 
>> 
>> I think this code should be fine to let my session go ahead, but putting
>> break-point among invocations i can clearly see the content (session id)
>> of
>> the state object change after every invocation, and this makes my counter
>> service on https://nicola:8443/ssp/ answer with the number 0 every
>> invocation.
>> 
>> Of course the behavior change if i use http://nicola:8080/ssp/ as target
>> page, it means that the result is 0, 1, 2 and the state object shows a
>> session id never changing.
>> 
>> Thanks for your help.
>> nicola
>> 
>> 
> 
> Nicola
> 
> Aha! The _session ID_ always changes, not the HttpState instance.
> 
> Please post two wire/context logs (one for a plain connection and
> another one for https)
> 
> http://jakarta.apache.org/httpcomponents/httpclient-3.x/logging.html
> 
> Oleg
> 
>> 
>> 
>> 
>> olegk wrote:
>> > 
>> > On Wed, 2007-10-10 at 07:57 -0700, nzaghini wrote:
>> >> >There is no difference between plain http or https as far as the
>> cookie
>> >> >based state management is concerned. 
>> >> 
>> >> I am completely agree with you, but the result of my invocations seems
>> to
>> >> be
>> >> different from the normal/logic/expected behavior..
>> >> 
>> >> >Why does it always change?
>> >> 
>> >> This is the question, i can't figure out why it change all the time.
>> >> To let you better understand the situation i paste here my entire
>> code,
>> >> because maybe the problem is so macroscopic that i can't see it being
>> too
>> >> close..
>> >> 
>> >> I forgot to tell you that using the basic https support everithing
>> works
>> >> fine, but i need to work even with self-signed servers, and this is
>> the
>> >> solution suggested by HttpClient Jakarta site.
>> >> 
>> >> HttpClient client = new HttpClient();
>> >> client.getParams().setParameter(HttpMethodParams.USER_AGENT,
>> >>         " Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.7)
>> >> Gecko/20070914 Firefox/2.0.0.7");
>> >> 
>> >> Protocol easyhttps = new Protocol("https", new
>> >> EasySSLProtocolSocketFactory(), 443);
>> >> Protocol.registerProtocol("https", easyhttps);
>> >> 
>> >> GetMethod method = new GetMethod("http://nicola:8080/ssp/";);
>> >> method.setDoAuthentication(true); // tryed with and without
>> >> 
>> > =====================================
>> >> HttpState state = new HttpState();
>> >> 
>> >> client.setState(state); 
>> > ====================================
>> > Nicola,
>> > 
>> > You are creating a new instance of HttpState for _each_ request thus
>> > effectively discarding all cookies stored previously. No wonder
>> sessions
>> > do not 'stick'.
>> > 
>> > Oleg
>> > 
>> > 
>> >> // tryed with and without
>> >> int statusCode = client.executeMethod(client.getHostConfiguration(),
>> >> method,
>> >> null); //tryed with state instead of null
>> >> 
>> >> Thanks!
>> >> nicola
>> >> 
>> >> 
>> >> olegk wrote:
>> >> > 
>> >> > On Mon, 2007-10-08 at 07:05 -0700, nzaghini wrote:
>> >> >> Hi,
>> >> >> i have a problem with https and cookies based sessioning system.
>> >> > 
>> >> > There is no difference between plain http or https as far as the
>> cookie
>> >> > based state management is concerned.  
>> >> > 
>> >> >> I've just added the following line of code to my component
>> exploiting
>> >> >> httpclient
>> >> >> 
>> >> >>     Protocol easyhttps = new Protocol("https",
>> >> >> EasySSLProtocolSocketFactory(), 443);
>> >> >>     Protocol.registerProtocol("https", easyhttps);
>> >> >> 
>> >> >> All the classes used here comes from the httpclient home site.
>> >> >> 
>> >> >> What i need, and it works fine without ssl, is to make several
>> request
>> >> >> with
>> >> >> the same HttpState obejct to let the session go ahead..
>> >> >> 
>> >> >> So, while i try to invoke the executeMethod several times like
>> this:
>> >> >> 
>> >> >> int statusCode =
>> client.executeMethod(client.getHostConfiguration(),
>> >> >> method,
>> >> >> state);
>> >> >> int statusCode =
>> client.executeMethod(client.getHostConfiguration(),
>> >> >> method,
>> >> >> state);
>> >> >> int statusCode =
>> client.executeMethod(client.getHostConfiguration(),
>> >> >> method,
>> >> >> state);
>> >> >> 
>> >> >> the state obect (instance of HttpState class)  always chage, 
>> >> > 
>> >> > Why does it always change?
>> >> > 
>> >> > Oleg
>> >> > 
>> >> >> so i cannot go
>> >> >> ahead in the application session and all the time i'm in the same
>> >> >> situation.
>> >> >> 
>> >> >> Thanks million for your help!
>> >> >> nicola
>> >> > 
>> >> > 
>> >> >
>> ---------------------------------------------------------------------
>> >> > To unsubscribe, e-mail:
>> [EMAIL PROTECTED]
>> >> > For additional commands, e-mail:
>> >> [EMAIL PROTECTED]
>> >> > 
>> >> > 
>> >> > 
>> >> 
>> > 
>> > 
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>> > For additional commands, e-mail:
>> [EMAIL PROTECTED]
>> > 
>> > 
>> > 
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/problem-with-https-and-cookies-based-session-tf4588385.html#a13159218
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: problem with https and cookies based session

Reply via email to