HttpClient - can't access cookies in GET method

https://stackoverflow.com/questions/22867245

27-06-2023
|

Question

I'm writing two functions - first one to log into some site and second one to get main page using "logged in" context based on cookies. Despite the fact that cookies are available in second method (I extracted them using HttpClientContext.getCookieStore().getCookies() and they seem to be OK) main page seems to be displaying its version for non-logged users.

Code using to log into site:

    // Prepare cookie store
    RequestConfig globalConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.BROWSER_COMPATIBILITY).build();
    CookieStore cookieStore = new BasicCookieStore();
    HttpClientContext context = HttpClientContext.create();
    context.setCookieStore(cookieStore);

    // Prepare http Client
    CloseableHttpClient httpclient = HttpClients
            .custom()
            .setDefaultRequestConfig(globalConfig)
            .setDefaultCookieStore(cookieStore)
            .build();

    // Prepare post for login page
    HttpPost httpPost = new HttpPost("http://somesite/login");

    // Prepare nvps store
    List<NameValuePair> nvps = new ArrayList<>();
    nvps.add(new BasicNameValuePair("login", "***"));
    nvps.add(new BasicNameValuePair("passwd", "***"));

    // Set proper entity
    httpPost.setEntity(new UrlEncodedFormEntity(nvps));

    CloseableHttpResponse response = httpclient.execute(httpPost);
    try {
        HttpEntity entity = response.getEntity();
        EntityUtils.consume(entity);
    } finally {
        response.close();
    }

Code using to get main page content (URIBuilder is passed as an argument):

    // Build URI
    URI uri = builder.build();
    HttpGet httpget = new HttpGet(uri);

    // Prepare cookie store
    RequestConfig globalConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.BROWSER_COMPATIBILITY).build();
    CookieStore cookieStore = new BasicCookieStore();
    HttpClientContext context = HttpClientContext.create();
    context.setCookieStore(cookieStore);

    // Prepare http Client
    CloseableHttpClient httpclient = HttpClients
            .custom()
            .setDefaultRequestConfig(globalConfig)
            .setDefaultCookieStore(cookieStore)
            .build();

    HttpResponse response = httpclient.execute(httpget);
    HttpEntity entity = response.getEntity();
    String entityContents = "";
    int respCode = response.getStatusLine().getStatusCode();

    if (entity != null) {
        entityContents = EntityUtils.toString(entity, "UTF-8");
        EntityUtils.consume(entity);
    }
    httpclient.close();

Is my GET request using cookie store? Why I can't get "logged in" version of the page?

La solution

Solution was very simple - httpclient didn't use any default in-memory store for cookies and I was making false assumption that it has some.

When I stored cookies on the side (and serialized them) and then - started GET request with deserialized cookies - everything worked well.

So after POST request (login):

CookieStore cookieStore = httpClient.getCookieStore();
List<Cookie> cookies = cookieStore.getCookies();

Then - serialize that list in some way. When doing GET request:

CookieStore cookieStore = new BasicCookieStore();
for(int i =0;i<cookies.length;i++) {
    cookieStore.addCookie(cookies[i]);
}

Licencié sous: CC-BY-SA avec attribution

Non affilié à StackOverflow