E
eranhor
Hi all,
I have encountered a very frustrating problem which I cannot solve.
I am developing some kind of Java based https client that is supposed
to support only very specific sites. All of the sites work just fine
except one.
What I am trying to do is to login to that specific site but I
constantly get a login error. Using a browser (IE,Netscape and Firefox)
I can login perfectly.
Using an http sniffer I check out the headers of the requests and
responses and something very wierd is going on there.
Browser scenario:
1. The browser sends the login request with all parameters in place
2. Receive response (code 302) with a set-cookie parameter that has a
JSESSIONID
3. Another request is sent (based on the 302 response) but without the
JSESSIONID
4. Receive response (again, 302) with a ASPSESSIONID cookie
5. Send request with the ASPSESSIONID and login completed.
So far, all's well.
Now, when I try to login using my Java client this happenes:
1-3. As above
4. The response I get has a JSESSIONID.
5. Login error
I can't understand why using a regular browser I receive the
ASPSESSIONID cookie but when using a Java client I do not. I have also
tried a couple of Java based browsers (JBrowser and ClueEvl), and got
the same results as my Java client.
Is there a known problem between Java and ASP based sites using ASP
session handeling?
Another thing I noticed is, that via a browser I get in the header:
Server: Microsoft-IIS/6.0
Server: unknown web server type
but when using my client I only get:
Server: unknown web server type
How come I do not get the IIS server indication?
Anyway, I am baffled with this problem (this is my 10th hour straight
trying to solve it) and very much hope someone out there has some
useful input.
Thanks all in advance,
Eran
BTW, for security reasons I cannot post the specific site
I have encountered a very frustrating problem which I cannot solve.
I am developing some kind of Java based https client that is supposed
to support only very specific sites. All of the sites work just fine
except one.
What I am trying to do is to login to that specific site but I
constantly get a login error. Using a browser (IE,Netscape and Firefox)
I can login perfectly.
Using an http sniffer I check out the headers of the requests and
responses and something very wierd is going on there.
Browser scenario:
1. The browser sends the login request with all parameters in place
2. Receive response (code 302) with a set-cookie parameter that has a
JSESSIONID
3. Another request is sent (based on the 302 response) but without the
JSESSIONID
4. Receive response (again, 302) with a ASPSESSIONID cookie
5. Send request with the ASPSESSIONID and login completed.
So far, all's well.
Now, when I try to login using my Java client this happenes:
1-3. As above
4. The response I get has a JSESSIONID.
5. Login error
I can't understand why using a regular browser I receive the
ASPSESSIONID cookie but when using a Java client I do not. I have also
tried a couple of Java based browsers (JBrowser and ClueEvl), and got
the same results as my Java client.
Is there a known problem between Java and ASP based sites using ASP
session handeling?
Another thing I noticed is, that via a browser I get in the header:
Server: Microsoft-IIS/6.0
Server: unknown web server type
but when using my client I only get:
Server: unknown web server type
How come I do not get the IIS server indication?
Anyway, I am baffled with this problem (this is my 10th hour straight
trying to solve it) and very much hope someone out there has some
useful input.
Thanks all in advance,
Eran
BTW, for security reasons I cannot post the specific site