Re: How to login to a site using cookie? (not applet)

On Jul 14, 2:24 am, Roedy Green <see_webs...@xxxxxxxxxxxxxxxxxxxx>
wrote:

seehttp://mindprod.com/jgloss/authenticator.html

You simply write code to provide id/password and Java magically does
the rest.
--
Roedy Green Canadian Mind Products
The Java Glossaryhttp://mindprod.com

Thanks Roedy.

What about Cookie? Firefox stores this cookie called "stn"
after I logged in, but if I delete this cookie and refresh,
I will be kicked back to the front login screen. So I think
it is the session id cookie. Don't I need to send back
a session id every time I POST?

Also, how does the Autheticator knows what are the <input>
names for the username and password? Shouldn't they be specified
somehow? (for this site, they are "LoginName" and "Password")

Below is my attempt using the Autheticator, but instead of
next_page being the string of the next page after a successful login,
it returned the front page of the site. So the method is not
successful. Do you have any idea what is wrong?

Many thanks!

Anthony

My Code
========
import java.net.*;
import java.io.*;

public class Test2 {

private String login_url_str = "https://www.comsec.com.au/
Default.aspx";

public Test2() {
}

public static void main(String[] args) {
Test2 test1 = new Test2();
test1.execute();
}

private void execute() {
//Setup for https
java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.
Provider());
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");

Authenticator.setDefault( new MyAuthenticator() );

try {
URL url = new URL(login_url_str);
//For handling POST request
String next_page = getURLPostString(url,"");
System.out.println(next_page);

} catch (IOException ex) {
System.out.println(ex);
System.exit(1);
}

}

/** Post a string to an URL and get the reply as a string. Returns
an empty
string if things didn't work out. */
//code from: http://martin.nobilitas.com/java/cookies.html
private String getURLPostString(URL url, String body) {
StringBuffer sb = new StringBuffer();

// find the newline character(s) on the current system
String newline = null;
try {
newline = System.getProperty("line.separator");
} catch (Exception e) {
newline = "\n";
}

try {
// URL must use the http protocol!
HttpURLConnection conn = (HttpURLConnection)
url.openConnection();

conn.setRequestMethod("POST");
conn.setAllowUserInteraction(false); // you may not ask
the user
conn.setDoOutput(true); // we want to send things
// the Content-type should be default, but we set it
anyway
conn.setRequestProperty("Content-type",
"application/x-www-form-
urlencoded");
// the content-length should not be necessary, but we're
cautious
conn.setRequestProperty("Content-length",
Integer.toString(body.length()));

// get the output stream to POST our form data
OutputStream rawOutStream = conn.getOutputStream();
PrintWriter pw = new PrintWriter(rawOutStream);

pw.print(body); // here we "send" our body!
pw.flush();
pw.close();

// get the input stream for reading the reply
// IMPORTANT! Your body will not get transmitted if you
get the
// InputStream before completely writing out your output
first!
InputStream rawInStream = conn.getInputStream();

// get response
BufferedReader rdr = new BufferedReader(new
InputStreamReader(
rawInStream));
String line;

while ((line = rdr.readLine()) != null) {
sb.append(line);
sb.append(newline);
}
return sb.toString();
} catch (Exception e) {
System.out.println("Exception " + e.toString());
e.printStackTrace();
}
return ""; // an exception occurred
}


}


class MyAuthenticator extends Authenticator
{
/**
* Called when password authorization is needed.
* @return The PasswordAuthentication collected from the
* user, or null if none is provided.
*/
protected PasswordAuthentication getPasswordAuthentication()
{
return new PasswordAuthentication ( "usernameblah",
"passwordblah".toCharArray() );
}
}



.

Relevant Pages

  • Re: DESPERATE: FormsAuthentication Problem
    ... >>> database and create a semicolon delimited string listing the roles ... >>> them in the forms authentication cookie. ... >>> Dim authTicket As FormsAuthenticationTicket = New ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Strange Role-Based authentication problem!
    ... I'd run Trace=true on your page to see if you're getting two ASP.NET forms authentication cookies. ... Since you're setting the cookie manually and then callings FormsAuth.SetAuthCookie, it's also adding in its own cookie. ... dsn.Close; string strRole = ""; ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Cookie question
    ... that grabs a cookie value: ... why is it checking if endStr equals to false? ... boolean value is required a number type-converts to boolean as; ... returns the index of the argument string within the subject string as an ...
    (comp.lang.javascript)
  • Re: Ticket disappears when browser is closed
    ... be careful - if the cookie is save to the users harddrive - anyone who has access to that directory can grab the cookie and bypass authentication. ... Dim New DatabaseUser ... Dim userData As String = DatabaseUser.UserData ... ByVal PersonID As Integer, ByVal roles As String) ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Whats wrong with this code?
    ... Our CMS sets a cookie when you login. ... at the class level rather than instance level, ... Public Shared su_strEmail As String ...
    (microsoft.public.dotnet.framework.aspnet)
Loading