Preventing HttpClient 4 from following redirect

StackOverflow https://stackoverflow.com/questions/1352949

Question

I'm connecting to my AppEngine application using the Apache HttpComponents library. In order to authenticate my users, I need to pass an authentication token along to the application's login address (http://myapp.appspot.com/_ah/login?auth=...) and grab a cookie from the header of the response. However, the login page responds with a redirect status code, and I don't know how to stop HttpClient from following the redirect, thus thwarting me from intercepting the cookie.

Fwiw, the actual method I use to send the request is below.

private void execute(HttpClient client, HttpRequestBase method) {
    // Set up an error handler
    BasicHttpResponse errorResponse = new BasicHttpResponse(
            new ProtocolVersion("HTTP_ERROR", 1, 1), 500, "ERROR");

    try {
        // Call HttpClient execute
        client.execute(method, this.responseHandler);
    } catch (Exception e) {
        errorResponse.setReasonPhrase(e.getMessage());
        try {
            this.responseHandler.handleResponse(errorResponse);
        } catch (Exception ex) {
            // log and/or handle
        }
    }
}

How would I stop the client from following the redirect?

Thanks.

Update:

As per the solution below, I did the following after creating a DefaultHttpClient client (and before passing it to the execute method):

if (!this.followRedirect) {
    client.setRedirectHandler(new RedirectHandler() {
        public URI getLocationURI(HttpResponse response,
                HttpContext context) throws ProtocolException {
            return null;
        }

        public boolean isRedirectRequested(HttpResponse response,
                HttpContext context) {
            return false;
        }
    });
}

More verbose than it seems it needs to be, but not as difficult as I thought.

Was it helpful?

Solution

Try using a RedirectHandler. That may require extending DefaultHttpClient to return your custom implementation from createRedirectHandler().

OTHER TIPS

You can do it with the http params:

final HttpParams params = new BasicHttpParams();
HttpClientParams.setRedirecting(params, false);

The method has no javadoc, but if you look at the source you can see it sets:

HANDLE_REDIRECTS

which controls:

Defines whether redirects should be handled automatically

With the Version 4.3.x of HttpClient its directly in the clientBuilder.

so when u build your Client use:

CloseableHttpClient client = clientBuilder.disableRedirectHandling().build();

I know its an old question but I had this problem too and want to share my solution.

The RedirectHandler seem to be deprecated, I managed to disable automatically following the redirect responses by changing the default RedirectionStrategy for the DefaultHttpClient liks this:

httpClient.setRedirectStrategy(new RedirectStrategy() {
        @Override
        public boolean isRedirected(HttpRequest httpRequest, HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
            return false;
        }

        @Override
        public HttpUriRequest getRedirect(HttpRequest httpRequest, HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
            return null;
        }
    });

On the downside, this tie us to a specific implementation of the HttpClient but it does the job.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top