I need to find a way to go into tomcat programmatically and bypassing the
form based authentication.
I turned on form based authenticated by adding security-constraint in
web.xml. As a result of that, I need to type in admin, admin as user name
and password to assess a page called hello.jsp. The way the form based works
is that it uses j_security_check by passing user name and password using
NameValuePair. I can log in ok manually.
Here's the error when I used httpclient.jar:
The time allowed for the login process has been exceeded. If you wish to
continue you must either click back twice and re-click the link you
requested or close and re-open your browser</u></p><p><b>description</b>
<u>The client did not produce a request within the time that the server was
prepared to
wait (The time allowed for the login process has been exceeded. If you wish
to continue you must either click back twice and re-click the link you
requested or
close and re-open your browser).
I've turned on debugging. Somehow the the AuthenticatorBase or
FormAuthenticator authenticates different from the httpclient.jar than my
browser.
Thanks for Any Help,
Derek
Below is the code using httpclient.jar:
import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.auth.*;
import org.apache.commons.httpclient.methods.*;
import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.httpclient.params.HttpMethodParams;
import java.io.*;
public class DoForm {
static{
System.setProperty("org.apache.commons.logging.Log",
"org.apache.commons.logging.impl.SimpleLog");
System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
"true");
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire
", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.comm
ons.httpclient", "debug");
}
//private static String url = "http://128.18.245.102:14035";;
// private static String
url1="http://128.18.245.102:14035/kw-saf-admin";;
static final String LOGON_SITE = "localhost";
static final int LOGON_PORT = 8080;
static final String LOGON_EXT="self-login";
private static String
url1="http://"+LOGON_SITE+":"+LOGON_PORT+"/"+LOGON_EXT;
public static void main(String[] args) {
// Create an instance of HttpClient.
HttpClient client = new HttpClient();
// Create a method instance.
PostMethod method = new PostMethod(url1+"/j_security_check");
//GetMethod method = new GetMethod(url1+"/j_security_check");
NameValuePair [] data = { new NameValuePair("j_username", "admin"),
new NameValuePair("j_password", "admin"),
new NameValuePair("action", "j_security_check"),
new NameValuePair("url", "login.jsp")
};
method.setRequestBody(data);
try {
// Execute the method.
int statusCode = client.executeMethod(method);
if (statusCode != HttpStatus.SC_OK) {
System.err.println("Method failed: " + method.getStatusLine());
} // Read the response body.
System.out.println("Login form post: " + method.getStatusLine().toString());
// release any connection resources used by the method
byte[] responseBody = method.getResponseBody();
method.releaseConnection();
// See if we got any cookies
// The only way of telling whether logon succeeded is
// by finding a session cookie
CookieSpec cookiespec = CookiePolicy.getDefaultSpec();
Cookie[] logoncookies = cookiespec.match(
LOGON_SITE, LOGON_PORT, LOGON_EXT, false,
client.getState().getCookies());
System.out.println("Logon cookies:");
if (logoncookies.length == 0) {
System.out.println("None");
} else {
for (int i = 0; i < logoncookies.length; i++) {
System.out.println("- " +
logoncookies[i].toString());
}
}
// Deal with the response.
// Use caution: ensure correct character encoding and is not binary data
System.out.println(new String(responseBody));
} catch (HttpException e) {
System.err.println("Fatal protocol violation: " + e.getMessage());
e.printStackTrace();
} catch (IOException e) {
System.err.println("Fatal transport error: " + e.getMessage());
e.printStackTrace();
} finally { // Release the connection. method.releaseConnection();
}
}
}
