i want to login to a ssl page with an java application with username and password.
the page is https://secure
the remote is asp.net application.
i tried urlconnection and httpurlconnection in my app. it fails logging.
when i login firefox+firebux i get the following:
Content-Type text/html; charset=utf-8
Date Fri, 10 Feb 2012 01:18:22 GMT
Set-Cookie .ASPXAUTH=74D1555D330EFB9F8C59ACA42FA11AA83A04913CB9BC27B6966936CAFFB75EE9122ECC4D7E55DC4FC8DABD947A074250627B0E51245337FAE38D357149DFC5436FCECE7DEE158739BB2F4753B65DBC8A; path=/
but when i connect with my java app and get all response headers and cookies, i see all of them above except the set-cookie. why is the set-cookie not seen? because i do not have the set-cookie, i can not continue.
when i manually set the .ASPXAUTH to my request, i see the desired response. but of couse the .ASPXAUTH has a time interval and becomes invalid after some time.
when the .ASPXAUTH is set, then we have another set-cookie which starts: user-roles=...
how can i solve it?
- i also tried some httpsurlconnection, but did not enter into the detailed topic of keystore, certificates, x509, jsse.jar. do i have to use keytool and register the certificate to java environment?
- i tried setInstanceFollowRedirects
to false which stated on some forums, should i try to manipulate some other flags?
- should i use cookie managers, handlers and set some request properties using the cookie stuff?
- on some forums it is said that java's url connection is very poor and works barely. it fails when using cookies in order to perform session-login acitivities. using apache http client is suggested. should i try that?