• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

can not get session id from cookie when use HttpFormBasedAuthCredential

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all :
I am using websphere portal server 5.0.0 and use a portlet to implement single sign on when connect to a back end system which works on microsoft iis 5.0 server. The back end system is using a form based log in page so I use HttpFormBasedAuthCredential to log in,after I got a httpUrlconnection to one of it's securitied page ,I want to get session id from the connection which I get set the session id to my current response.I think in this way I can realize the sso.The following is my code,but it's not work,I can get cookies from the connection but not include sesson id after I log in,to my surprise I can get the session id before I log in ! can anyone give me any suggestion ? thanks in advance.
---------------------------------------------------------------------------
HashMap config = new HashMap();
config.put( HttpFormBasedAuthCredential.KEY_USERID_ATTRIBUTE_NAME,sessionBean.getUserParameter());
config.put( HttpFormBasedAuthCredential.KEY_PASSWORD_ATTRIBUTE_NAME,sessionBean.getPwdParameger());
config.put( HttpFormBasedAuthCredential.KEY_LOGIN_URL, sessionBean.getLoginUrl());
config.put( HttpFormBasedAuthCredential.KEY_LOGOUT_URL,sessionBean.getLogoutUrl());
config.put( HttpFormBasedAuthCredential.KEY_USE_AUTH_COOKIES, Boolean.TRUE);
List formData= new ArrayList();
formData.add("login=Login");
config.put( HttpFormBasedAuthCredential.KEY_FORM_DATA, formData);
try {
credential = (HttpFormBasedAuthCredential)
vaultService.getCredential(slotId, "HttpFormBasedAuth", config, request);
} catch (PortletServiceException serviceExc) {
throw(new PortletException("Credential vault error, please contact your admin!", serviceExc));
} catch (CredentialSecretNotSetException userExc) {
throw(new PortletException("Credential not set. Please set it in the edit mode! ", userExc));
}
try {
//use credential object to log in at the backend server
credential.login();

//get an authenticated connection to the backend server and send the actual request
java.net.HttpURLConnection connection = credential.getAuthenticatedConnection(sessionBean.getTargetUrl());
// get cookies from connection

String headerField = null;
String key = null;
String cstr = null;
int i = 0;
// Find the cookies in the headers and store them
// Have to check the field first b/c the HTTP status will have a null
// key - yuck
while((headerField = connection.getHeaderField(i)) != null) {
if ((key = connection.getHeaderFieldKey(i)) != null &&
key.equalsIgnoreCase("Set-Cookie")) {
// Store cookie as a response parameter.
cstr = headerField;
}
i++;
}

/** end of cookie **/
//String cstr = connection.getHeaderField("Set-Cookie");
System.err.println("!!!Cookie -> " + cstr);

---------------------------------------------------------------------------
I use the string Set-Cookie to get the session id, may be it use others,but if I log all the headfield I can't find anyting include the session id.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic