Re: Another Form-problem, cookies?
distortion wrote: > > Did some scanning with WireShark and noticed that when i log in to the site > using Firefox the GET /my.php, which is redirected from /login.php, the > http-packet contains a Referer, that says: > Referer: http://www.torrentbytes.net/login.php\r\n > > And when i attempt the same thing with my Java-program the http-packet for > GET /my.php doesn't have any Referer at all, so I'm guessin' that this is > what's causing my problems. Is it possible to send a Referer-attribute or > something? Sure: http://jakarta.apache.org/httpcomponents/httpclient-3.x/apidocs/org/apache/commons/httpclient/HttpMethod.html#setRequestHeader(java.lang.String,%20java.lang.String) cheers, Roland - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Form-problem, cookies?
Roland Weber wrote:
>
> So the POST of the login form returns a page instead of a redirect.
> Have you taken a look at that page? Maybe it's the one you want.
> If not, it may contain an error description.
>
> cheers,
> Roland
>
I had the code a bit messed up, but changed it and got another result this
time. I now get a redirect-status (302), but in some way the redirect isn't
working as intended.
Did some scanning with WireShark and noticed that when i log in to the site
using Firefox the GET /my.php, which is redirected from /login.php, the
http-packet contains a Referer, that says:
Referer: http://www.torrentbytes.net/login.php\r\n
And when i attempt the same thing with my Java-program the http-packet for
GET /my.php doesn't have any Referer at all, so I'm guessin' that this is
what's causing my problems. Is it possible to send a Referer-attribute or
something?
Here is the result I'm getting while running my app, the last Redirect says
OK, but I'm unable to GET any of the "logged-in"-pages:
[RESULT]
Login form get: HTTP/1.1 200 OK
Initial set of cookies:
- PHPSESSID=f47e4d079b3f68d1a3547ed45c9c9e58
- checksum=3b8e2b8efcee77a88fe61182d0ed3a60
Login form post: HTTP/1.1 302 Found
Logon cookies:
- PHPSESSID=8db18443f72b735a40aa27e5ed62676f
- uid=*
- pass=**
- validation=/* same as the checksum beneath */
- checksum=/* same as the validation above */
Location: http://www.torrentbytes.net/my.php
Redirect target: http://www.torrentbytes.net/my.php
Redirect: HTTP/1.1 200 OK
[/RESULT]
Any help is appreciated
// Mathias
[CODE]
import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.httpclient.methods.*;
import java.io.*;
import java.util.*;
/**
*
* A example that demonstrates how HttpClient APIs can be used to perform
* form-based logon.
*
*
* @author Oleg Kalnichevski
*
*/
public class FormBasedTest {
static final String LOGON_SITE = "www.torrentbytes.net";
static final int LOGON_PORT = 80;
public FormBasedTest() {
super();
}
public static void main(String[] args) throws Exception {
/*System.setProperty("org.apache.commons.logging.Log",
"org.apache.commons.logging.impl.SimpleLog");
System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
"true");
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire.header",
"debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient",
"debug");*/
HttpClient client = new HttpClient();
client.getParams().setParameter("http.useragent", "Mozilla/5.0,
(Windows; U; Windows NT 5.2; en-US; rv:1.8.1.10) Gecko/20071025
Firefox/2.0.0.10");
client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT,
"http");
client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
// 'developer.java.sun.com' has cookie compliance problems
// Their session cookie's domain attribute is in violation of the
RFC2109
// We have to resort to using compatibility cookie policy
GetMethod authget = new GetMethod("/login.php");
client.executeMethod(authget);
System.out.println("Login form get: " +
authget.getStatusLine().toString());
//System.out.println(authget.getResponseBodyAsString());
// release any connection resources used by the method
authget.releaseConnection();
// See if we got any cookies
CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
Cookie[] initcookies = cookiespec.match(
LOGON_SITE, LOGON_PORT, "/", false,
client.getState().getCookies());
System.out.println("Initial set of cookies:");
if (initcookies.length == 0) {
System.out.println("None");
} else {
for (int i = 0; i < initcookies.length; i++) {
System.out.println("- " + initcookies[i].toString());
}
}
PostMethod authpost = new PostMethod("/takelogin.php");
// Prepare login parameters
NameValuePair action = new NameValuePair("action",
"/takelogin.php");
NameValuePair userid = new NameValuePair("username", "username");
NameValuePair password = new NameValuePair("password", "password");
NameValuePair login = new NameValuePair("login", "Log in!");
authpost.setRequestBody(
new NameValuePair[]{action, userid, password, login});
client.executeMethod(authpost);
System.out.println(authpost.getResponseBodyAsString());
System.out.println("Login form post: " +
authpost.getStatusLine().toString());
// release any connection resources used by the method
authpost.releaseConnection();
// See if we got any cookies
// The only way of telling whether logon succeeded
Re: Another Form-problem, cookies?
Mathias Söderberg wrote: > Hi! > I, like many others, are trying to login to a website using HttpClient and > the PostMethod. When running the program I'm getting the following result: > > Login form get: HTTP/1.1 200 OK > Initial set of cookies: > - PHPSESSID=4c3499e030f2e09c35e5af6fb20571f0 > - checksum=f2d870271e0887c854fd041ad746cb78 > Login form post: HTTP/1.1 200 OK > Logon cookies: > - PHPSESSID=4eb20a61a4a09f4cf89db46af25affb2 > - checksum=0a8a452f089ad78ce3b0ea670d0d8011 So the POST of the login form returns a page instead of a redirect. Have you taken a look at that page? Maybe it's the one you want. If not, it may contain an error description. cheers, Roland - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Another Form-problem, cookies?
On Wed, 2007-11-28 at 22:45 +0100, Mathias Söderberg wrote:
> Hi!
> I, like many others, are trying to login to a website using HttpClient and
> the PostMethod. When running the program I'm getting the following result:
>
> Login form get: HTTP/1.1 200 OK
> Initial set of cookies:
> - PHPSESSID=4c3499e030f2e09c35e5af6fb20571f0
> - checksum=f2d870271e0887c854fd041ad746cb78
> Login form post: HTTP/1.1 200 OK
> Logon cookies:
> - PHPSESSID=4eb20a61a4a09f4cf89db46af25affb2
> - checksum=0a8a452f089ad78ce3b0ea670d0d8011
>
> And since I'm not very familiar with either php or cookies I really don't
> know what to do next. I actually expected to get some kind of redirect or
> something, but now I don't get anything like that, so basically I need some
> help on what to do next.
> I'm not really sure i got the NameValuePairs correct either...
>
> Here's the page source from the website for the form;
>
>
> Note: You need cookies enabled to log in.
>
> Username: size=40 name="username" />
> Password: type="password" size=40 name="password" />
>
> value="Log in!" class=btn>
>
>
>
>
>
> Any help is highly appreciated. Please guide me, I am in need of help.
>
Please refer to the HttpClient HTTP Programming Primer
http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners
Oleg
> Thanks
> Mathias
>
>
> [CODE]
> import org.apache.commons.httpclient.*;
> import org.apache.commons.httpclient.cookie.CookiePolicy;
> import org.apache.commons.httpclient.cookie.CookieSpec;
> import org.apache.commons.httpclient.methods.*;
> import java.io.*;
> import java.util.*;
>
> /**
> *
> * A example that demonstrates how HttpClient APIs can be used to perform
> * form-based logon.
> *
> *
> * @author Oleg Kalnichevski
> *
> */
> public class FormBasedTest {
>
> static final String LOGON_SITE = "www.torrentbytes.net";
> static final int LOGON_PORT = 80;
>
> public FormBasedTest() {
> super();
> }
>
> public static void main(String[] args) throws Exception {
>
> System.setProperty("org.apache.commons.logging.Log", "
> org.apache.commons.logging.impl.SimpleLog");
> System.setProperty("
> org.apache.commons.logging.simplelog.showdatetime", "true");
> System.setProperty("
> org.apache.commons.logging.simplelog.log.httpclient.wire.header", "debug");
> System.setProperty("
> org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient",
> "debug");
>
> HttpClient client = new HttpClient();
> client.getHostConfiguration().setHost(LOGON_SITE, LOGON_PORT,
> "http");
> client.getParams().setCookiePolicy(
> CookiePolicy.BROWSER_COMPATIBILITY);
> // 'developer.java.sun.com' has cookie compliance problems
> // Their session cookie's domain attribute is in violation of the
> RFC2109
> // We have to resort to using compatibility cookie policy
>
> GetMethod authget = new GetMethod("/login.php");
>
> client.executeMethod(authget);
>
> System.out.println("Login form get: " + authget.getStatusLine
> ().toString());
> // release any connection resources used by the method
> authget.releaseConnection();
> // See if we got any cookies
> CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
> Cookie[] initcookies = cookiespec.match(
> LOGON_SITE, LOGON_PORT, "/", false, client.getState
> ().getCookies());
> System.out.println("Initial set of cookies:");
> if (initcookies.length == 0) {
> System.out.println("None");
> } else {
> for (int i = 0; i < initcookies.length; i++) {
> System.out.println("- " + initcookies[i].toString());
> }
> }
>
> PostMethod authpost = new PostMethod("/login.php");
> // Prepare login parameters
> NameValuePair action = new NameValuePair("action", "takelogin.php");
> NameValuePair userid = new NameValuePair("username", "username");
> NameValuePair password = new NameValuePair("password", "password");
> NameValuePair login = new NameValuePair("login", "Log in!");
> NameValuePair hidden = new NameValuePair("returnto", "/browse.php");
> authpost.setRequestBody(
> new NameValuePair[]{action, userid, password, login,
> hidden});
>
> client.executeMethod(authpost);
> System.out.println("Login form post: " + authpost.getStatusLine
> ().toString());
> // release any connection resources used by the method
> authpost.releaseConnection();
>
> // See if we got any cookies
> // The only way of telling whether logon succeeded is
> // by finding a session cookie
> Cookie[] logoncookies = cookiespec.match(
> LOGON_SITE, LOGON_PORT, "/", false,
> client.getState().getCookies());
>
> System.out.println("Logon cookies:");
>
> if (logoncooki
