troubleshooting Question

cannot get set-cookie when connecting with java urlconnection on a ssl page for login

Avatar of benchpresser
benchpresser asked on
JavaWeb ServersInternet Protocols
7 Comments1 Solution1881 ViewsLast Modified:
hi.
i want to login to a ssl page with an java application with username and password.
the page is https://secure...

the remote is asp.net application.

i tried urlconnection and httpurlconnection in my app. it fails logging.

when i login firefox+firebux i get the following:

Cache-Control      private
Content-Length      143
Content-Type      text/html; charset=utf-8
Date      Fri, 10 Feb 2012 01:18:22 GMT
Location      /data/community/index.aspx
Server      Microsoft-IIS/6.0
Set-Cookie      .ASPXAUTH=74D1555D330EFB9F8C59ACA42FA11AA83A04913CB9BC27B6966936CAFFB75EE9122ECC4D7E55DC4FC8DABD947A074250627B0E51245337FAE38D357149DFC5436FCECE7DEE158739BB2F4753B65DBC8A; path=/
X-AspNet-Version      1.1.4322
X-Powered-By      ASP.NET

but when i connect with my java app and get all response headers and cookies, i see all of them above except the set-cookie. why is the set-cookie not seen? because i do not have the set-cookie, i can not continue.

when i manually set the .ASPXAUTH to my request, i see the desired response. but of couse the .ASPXAUTH has a time interval and becomes invalid after some time.

when the .ASPXAUTH is set, then we have another set-cookie which starts: user-roles=...

how can i solve it?

- i also tried some httpsurlconnection, but did not enter into the detailed topic of keystore, certificates, x509, jsse.jar. do i have to use keytool and register the certificate to java environment?

- i tried setInstanceFollowRedirects to false which stated on some forums, should i try to manipulate some other flags?

- should i use cookie managers, handlers and set some request properties using the cookie stuff?

- on some forums it is said that java's url connection is very poor and works barely. it fails when using cookies in order to perform session-login acitivities. using apache http client is suggested. should i try that?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 7 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros