> For the below, isn't there an alternative method of configuring the > client to automatically follow redirects?
I asked the same question and Oleg Kalniche (HTTPComponents developer) replied: "There are several cases when automatic redirections is prohibited by the HTTP specification. You can provide a custom RedirectHandler (4.0) or RedirectStrategy (4.1) implementation in order to override those restrictions. Per default HttpClient automatically redirects 302 responses only for GET and HEAD methods." It is also weird that the first response after the redirect is ok, but the next fails while all responses after the failure are fine. best regards Hans 2010/8/13 Pid <p...@pidster.com>: > On 13/08/2010 11:52, Hans Wahn wrote: >> Thanks for looking into this issue. >> >>> What is the exact header & body of the 302 redirect from Tomcat in #2? >> >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "HTTP/1.1 302 Moved >> Temporarily[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Server: >> Apache-Coyote/1.1[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Location: >> http://localhost:8080/test/secure/[EOL]"; >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Content-Length: 0[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "Date: Thu, 12 Aug 2010 >> 18:20:17 GMT[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - << "[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << HTTP/1.1 302 Moved >> Temporarily >> 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Server: Apache-Coyote/1.1 >> 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Location: >> http://localhost:8080/test/secure/ >> 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Content-Length: 0 >> 2010/08/12 20:20:17:750 CEST [DEBUG] headers - << Date: Thu, 12 Aug >> 2010 18:20:17 GMT >> >> >>> Given that the client performs steps 3 & 4, can you check what's being >>> *sent* by the client, not what's being received by Tomcat? >> >> Client sent data step3 (request redirect uri): >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "POST /test/secure/ >> HTTP/1.1[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Content-Length: 18[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Content-Type: >> application/x-www-form-urlencoded; charset=UTF-8[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Host: localhost:8080[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Connection: Keep-Alive[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "User-Agent: >> Apache-HttpClient/4.0.1 (java 1.5)[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Expect: 100-Continue[EOL]" >> 2010/08/12 20:20:17:750 CEST [DEBUG] wire - >> "Cookie: >> JSESSIONID=DA224C1B02E94524187858267D70A830[EOL]" >> 2010/08/12 20:20:17:765 CEST [DEBUG] wire - >> "Cookie2: $Version=1[EOL]" >> 2010/08/12 20:20:17:765 CEST [DEBUG] wire - >> "[EOL]" >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> POST /test/secure/ HTTP/1.1 >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Content-Length: 18 >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Content-Type: >> application/x-www-form-urlencoded; charset=UTF-8 >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Host: localhost:8080 >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Connection: Keep-Alive >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> User-Agent: >> Apache-HttpClient/4.0.1 (java 1.5) >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Expect: 100-Continue >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Cookie: >> JSESSIONID=DA224C1B02E94524187858267D70A830 >> 2010/08/12 20:20:17:765 CEST [DEBUG] headers - >> Cookie2: $Version=1 >> 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "HTTP/1.1 100 Continue[EOL]" >> 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "[EOL]" >> 2010/08/12 20:20:17:781 CEST [DEBUG] headers - << HTTP/1.1 100 Continue >> 2010/08/12 20:20:17:781 CEST [DEBUG] wire - >> "testName=testValue" >> 2010/08/12 20:20:17:781 CEST [DEBUG] wire - << "HTTP/1.1 200 OK[EOL]" >> .... >> >> Client sent data step4 (re-requesting the same uri): >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "POST /test/secure/ >> HTTP/1.1[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Content-Length: 18[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Content-Type: >> application/x-www-form-urlencoded; charset=UTF-8[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Host: localhost:8080[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Connection: Keep-Alive[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "User-Agent: >> Apache-HttpClient/4.0.1 (java 1.5)[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Expect: 100-Continue[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Cookie: >> JSESSIONID=A5FB87E6199EADB2AB18010DA295EC99[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "Cookie2: $Version=1[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> POST /test/secure/ HTTP/1.1 >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Content-Length: 18 >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Content-Type: >> application/x-www-form-urlencoded; charset=UTF-8 >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Host: localhost:8080 >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Connection: Keep-Alive >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> User-Agent: >> Apache-HttpClient/4.0.1 (java 1.5) >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Expect: 100-Continue >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Cookie: >> JSESSIONID=A5FB87E6199EADB2AB18010DA295EC99 >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - >> Cookie2: $Version=1 >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "HTTP/1.1 100 Continue[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "[EOL]" >> 2010/08/12 20:20:17:796 CEST [DEBUG] headers - << HTTP/1.1 100 Continue >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - >> "testName=testValue" >> 2010/08/12 20:20:17:796 CEST [DEBUG] wire - << "HTTP/1.1 501 Not >> Implemented[EOL]" >> ... >> >> >>> Are you sure the client isn't making that error? >>> What is the client code which makes the request here? >> >> I'm not entirely sure about the client code, but posted it to the >> HTTPComponents list and regarding the logs provided above, the client >> behaviour seems to be ok. My client code is the following: >> >> //SOURCE START >> DefaultHttpClient httpclient = new DefaultHttpClient(); >> HttpPost httpost = new HttpPost(new >> URI("http://localhost:8080/test/secure/";)); >> List <NameValuePair> nvps = new ArrayList <NameValuePair>(); >> nvps.add(new BasicNameValuePair("j_username", "tomcat")); >> nvps.add(new BasicNameValuePair("j_password", "tomcat")); >> httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8)); >> HttpResponse response = httpclient.execute(httpost); >> System.out.println("Response Status: " + response.getStatusLine()); >> response.getEntity().consumeContent(); >> httpost.setURI(new >> URI("http://localhost:8080/test/secure/j_security_check";)); >> response = httpclient.execute(httpost); >> HttpEntity entity = response.getEntity(); >> System.out.println("Response Status: " + response.getStatusLine()); > > For the below, isn't there an alternative method of configuring the > client to automatically follow redirects? > > > p > >> int code = response.getStatusLine().getStatusCode()/100; >> if(code == 3) { >> String location = response.getFirstHeader("location").getValue(); >> System.out.println("==> REDIRECT to "+location); >> entity.consumeContent(); >> httpost.setURI(new URI(location)); >> List <NameValuePair> params = new ArrayList <NameValuePair>(); >> params.add(new BasicNameValuePair("testName", "testValue")); >> httpost.setEntity(new UrlEncodedFormEntity(params, HTTP.UTF_8)); >> for(int i=0; i<5; i++) { >> response = httpclient.execute(httpost); >> System.out.println("Response Status: " + response.getStatusLine()); >> entity = response.getEntity(); >> entity.consumeContent(); >> } >> } >> httpclient.getConnectionManager().shutdown(); >> //SOURCE END >> >> >> best regards >> Hans >> >> >> 2010/8/13 Pid <p...@pidster.com>: >>> On 13/08/2010 10:07, Hans Wahn wrote: >>>> Hello Tomcat-Users, >>>> >>>> I'm facing a strange issue when using HttpComponents with successive >>>> POST requests against a simple Tomcat 7 servlet (Form-based POST >>>> Authentication is enabled). After a sucessfull authentication, the >>>> client requests the same protected resource a few times in a row, but >>>> the second request always returns a "501 Method not implemented" >>>> status. All other requests succeed. >>>> >>>> The following communication takes place: >>>> 1. Client requests a protected resource; Tomcat returns the login page >>>> (HTTP200) >>>> 2. Client provides the user credentials and calls the login resource; >>>> Tomcat returns a redirect (HTTP302) >>>> 3. Client sets the location from the redirect for the next >>>> request(identical to URI from #1) and requests it; Tomcat returns the >>>> page (HTTP200) >>>> 4. Client requests the same resource again; Tomcat returns a HTTP501 - >>>> Method not implemented >>>> 5. Client requests the same resource again; Tomcat returns the page >>>> (HTTP200) >>>> 6. Client requests the same resource again; Tomcat returns the page >>>> (HTTP200) >>>> 7. Client requests the same resource again; Tomcat returns the page >>>> (HTTP200) >>>> >>>> >>>> The access log message regarding the 501 says: >>>> '"testName=testValuePOST /test/secure/ HTTP/1.1" 501 1278', which may >>> >>> What is the exact header & body of the 302 redirect from Tomcat in #2? >>> >>> Given that the client performs steps 3 & 4, can you check what's being >>> *sent* by the client, not what's being received by Tomcat? >>> >>> Are you sure the client isn't making that error? >>> >>> What is the client code which makes the request here? >>> >>> >>> p >>> >>>> indicate that the entity data and the HTTP-method name somehow got >>>> mixed up!? Strangely the HTTP501 does not appear in case of a JSP for >>>> the requested resource, only if facing a form-based POST >>>> authentication Servlet in Tomcat 7. The servlet does only implement >>>> post and get(which calls the doPost) and returns just a string. The >>>> client code should be fine since I already posted this issue on the >>>> HTTPComponents mailing list and the data sent over the wire seems to >>>> be right. >>>> I'd like to attach the zipped webapp dir along with the simple client >>>> souce code, but along with the HTTPComponents libraries it's ~450KB >>>> and I don't know the attachment policy of this list. How can I provide >>>> further helpfull information? >>>> >>>> >>>> Thanks for helping in advance >>>> best regards >>>> Hans >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>> For additional commands, e-mail: users-h...@tomcat.apache.org >>>> >>> >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
