I am designing a third party application that requires a POST request to be sent to a php file on a website and hopefully I should get a response. The site requires me to be logged in in order to make this request normally through the site by pressing a button on it. If I do
Url obj = new URL("http://www.dota2lounge.com/ajax/bumpTrade.php";
HttpUrlConnection con = (HttpUrlConnection) obj.openConnection();
con.setRequestProperty("User-Agent", "Chrome/36.0.1916.144");
And then continue to carry out the POST request, will the site recognize that I am sending this from my Chrome browser in which I am already logged in? Thanks
will the site recognize that I am sending this from my Chrome browser in which I am already logged in?
No, it will not. Imagine how easy it would be to spoof the authentication system of a web application if it worked that way.
Logins typically work by sending Cookies or other headers. You need to send those to authenticate your request. For this to work as if you were logged in with your Chrome application, you'll need to find the corresponding cookies that Chrome stored and send those.
You can find from the link i shared how you can make the authentication.
https://stackoverflow.com/a/3283496/1257445
After you have made an authentication you can make a post request using the session
Related
I am using HttpURLConnection from android application for connecting rest services via POST method.
it is reaching to my server and after login server is setting some cookie to the response.
but when i am sending further requests then cookie is not going along with those requests.
please tell me the way to do it.
Thanks in advance
You should get the cookies from the login request and then send them as a request parameter in all the subsequent requests. You can set it like this:
conn.setRequestProperty("Cookie", YOUR_COOKIES_FROM_LOGIN_REQUEST);
You can find a demo here.
https://www.cbz.com Link when pasted in IE or chrome Doesn't ask for authentication but when I write java code hitting the same URL I get Error 401.
I am in client's network and i don't know his credentials but I still want to hit the URL and generate the token.
Note :I do not provide Username Password of the client in httpurlconnection and want the functionality like the browsers(i.e without asking for uid/pwd).
Anything shared by anyone will be much appreciated!!!
You need to pass the crediantials, either use single signon using providers like SiteMinder or an LDAP authentication.
I am working on small Java project to programmatically connect to a website with username/password, after login, browse to different links on the site to download some data. First, I need to connect to the website with username/password,
second, while I keep the session open, go to other links to download data.
How do I do this in Java?
Any help will be highly appreciated!
Check out the Apache HTTPClient, it can do all this for you.
Edit: Apache HTTPClient has authentication and cookie handling features included, which will save you a lot of work doing this yourself.
If you want to extract some data HtmlUnit can help you a lot it can manage the authentication and also help you with data extraction.
Investigate with your browser how the web page submits the username/pass data? HTTP Form POST, Ajax, etc..? Use a plugin like Firebug to see network traffic.
You can use URLConnection to create HTTP requests. You will neet to simulate a username/pass login and remember the cookie for use in consequent HTTP requests to simulate a session. Here are some examples: send HTTP POST request, get a cookie, send a cookie.
I want to create a small java application to copy some wiki content from one server to another. The API is based on the XML-RPC.
Basically I have three methods, login, getPage and putPage. I use Apache HttpClient 3.x and managed to use login to login successfully and getPage to get a page from the old wiki correctly.
Authentication is handled with cookies: I log into the new wiki and some cookies are set on the corresponding httpclient. The doku tells me that one of those cookies is used for authentification.
Then I execute putPage with another POST method on the same httpclient and the server responds with a authentication failure message.
The code sequence goes like this (very reduced):
HttpClient client = new HttpClient();
PostMethod postLogin = createNewPostMethod("login", "user", "pw");
client.executeMethod(postLogin);
// Now I'm logged in and the client definitly has stored the cookies
PostMethod postPutPage = createNewPostMethod("putPage", getPage());
client.executeMethod(postPutPage); // the server won't let me put the page
Should it work like that or do I have to add the cookies manually to the second post method and, if yes, how?
Edit / Solution
With the help of the answers to this question I was able to identify and solve the problem, which was outside of the usage of httpclient. At the end it was a configuration issue on the target wiki side. The answers here helped me to ask the right questions in another forum.
Cookies are handled by HTTPClient by default. You shouldn't have to do anything to have cookies work properly.
Source:
http://www.innovation.ch/java/HTTPClient/getting_started.html#cookies
Edit for Apache HTTP Client:
Apache HTTP Client behaves the same :-)
Here is the source:
http://hc.apache.org/httpclient-3.x/cookies.html
You can set manually cookies with HTTP Client but it will handle correctly cookies created during your connection.
HttpClient supports automatic management of cookies, including allowing the server to set cookies and automatically return them to the server when required. It is also possible to manually set cookies to be sent to the server.
Resources :
Apache HttpClient - cookies
I have historically used this when I wanted to accept cookies with HttpClient
postPutPage.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
I am trying to login and retrieve status information from a HTTPS URL via Java programming. I login through /login.cgi, providing the username and password with a POST request to that script.
The script then verifies the credentials and creates a specific cookie (with session information, user name, etc.) and then immediately calls a Location response header to /home.cgi. Which, I'm guessing, the /home.cgi script verifies the cookie information before continuing to load. Otherwise, it just reverts back to the /login.cgi page.
All of this works fine within a browser because of the way browser's handle cookies/sessions correctly. However, within Java, this is very tricky because I can not get the appropriate cookie to send as a request to subsequent pages. I can not get the correct cookie because I am unable to get the HTTP response back (which holds the correct "Set-cookie" value) in between /login.cgi creating the specific cookie and it calling Location /home.cgi.
Is there something I'm missing or is there a better way that Java can handle cookies similar to a browser? (is there a cookie store, etc?)
Thanks for the help,
Steve
Cookie management is by default not enabled in the java.net HTTP API. If you don't need any specific handling or cross-application cookie persistence (the cookies will be deleted when your application terminates), you can simple enable it with
CookieHandler.setDefault(new CookieManager());
How are you making the HTTP connections and managing cookies?
I would recommend just using commons-httpclient rather than managing this yourself. It will automatically manage cookies for you.