Hello,

I have a big problem. I want to use java to authenticate on secured websites. I took Yahoo Answers Website as an example. I made the post request, but , instead of redirecting me to the page it supposes to , it redirects me to a page saying my browser rejected cookies. I'm setting user-agent as IE 7.0, and in my IE browser, I set to accept all cookies.


Please help, I need your help ASAP!


Thank you very much,


Octavian<br><br>Post edited by: tavy88, at: 2009/12/26 05:36

Hi tavy88,
your post is quite confusing. You said you want to authenticate using java, and then you write you are using internet explorer. If you meant it the way that you have a program in java which creates this POST request, and has a user-agent set to internet explorer, then yes, the server may refuse you because your simple java client isn\\\'t really accepting the cookies.

Why don\'t you try to use libraries like httpunit, h ttp://httpunit.sourceforge.net/ or HTTPClient : h ttp://www.innovation.ch/java/HTTPClient/ which should also support HTTPS.

Cheers, Matto<br><br>Post edited by: matto, at: 2009/12/26 16:28

Hello, Sir


Yes, I use HttpClient classes and yes I set the user-agent to IE. I thought if I set security in the IE browser, it may help.It didn't. I also printed out the headers of my server response, and I see there the cookies ok, but, the &quot;Location:&quot;, if I copy and paste in a browser, it takes me to a page saying : &quot;Your browser rejected your cookies and refuses to sign in&quot;.


Please, can you help me?


Regards,

Octavian

I'm not that much familiar with this set of classes, but it seems that there is a separate module for handling the cookies:

h ttp://www.innovation.ch/java/HTTPClient/advanced_info.html
(section CookieModule)

Cite:

&quot;This module implements cookies as defined by Netscape's cookie spec and the latest HTTP State Management Mechanism spec. During response processing it intercepts and parses the Set-Cookie and Set-Cookie2 header fields (removing them from the response in the process), and during request processing it adds all eligible cookies to the requests.

Because of privacy issues surrounding cookies, whenever the server tries to set a cookie a policy handler is invoked to see whether this cookie should be accepted. The default handler brings up a popup describing the cookie and allowing the user to accept or reject it; the user may also summarily accept or reject cookies from whole domains. You may substitute your own policy handler using the setCookiePolicyHandler() method. If you set the handler to null then all cookies will be silently accepted. If you do not want any cookies to be accepted then either remove the CookieModule from the list of modules or set your own handler which always returns false. The handler must implement the CookiePolicyHandler interface. &quot;

So it means that you probably have to use the setCookiePolicyHandler(null) so all cookies will be accepted. Later you should probably write your own handler.

Yes I know that, and I tried it but with no luck. I also looked at your HttpUnit classes, and from FAQ I see they have big problem with ssl communication, so I guess it won't help me either.

What can I do? Can't Java handle this tiny thing? I hear C# has a class too that does it all. Is Java weaker than C#? Please need an urgent solution in Java.

I don't think it's because Java is weak or something. This is a problem which is quite common and you just need to find out why it doesn't work in your case.

Regarding HttpClient (not HttpUnit), I see there is a support for SSL:
h ttp://hc.apache.org/httpclient-3.x/sslguide.html

so there should be no problem with it at all. Maybe posting your code would help.

You can also try to run the code from the section Troubleshooting on the mentioned page:

Troubleshooting
The application below can be used as an ultimate test that can reliably tell if SSL configured properly, as it relies on a plain socket in order to communicate with the target server. If an exception is thrown when executing this code, SSL is not correctly installed and configured. Please refer to Sun's official resources for support or additional details on JSSE configuration.

Can I send it to your e-mail. I can't post it here due to the rules against links.

Hi thanks for that information that's helpful!!!!

how can i get orders or bids so that i work on them