0

I'm using HttpComponents 4.5.5 and I'm trying to send the cookie which I got from a previous get-request to another side of the same domain via post-request. I need to send the received cookie because of the session_id.

private static final String url = "http://test.asdf.com:2222";

public static void main(String[] args) throws ClientProtocolException, IOException, JSONException {
    startGuide();
}

public static void startGuide()
        throws ClientProtocolException, IOException, UnsupportedCharsetException, ParseException, JSONException {
    // HttpClient
    CloseableHttpResponse closeableHttpResponse;
    CookieStore cookieStore = new BasicCookieStore();
    RequestConfig globalConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).build();

    CloseableHttpClient httpClient = HttpClients.custom().setDefaultCookieStore(cookieStore)
            .setDefaultRequestConfig(globalConfig).build();

    HttpClientContext context = HttpClientContext.create();
    context.setCookieStore(cookieStore);

    // ***************************************************************************************************
    // HttpGet
    HttpGet httpGet = new HttpGet(url + "/" + "site1");
    httpGet.addHeader("accept", "application/json");

    // Response
    closeableHttpResponse = httpClient.execute(httpGet, context);
    String response = EntityUtils.toString(closeableHttpResponse.getEntity());

    // Test
    System.out.println("RES: " + "site1" + " --> " + response);
    System.out.println("RES: " + "cookie" + " --> " + cookieStore);
    // ***************************************************************************************************
    // HttpPost
    HttpPost httpPost = new HttpPost(url + "/" + "site2");

    // Response
    closeableHttpResponse = httpClient.execute(httpPost, context);
    response = EntityUtils.toString(closeableHttpResponse.getEntity());

    // Test
    System.out.println("RES: " + "site2" + " --> " + response);
    System.out.println("RES: " + "cookie" + " --> " + cookieStore);
}

The Console shows the problem:

RES: site1 --> Well done!

RES: cookie --> [[version: 0][name: session_id][value: 3338009c638f990d5ef1ce4daea27fa48cba5287][domain: test.asdf.com][path: /][expiry: Thu Apr 12 20:52:30 CEST 2018]]

RES: site2 --> Where's your cookie!???

RES: cookie --> [[version: 0][name: session_id][value: 5ac5dfcfe6fcfc3468bfbbc5bdbd099a83cc3e3c][domain: test.asdf.com][path: /][expiry: Thu Apr 12 20:52:30 CEST 2018]]

The cookie from the get-request gets stored in the CookieStore but when it comes to the post-request it isn't sent to the server. So the server sends a new cookie which replaces the existing one in CookieStore.

I don't know what I'm missing. I already checked the documentation of handling cookies with HttpComponents 4.5

Solenya
  • 694
  • 6
  • 21
  • Please post a complete wire log of the session http://hc.apache.org/httpcomponents-client-4.5.x/logging.html – ok2c Apr 13 '18 at 11:40
  • @oleg I would like to when you could provide a sample of a working logging configuration. Apaches instructions sucks. – Solenya Apr 13 '18 at 15:09
  • As much as Apache instructions may suck, they _do_ contain samples of working logging configurations – ok2c Apr 13 '18 at 15:11

1 Answers1

0

The problem was the cookie itself. httponly & secure flag were set. so it won't work over http.

See also Session Cookie secure/httponly

Solenya
  • 694
  • 6
  • 21