Roland Weber wrote: > > So the POST of the login form returns a page instead of a redirect. > Have you taken a look at that page? Maybe it's the one you want. > If not, it may contain an error description. > > cheers, > Roland >
I had the code a bit messed up, but changed it and got another result this time. I now get a redirect-status (302), but in some way the redirect isn't working as intended. Did some scanning with WireShark and noticed that when i log in to the site using Firefox the GET /my.php, which is redirected from /login.php, the http-packet contains a Referer, that says: Referer: http://www.torrentbytes.net/login.php\r\n And when i attempt the same thing with my Java-program the http-packet for GET /my.php doesn't have any Referer at all, so I'm guessin' that this is what's causing my problems. Is it possible to send a Referer-attribute or something? Here is the result I'm getting while running my app, the last Redirect says OK, but I'm unable to GET any of the "logged-in"-pages: [RESULT] Login form get: HTTP/1.1 200 OK Initial set of cookies: - PHPSESSID=f47e4d079b3f68d1a3547ed45c9c9e58 - checksum=3b8e2b8efcee77a88fe61182d0ed3a60 Login form post: HTTP/1.1 302 Found Logon cookies: - PHPSESSID=8db18443f72b735a40aa27e5ed62676f - uid=***** - pass=************************** - validation=/* same as the checksum beneath */ - checksum=/* same as the validation above */ Location: http://www.torrentbytes.net/my.php Redirect target: http://www.torrentbytes.net/my.php Redirect: HTTP/1.1 200 OK [/RESULT] Any help is appreciated // Mathias [CODE] import org.apache.commons.httpclient.*; import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.cookie.CookieSpec; import org.apache.commons.httpclient.methods.*; import java.io.*; import java.util.*; /** * <p> * A example that demonstrates how HttpClient APIs can be used to perform * form-based logon. * </p> * * @author Oleg Kalnichevski * */ public class FormBasedTest { static final String LOGON_SITE = "www.torrentbytes.net"; static final int LOGON_PORT = 80; public FormBasedTest() { super(); } public static void main(String[] args) throws Exception { /*System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog"); System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true"); System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire.header", "debug"); System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "debug");*/ HttpClient client = new HttpClient(); client.getParams().setParameter("http.useragent", "Mozilla/5.0, (Windows; U; Windows NT 5.2; en-US; rv:1.8.1.10) Gecko/20071025 Firefox/2.0.0.10"); client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT, "http"); client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY); // 'developer.java.sun.com' has cookie compliance problems // Their session cookie's domain attribute is in violation of the RFC2109 // We have to resort to using compatibility cookie policy GetMethod authget = new GetMethod("/login.php"); client.executeMethod(authget); System.out.println("Login form get: " + authget.getStatusLine().toString()); //System.out.println(authget.getResponseBodyAsString()); // release any connection resources used by the method authget.releaseConnection(); // See if we got any cookies CookieSpec cookiespec = CookiePolicy.getDefaultSpec(); Cookie[] initcookies = cookiespec.match( LOGON_SITE, LOGON_PORT, "/", false, client.getState().getCookies()); System.out.println("Initial set of cookies:"); if (initcookies.length == 0) { System.out.println("None"); } else { for (int i = 0; i < initcookies.length; i++) { System.out.println("- " + initcookies[i].toString()); } } PostMethod authpost = new PostMethod("/takelogin.php"); // Prepare login parameters NameValuePair action = new NameValuePair("action", "/takelogin.php"); NameValuePair userid = new NameValuePair("username", "username"); NameValuePair password = new NameValuePair("password", "password"); NameValuePair login = new NameValuePair("login", "Log in!"); authpost.setRequestBody( new NameValuePair[]{action, userid, password, login}); client.executeMethod(authpost); System.out.println(authpost.getResponseBodyAsString()); System.out.println("Login form post: " + authpost.getStatusLine().toString()); // release any connection resources used by the method authpost.releaseConnection(); // See if we got any cookies // The only way of telling whether logon succeeded is // by finding a session cookie Cookie[] logoncookies = cookiespec.match( LOGON_SITE, LOGON_PORT, "/", false, client.getState().getCookies()); System.out.println("Logon cookies:"); if (logoncookies.length == 0) { System.out.println("None"); } else { for (int i = 0; i < logoncookies.length; i++) { System.out.println("- " + logoncookies[i].toString()); } } // Usually a successful form-based login results in a redicrect to // another url int statuscode = authpost.getStatusCode(); if ((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) || (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) || (statuscode == HttpStatus.SC_SEE_OTHER) || (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)) { Header header = authpost.getResponseHeader("location"); System.out.println(header); if (header != null) { String newuri = header.getValue(); if ((newuri == null) || (newuri.equals(""))) { newuri = "/"; } System.out.println("Redirect target: " + newuri); GetMethod redirect = new GetMethod(newuri); client.executeMethod(redirect); System.out.println("Redirect: " + redirect.getStatusLine().toString()); /*BufferedReader in = new BufferedReader(new InputStreamReader(redirect.getResponseBodyAsStream())); Scanner sc = new Scanner(in); while (sc.hasNextLine()) { System.out.println(sc.nextLine()); }*/ // release any connection resources used by the method redirect.releaseConnection(); } else { System.out.println("Invalid redirect"); System.exit(1); } } } } [/CODE] -- View this message in context: http://www.nabble.com/Another-Form-problem%2C-cookies--tf4893593.html#a14029044 Sent from the HttpClient-User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]