Logging onto website with android
Basically I used a firefox extension to get post and get data from a login to my school website. I want to be able to login but when I try it says "session expired please re-login!". Here is the code I have so far can anyone tell me what I'm doing wrong? I think it has something to do with redirects because the first post should redirect to the right place but I cant get it to work and trying to get the location header throws a null pointer.
try {
super.onCreate(icicle);
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
BasicClientCookie netscapeCookie = new BasicClientCookie("UserLoginInfo", "SelectedTab=StudentLogin&RedirectURL=");
netscapeCookie.setVersion(0);
netscapeCookie.setDomain("sisk12.hannibal.k12.mo.us");
netscapeCookie.setPath("/");
cookieStore.addCookie(netscapeCookie);
localContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
HttpPost httpost = new HttpPost("https://sisk12.hannibal.k12.mo.us/hb/Default.aspx?__EVENTTARGET=&__EVENTARGUMENT=&txtUserName=xxxx&txtPassword=xxxxxx&btnLogin=Login&txtSelectedTab=StudentLogin");
HttpResponse response = httpclient.execute(httpost, localContext);
HttpEntity entity = response.getEntity();
// readResponse(response.getEntity().getContent());
//Log.w("****","Login form get: " + response.getFirstHeader("Location").getValue());
// readResponse(response.getEntity().getContent());
if (entity != null) {
entity.consumeContent();
}
Header[] headers = response.getHeaders("Location");
if (headers != null && headers.length != 0) {
String newUrl = headers[headers.length - 1].getValue();
// call again with new URL
HttpGet httpget = new HttpGet(newUrl);
entity = response.getEntity();
Log.w("****", "Login form get: " + response.getStatusLine());
response开发者_C百科 = httpclient.execute(httpget, localContext);
readResponse(response.getEntity().getContent());
} else {
Log.w("****", "No location header");
}
if (cookieStore.getCookies().isEmpty()) {
Log.w("****", "None");
} else {
for (int i = 0; i < cookieStore.getCookies().size(); i++) {
Log.w("****", "- " + cookieStore.getCookies().get(i).toString());
}
}
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
} catch (IOException ex) {
Log.e("****", Log.getStackTraceString(ex));
}
public String readResponse(InputStream input) throws IOException {
BufferedReader in = new BufferedReader(new InputStreamReader(input));
StringBuilder sb = new StringBuilder("");
String line = "";
String NL = System.getProperty("line.separator");
while ((line = in.readLine()) != null) {
sb.append(line).append(NL);
}
in.close();
String page = sb.toString();
Log.i("****", page);
return page;
}
update
I changed my code and got this response- The following error has occurred
Error Message:Failed http request begin! Technical Message:Thread was being aborted. Calling Stack:_pvt_ApplicationBeginRequestParameter List:
my code is now
static String regex ="name=\"__VIEWSTATE\" value=\"";
String getURL = "https://sisk12.hannibal.k12.mo.us/hb/Default.aspx";
String postURL = getURL;
DefaultHttpClient client = new DefaultHttpClient();
HttpContext localContext = new BasicHttpContext();
HttpGet getMethod = new HttpGet(getURL);
HttpResponse response = client.execute(getMethod, localContext);
String getString=readResponse(response.getEntity().getContent());
int start = getString.indexOf(regex)+regex.length();
String viewState = getString.substring(start, getString.indexOf('"', start+1));
Log.i("****", viewState);
HttpPost postMethod = new HttpPost(postURL);
postMethod.addHeader("__EVENTARGUMENT", "");
postMethod.addHeader("__EVENTTARGET", "");
postMethod.addHeader("__VIEWSTATE", viewState); //to be parsed from login page
postMethod.addHeader("btnLogin", "Login");
postMethod.addHeader("txtPassword", "xxxxxx");
postMethod.addHeader("txtSelectedTab", "StudentLogin");
postMethod.addHeader("txtUserName", "xxxx");
HttpResponse postResponse = client.execute(postMethod, localContext);
String postString = readResponse(postResponse.getEntity().getContent());
Log.w("****", postString);
HttpGet getGrades = new HttpGet("https://sisk12.hannibal.k12.mo.us/hb/Portal/Parent/ParentLogin.aspx");
HttpResponse response2 = client.execute(getGrades, localContext);
String getGradesString=readResponse(response2.getEntity().getContent());
Log.i("****", getGradesString);
there is a redirect in the code which should be called by the post, but I don't if apache takes care of this automatically or not and how to handle this if not?
It might have something to do with the ASP.NET session cookie.
When you load the sign-in page in a browser (https://sisk12.hannibal.k12.mo.us/hb/Default.aspx) it sets a session cookie, ASP.NET_SessionId. That cookie is then submitted when the sign-in button is clicked in the browser.
But your code isn't submitting such a cookie. Maybe it would work if you did something like this:
- load Default.aspx
- pull ASP.NET_SessionId cookie out of that request
- then run your original code, but add the session cookie too
Here are my suggestions,
- I don't see any issue with SSL unless there is some JSSE configuration issue (which is least likely with latest java versions). HttpClient can handle it without any explicit configuration. And you are in-fact hitting the site. So SSL is not an issue.
- From the error it seems it is looking for some standard session cookie in session, even before login.
- In browser it works, because first, you access the login page using GET which sends the session cookie, and then use the same page to submit the POST request. The cookies are managed by browser.
- Do the same in your code
- First access the home/login page using a GET request, then use the same instance for POST request. The cookies are maintained in httClient instance.
Don't do any explicit cookie handling (as you are doing it using
CookieManager). HttpClient is capable of managing cookie transparently without explicit handling. (assume that your httpclient instance is like a browser instance and you are using it for GET and POST)I just check the login page, there is parameter called
__VIEWSTATE, which is also posted along with credentials. This seems vital to make sure the login POST is not any source other than browser. If this is mandatory, then this makes your job tricky as you need to parse the login page html (which you can do using Jericho) get that param and send the same in post request.
Following is the reference code you can use
String getURL = "https://sisk12.hannibal.k12.mo.us/hb/";
String postURL = getURL;
HttpClient client = new HttpClient();
GetMethod getMethod = new GetMethod(getURL);
int statusCode = client.executeMethod(getMethod);
//String getResponse = getMethod.getResponseBodyAsString();
//System.out.println(getResponse);
PostMethod postMethod = new PostMethod(postURL);
postMethod.addParameter("__EVENTARGUMENT", "");
postMethod.addParameter("__EVENTTARGET", "");
postMethod.addParameter("__VIEWSTATE", "");//to be parsed from login page
postMethod.addParameter("btnLogin", "Login");
postMethod.addParameter("txtPassword", "xxxx");
postMethod.addParameter("txtSelectedTab", "StudentLogin");
postMethod.addParameter("txtUserName", "xxxx");
client.executeMethod(postMethod);
String postResponse = postMethod.getResponseBodyAsString();
System.out.println(postResponse);
You may have write some additional code if you encounter redirection.
I'm not sure but your problem can caused by SSL connection. Try set up ssl connectivity in your HttpClient.
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, "UTF-8");
SchemeRegistry sr = new SchemeRegistry();
sr.register(new Scheme(RequestScheme.HTTP.name(), PlainSocketFactory.getSocketFactory(), RequestScheme.HTTP.port));
sr.register(new Scheme(RequestScheme.HTTPS.name(), SSLSocketFactory.getSocketFactory(), RequestScheme.HTTPS.port));
ClientConnectionManager manager = new ThreadSafeClientConnManager(params, sr);
Client client = new Client(manager, params)
加载中,请稍侯......
精彩评论