[ale] OT: Java and Cookies

Denny Chambers dchambers at bugfixer.net
Fri Aug 29 15:21:18 EDT 2003 

Don't feel bad, I have had to hack up some code like this. Try to do a 
multi-part file file upload with HttpURLConnection on a 90MB file. It 
works if you give the JVM about 200 MB of memory. I had to hack together 
my own version to upload the file without the memory overhead.

I am having my own problem, that maybe you can help with. I send a POST 
request to a URL with HttpURLConnection. tha URL sends back a 302 
Redirect. The problem happens when the HttpURLConnection goes to follow 
the redirect, it changes the request to a GET, and I loose the data that 
I was passing. Any clue on getting around this, before I start hacking 
it up and handling the redirect myself? Does this sound like a bug, or 
is this just the way redirects work? Sounds like a bug to me?

Denny




Christopher Fowler wrote:

>On Fri, Aug 29, 2003 at 01:18:21PM -0500, Denny Chambers wrote:
>  
>
>>Hey, It just so happens I am working on HttpURLConnection stuff right 
>>now. It sounds like the page that returns the frame sets does not return 
>>a Set-Cookie, but frame source URLs do return cookies. Is this correct?
>>    
>>
>
>
>Actually it does do a set cookie.  Look at my hack code:
>
>import java.net.*;
>import java.io.*;
>
>public class Soc {
>
>    public static void main (String args[]) {
>        String cookie = null;
>        String message = new String (
>                    "POST /auth.asp HTTP/1.1\r\n" +
>                    "Content-Length: 45\r\n" +
>                    "Content-Type: application/x-www-form-urlencoded\r\n" +
>                    "User-Agent: Java/1.4.1_02\r\n" +
>                    "Host: 127.0.0.1\r\n" +
>                    "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n" +
>                    "Connection: keep-alive\r\n" +
>                    "\r\n" +
>                    "login=super&password=smart&action_login=Login");
>        try {
>            Socket soc = new Socket("127.0.0.1", 80);
>            OutputStream os = soc.getOutputStream();
>            BufferedReader br = new BufferedReader(
>                                    new InputStreamReader(soc.getInputStream()));
>            os.write(message.getBytes());
>            String s;
>            while((s = br.readLine()) != null) {
>                if(s.startsWith("Set-Cookie:") == true) {
>                    cookie = s.substring(12, s.indexOf(';'));
>                }
>            }
>            soc.close();
>        } catch (Exception exp) {
>            System.err.println("Error: " + exp.getMessage());
>            System.exit(1);
>        }
>
>        if(cookie == null) {
>            System.err.println("Authentication failure!\n");
>            System.exit(1);
>        }
>
>        try {
>            String s;
>            URL url = new URL("http://127.0.0.1/title_app.asp");
>            HttpURLConnection connection = (HttpURLConnection)url.openConnection();
>            connection.setRequestProperty("Cookie", cookie);
>            connection.setRequestProperty("Referrer", "http://127.0.0.1/auth.asp");
>            BufferedReader br = new BufferedReader(new InputStreamReader(connection.getInputStream()));
>            while((s = br.readLine()) != null) {
>                System.out.println(s);
>            }
>        } catch (Exception exp) {
>            System.err.println("Error: " + exp.getMessage());
>            System.exit(1);
>        }
>
>    }
>}
>
>/* vi: set ts=4 sw=4 :*/
>
>
>This is crappy hack code.  I'd prefer to do it wit classes.  
>  
>
>>I am not sure how the HttpURLConnection works with frames. Does it try 
>>to download each frame URL automatically? If so what you need are those 
>>URLConnections. From looking at your code what your looking for is a 
>>Set-Cookie header from the response that is returning the FrameSet HTML 
>>code, if that code does not send a cookie, you will not get one looking 
>>at that response data. If the HttpURLConnection is automatically making 
>>the request for all of the frame src, then that is telling me that the 
>>HttpURLConnection has a ContentHandler class that is parsing the html 
>>data, and making the necessary request. If that is true, then your 
>>answer may be in the ContentHandler class.
>>    
>>
>
>Could be.  The response is a redirect response.  The redirected page
>is the page with all the framesets.
>
>  
>
>>HTH,
>>Denny
>>
>>
>>
>>    
>>
>>>I'm trying to do a POST and grab a cookie to be used for later 
>>>authentication. I hope that maybe you guys have done this
>>>before.  The aut.asp page is a simple POST form.  When the
>>>form is submitted it returns a frameset and a cookie.  I can
>>>not seem to get the the HttpURLConnection to get the cookie.  It
>>>seems that the conneciton does the post and then tries to
>>>receive each page of the framset.  However, I do not see
>>>and Cookies: being sent with those GET requests.  Is there a
>>>way to get this code to use the Set-Cookie that is being sent
>>>back.   
>>>
>>>---------- Cut Here --------------------------------
>>>
>>>  public static void main(String args[]) {
>>>      InputStream is;
>>>      int data;
>>>      String s;
>>>      DataOutputStream    printout;
>>>      String c;
>>>      try {
>>>          URL url = new URL("http://127.0.0.1/auth.asp");
>>>          HttpURLConnection connection = 
>>>          (HttpURLConnection)u.openConnection();
>>>          String emit = "login=super&password=smart&action_login=Login";
>>>          connection.setRequestProperty("Content-Length", "" + 
>>>          emit.length());
>>>          connection.setRequestProperty("Content-Type", 
>>>          "application/x-www-form-urlencoded");
>>>          connection.setUseCaches (false);
>>>          connection.setDoInput(true);
>>>          connection.setDoOutput(true);
>>>          connection.setFollowRedirects(false);
>>>          /* Not used now
>>>          connection.setRequestProperty(
>>>              "Authorization", 
>>>              "Basic " + "cm9vdDpwYXNzd29yZA=="
>>>          );      
>>>          */
>>>          connection.setDoOutput(true);
>>>          connection.setDoInput(true);
>>>          printout = new DataOutputStream (connection.getOutputStream ());
>>>          printout.writeBytes (emit);
>>>          printout.flush ();
>>>          printout.close ();
>>>          c = connection.getHeaderField("Set-Cookie");
>>>          System.out.println("Cookie: " + c);
>>>          BufferedReader br = new BufferedReader(new 
>>>          InputStreamReader(connection.getInputStream()));
>>>          System.out.flush();
>>>          while((s = br.readLine()) != null) {
>>>              System.out.println(s);
>>>          }
>>>      } catch (Exception Exp) {
>>>          System.err.println("Error: " + Exp.getMessage());
>>>          System.exit(1);
>>>      }
>>>  }
>>>
>>>
>>>---------- Cut Here --------------------------------
>>>_______________________________________________
>>>Ale mailing list
>>>Ale at ale.org
>>>http://www.ale.org/mailman/listinfo/ale
>>>
>>>
>>>
>>>
>>>      
>>>
>
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>
>  
>

 S/MIME Cryptographic Signature

More information about the Ale mailing list