AndroidHttpClient and Cookies

Question

Using the AndroidHttpClient with cookies gives me intermixed 200 ok and 403 forbidden responses. I'm not sure what I am doing wrong.

I'm using the AndroidHttpClient in the following manner:

I have several background thread classes, and each one does the following:

HttpGet get...
HttpClient client = AndroidHttpClient.newInstance("Android");
HttpContext http_context = HttpSupport.getHttpContextInstance(); 
CookieStore cookie_store = HttpSupport.getCookieStoreInstance();
http_context.setAttribute(ClientContext.COOKIE_STORE, cookie_store);
client.execute(

HttpSupport is a class with two static fields; a CookieStore and a HttpContext:

public class HttpSupport {

private static HttpContext _context;
private static CookieStore _cookieStore;

public static synchronized HttpContext getHttpContextInstance() {
    if (_context == null) {
        _context = new BasicHttpContext();
    }
    return _context;
}

public static synchronized CookieStore getCookieStoreInstance() {
    if (_cookieStore == null) {
        _cookieStore = new BasicCookieStore();
    }
    return _cookieStore;
}

}

Is it ok to have multiple instances of the AndroidHttpClient in the application? Am I storing the cookies correctly?

are you using different instances of your client throughout your code? Are you sure your server isn't expiring one of your sessions which is causing the issue? — Matt Wolfe, Jun 12 '12 at 05:35
I was using different instances of the client throughout the code. I changed to using using a singleton DefaultHttpClient. — benkdev, Jun 15 '12 at 22:01

score 5 · Answer 1 · answered Jun 11 '12 at 21:41

5

I would recommend using the Android Asynchronous HTTP Client

It implements its own persistent cookie store (PersistentCookieStore) which is really easy to use. In fact, if you don't want to use the library for its asynchronous abilities you could just use it for the Persistent Cookie Store that it provides.. However the asynchronous abilities of it are highly worth while.

So to use it with your current class you could simply make a change in your HttpSupport class that has

public static synchronized CookieStore getCookieStoreInstance(Context context) {
    if (_cookieStore == null) {
        _cookieStore = new PersistentCookieStore(context);
    }
    return _cookieStore;
}

Note that you will have to add the context to the method as it is required for the PersistentCookieStore to work.

answered Jun 11 '12 at 21:41

Matt Wolfe

8,924
8
60
77

please give a reason for the downvote. I am using the AndroidHttpClient with the cookie store mentioned as well and found the persistent cookie store from this library to work well. The other obvious solution is to not use the android httpclient but instead use DefaultHttpClient as described here http://stackoverflow.com/questions/5410823/how-to-use-defaulthttpclient-in-android – Matt Wolfe Jun 12 '12 at 04:21
Was meant to be an up vote -.- I want to change it but it wont let me. make an edit of some type so I can? Thanks :) – FabianCook Jun 12 '12 at 21:52
It's ok. While not a great answer I just felt like it didn't deserve a downvote. 2 points though doesn't hurt much. I think the OP really should try that library though (both for the cookie store and to use async http calls to simplify his app).. It looks like http auth is fully supported by it. – Matt Wolfe Jun 13 '12 at 07:25
I would not recommend android-async-http. It worked fine for me for some time, but today suddenly started throwing random glitches, like ignoring HTTP errors and going to infinite loop when remote server is unreachable. – zed_0xff Jan 10 '13 at 22:09
I actually don't use it but I do use the cookie store from it.. probably overkill but it works well. – Matt Wolfe Jan 10 '13 at 22:10

score 1 · Accepted Answer · edited May 23 '17 at 11:58

HttpClient automattically stores the cookies I have found, you should really be doing all this in an async task (as to Android 3.0> requirments).

The 200 response is when everything has been sent through right and the file you want is avaliable to you, this isn't a problem.

The 403 error is pretty obvious, does this server require some type of log in to get the file or webpage? This is what you should investigate, a way to work out how to log in is to use something like google chrome, right click on the webpage, go inspect element, then watch the network files going through, log in, watch for a post request. Find out how the website works.

Have a look here for a async task: HTTP POST request ANDROID 4 (working in 2.3)?

I believe you can have multiple instances of HttpClient, but to be using the same cookies you should be using one for everything that is connected

For eg:

You should have one HttpClient to log in, then request a page using get, do what ever you need to do etc.

Sorry I relised you were using AndriodHttpClient not HttpClient, AndroidHttpClient does not store cookies by default so yeah, Any reason why you are using AndroidHttpClient over HttpClient?

I think to use HttpClient you need to import the Apache library. I'm using multiple clients because I have multiple threads making requests. — benkdev, Jun 11 '12 at 21:59
I didn't need to import the Apache library? Couldn't you make a static reference to the client and the reference the client from all of the threads? — FabianCook, Jun 12 '12 at 00:47
I'm doing that now but still getting a mix of 403s and 200s :/ — benkdev, Jun 12 '12 at 16:58

AndroidHttpClient and Cookies

2 Answers2