Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem HTTPSURLConnection for Siteminder authentictaion

 
Amit Narlawar
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
[color=blue]Hi All,



I need help in debugging my issue with ca Siteminder login.fcc connection with javax.net.ssl.HTTPSURLConnection java client.



I am creating HTTPSURLConnection client and POST ing my request with valid USER, PASSWORD and target parameter to https://<myDomain>.com/siteminderagent/forms/login.fcc, actually I am expecting to get redirected to success (target) page or sucessful SMSESSION as a header response.



But instead siteminder is redirecting my request to unsuccessful/ invalid credentials page.



Following is my code snippet, Please see anybody an give me vital inputs to resolve this. Any help would be appreciated a lot.



Same program I wrote using Apache commons HTTPClient library, that worked fine, however we don't want to use Apache commons for this implementation.






Please help me in resolving this issue, as I got stuck in resolving this.[/color]
 
Barra mundi
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Probably better off using Apache's HTTPClient
SiteMinder Agent requires HTTP 1.1 protocol which means the request header must have host: <hostname>
I think the default URLConnection doesn't send that header and cookie handling is nightmare
 
Gaston Lagaffe
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not sure if this is still useful, nonetheless, here is a solution that does http post identification to siteminder and that works on our Intranet.

There are 2 specificities to our network mentioned in the code:
- The last redirection URL in my case is something like http://bugger.url?GOTO=http://good.url. This is because bugger.url displays a warning message (you have accessed a network controlled by blahblah)
- The last cookie send back (client to server) has a value like c_ein=username. I don't understand the reason behind this. I discovered it by chance trying to login to Siteminder with a web browser and a cookie that did not have this value. the web page showed an error that helped me solve this.

 
Gaston Lagaffe
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sorry the line that reads:



Should read:


 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic