Re: help: httpurlconnection to login.yahoo.com over an insecure connection
From: andrzej semeniuk (andrzejsemeniuk_at_yahoo.com)
Date: 04/25/04
- Next message: Raymond DeCampo: "Re: Help clearing http.proxyHost system propery"
- Previous message: szymex: "Re: How to get lastmodified date of file (which is in internet)"
- In reply to: Roedy Green: "Re: help: httpurlconnection to login.yahoo.com over an insecure connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 25 Apr 2004 11:19:52 -0700
well, from what i learned it's possible to send several types of
messages to yahoo in different formats (correct me if i'm wrong).
1. send a GET message embedding all request properties in the url, ie.
http://login.yahoo.com/config/login?.tries=1&.login=...
2. send a GET message using doOutput(), ie.
http://login.yahoo.com/config/login
Then embed your parameters ".tries=1\r\n&.login=..." using URLEncoder
and send them to the output stream of url connection
3. send a POST message using doOutput()
Just like 2, but you must set the request property Content-Type to
application/x-www-form-urlencoded, because you're sending the
parameters as if from the login_form. Then embed the parameters
".tries=1\r\n.login=..." and send them to the output stream of url
connection.
no matter what method i use i get the same response: in each case i
was expecting a 302 response, but got a 200 response with a refreshed
login.yahoo.com page containing a different challenge string (i
interpret this that the authentication failed on the server side).
since http is a client/server protocol and is composed of only a
single request/response loop, i have first opened the original
connection (t_http0) to login.yahoo.com to obtain challenge, then
opened a new connection (t_http1) to login.yahoo.com passing in the
hashed password, and then opened a new connection to my desired page
with assumed sign-in (t_http2) to finance.yahoo.com. i transfered
cookies from each connection to the next (ie. from t_http0 to t_http1,
and from t_http1 to t_http2 by reading header fields and adding
request properties), but this didn't work as well: the t_http2 input
stream contains the 'sign in' text that is visible on generic
finance.yahoo.com pages.
Roedy Green <see@mindprod.com.invalid> wrote in message news:<mevm80958ka5e9a6vlds96frstamts5f3j@4ax.com>...
> On 24 Apr 2004 22:21:51 -0700, andrzejsemeniuk@yahoo.com (andrzej
> semeniuk) wrote or quoted :
>
> >i'm trying to log in to yahoo from a java application and am having
> >problem figuring out what parameters to pass and which method to use.
> >i use an httpurlconnection and attempt to send a 'get' message to
> >login.yahoo.com, similarly as the javascript embedded in the yahoo
> >login page. i use an md5 algorithm (java.security.MessageDigest).
> >below is the code that causes me problems. the algorithm is as
> >follows:
>
>
> Here are some tools that may help you.
>
> see http://mindprod.com/jgloss/sniffer.html for protocol sniffers so
> you can watch exactly what your browser does.
>
> see http://mindprod.com/jgloss/fileio.html so you can see how to do
> the posts and gets in Java.
- Next message: Raymond DeCampo: "Re: Help clearing http.proxyHost system propery"
- Previous message: szymex: "Re: How to get lastmodified date of file (which is in internet)"
- In reply to: Roedy Green: "Re: help: httpurlconnection to login.yahoo.com over an insecure connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
