my dog learned polymorphism
The moose likes Sockets and Internet Protocols and the fly likes Problem HTTPSURLConnection for Siteminder authentictaion Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "Problem HTTPSURLConnection for Siteminder authentictaion" Watch "Problem HTTPSURLConnection for Siteminder authentictaion" New topic

Problem HTTPSURLConnection for Siteminder authentictaion

Amit Narlawar

Joined: Mar 17, 2011
Posts: 1
[color=blue]Hi All,

I need help in debugging my issue with ca Siteminder login.fcc connection with java client.

I am creating HTTPSURLConnection client and POST ing my request with valid USER, PASSWORD and target parameter to https://<myDomain>.com/siteminderagent/forms/login.fcc, actually I am expecting to get redirected to success (target) page or sucessful SMSESSION as a header response.

But instead siteminder is redirecting my request to unsuccessful/ invalid credentials page.

Following is my code snippet, Please see anybody an give me vital inputs to resolve this. Any help would be appreciated a lot.

Same program I wrote using Apache commons HTTPClient library, that worked fine, however we don't want to use Apache commons for this implementation.

Please help me in resolving this issue, as I got stuck in resolving this.[/color]
Barra mundi

Joined: Mar 21, 2011
Posts: 1
Probably better off using Apache's HTTPClient
SiteMinder Agent requires HTTP 1.1 protocol which means the request header must have host: <hostname>
I think the default URLConnection doesn't send that header and cookie handling is nightmare
Gaston Lagaffe

Joined: Jul 14, 2011
Posts: 2
Not sure if this is still useful, nonetheless, here is a solution that does http post identification to siteminder and that works on our Intranet.

There are 2 specificities to our network mentioned in the code:
- The last redirection URL in my case is something like http://bugger.url?GOTO=http://good.url. This is because bugger.url displays a warning message (you have accessed a network controlled by blahblah)
- The last cookie send back (client to server) has a value like c_ein=username. I don't understand the reason behind this. I discovered it by chance trying to login to Siteminder with a web browser and a cookie that did not have this value. the web page showed an error that helped me solve this.

Gaston Lagaffe

Joined: Jul 14, 2011
Posts: 2
sorry the line that reads:

Should read:

I agree. Here's the link:
subject: Problem HTTPSURLConnection for Siteminder authentictaion
It's not a secret anymore!