https://stackoverflow.com/questions/15578429
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFound the answer on the same day I posted this question.. thought of sharing.. The answer is very simple.. For some reasons the authentication wasn't successful, hence the new jsessionId was created. Replaced "httpClient.getCredentialsProvider().setCredentials()" with "BasicNameValuePair" and it worked :)
Why is httpclient is refreshing the jsession id for every request?
-
29-03-2022 - |
Question
I am trying to hit a url(login screen), get the jsessionid(J2EEJSESSIONID) and add it in the cookie store and in turn in to the context and hit the same url with credentials. I am expecting a login successful screen. However i am bounced with the login screen again. And, i printed the response header for both the hits. I am expecting both the response with the same J2EESESSIONID to maintain the session. Instead both the session ids are different. Pls help.
Pls find the code below:
HttpEntity entity = null;
DefaultHttpClient httpClient = new DefaultHttpClient();
try{
// Initialization
HttpPost httpPost = new HttpPost("https://yyyyy.xxx.com/enl");
HttpClientExample httpClientExample = new HttpClientExample();
CookieStore cookieStore = new BasicCookieStore();
HttpContext httpContext = new BasicHttpContext();
httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
HttpGet httpGet = new HttpGet("https://yyyyy.xxx.com/enl");
// Execute Get
HttpResponse httpResponse = httpClient.execute(httpGet, httpContext);
// Print the header for 1st url
org.apache.http.Header[] headers = httpResponse.getAllHeaders();
System.out.println("##### Header length::"+headers.length);
for(int i=0;i<headers.length; i++)
{
System.out.println("Header Name::"+headers[i].getName());
System.out.println("Header Val::"+headers[i].getValue());
}
// update Cookie for the next hit
org.apache.http.Header[] cookieHeaders = httpResponse.getHeaders("Set-Cookie");
String html = EntityUtils.toString(httpResponse.getEntity());
cookieStore = httpClientExample.updateCookieStore(cookieHeaders, cookieStore);
httpClient.setCookieStore(cookieStore);
httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
// Setting the redirects since i received 302 error
httpClient.setRedirectStrategy(new DefaultRedirectStrategy() {
public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) {
boolean isRedirect=false;
try {
isRedirect = super.isRedirected(request, response, context);
} catch (ProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (!isRedirect) {
int responseCode = response.getStatusLine().getStatusCode();
if (responseCode == 301 || responseCode == 302) {
return true;
}
}
return false;
}
});
// Added because i received Circular redirect error
httpClient.getParams().setParameter(ClientPNames.ALLOW_CIRCULAR_REDIRECTS, true);
// Execute Post with credentials
httpClient.getCredentialsProvider().setCredentials(
new AuthScope("http://yyyyy.xxx.com", 443),
new UsernamePasswordCredentials("usr", "pswd"));
httpPost.setHeader("Cookie", "JSESSIONID="+ getSessionId(cookieHeaders));
HttpResponse response = httpClient.execute(httpPost, httpContext);
// Print the response
entity = response.getEntity();
InputStream content1 = (InputStream)entity.getContent();
System.out.println("############### 2nd #####################"+response.getStatusLine().getStatusCode());
BufferedReader in1 =
new BufferedReader (new InputStreamReader (content1));
String line1;
while ((line1 = in1.readLine()) != null) {
System.out.println(line1);
}
// Print the header for 2nd url
org.apache.http.Header[] headers1 = response.getAllHeaders();
System.out.println("##### Header length 2 ::"+headers1.length);
for(int i=0;i<headers1.length; i++)
{
System.out.println("Header Name 2 ::"+headers1[i].getName());
System.out.println("Header Val 2 ::"+headers1[i].getValue());
}
}
catch(Exception e)
{
e.printStackTrace();
}
finally{
try {
EntityUtils.consume(entity);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
httpClient.getConnectionManager().shutdown();
}
}
private static String getSessionId(org.apache.http.Header[] headers) {
// TODO Auto-generated method stub
for(int i=0;i<headers.length; i++)
{
String str = headers[i].getValue();
String[] strArray = str.split("=");
String[] cookieValueArray = strArray[1].split(";");
System.out.println(strArray[0]+"|"+cookieValueArray[0]);
if(strArray[0].startsWith("J2EEJSESSION"))
{
System.out.println("cookieValueArray[0]:"+cookieValueArray[0]);
return cookieValueArray[0];
}
}
return null;
}
protected CookieStore updateCookieStore(org.apache.http.Header[] headers, CookieStore cookieStore)
{
for(int i=0;i<headers.length; i++)
{
String str = headers[i].getValue();
String[] strArray = str.split("=");
String[] cookieValueArray = strArray[1].split(";");
System.out.println(strArray[0]+"|"+cookieValueArray[0]);
BasicClientCookie cookie = new BasicClientCookie(strArray[0], "A"+cookieValueArray[0]);
/*if(strArray[0].startsWith("J2EEJSESSION"))
{
cookie.setDomain("yyyyy.xxx.com");
}
else
{
cookie.setDomain(".xxx.com");
}*/
cookie.setDomain(".xxx.com");
cookie.setPath("/");
cookieStore.addCookie(cookie);
if(strArray[0].startsWith("J2EEJSESSION"))
{
BasicClientCookie cookie1 = new BasicClientCookie("JSESSIONID", "A"+cookieValueArray[0]);
cookie1.setDomain(".xxx.com");
cookie1.setPath("/");
cookieStore.addCookie(cookie1);
}
}
return cookieStore;
}
Another observation: When i remove the "A" concat from the below snippet, i am not getting the J2EESESSIONID in the 2nd hit:
BasicClientCookie cookie = new BasicClientCookie(strArray[0], "A"+cookieValueArray[0]);
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
