Sending custom http headers through HttpClient

[sharon3874]

I want to use Apache's HttpClient to send http request header. Can anyone take a look into my code and see if it is correct? (I am using msn's web site for testing purpose)

String url = "http://www.msn.com";
HttpClient client = new HttpClient();
GetMethod get = new GetMethod(url);

String etranAuthStr2 = "PFhNTD48VUlEPlNYWUFOR0VUPC9VSUQ+PEVUUkFOQVVUSD48WFNQUk9MRT5BbGw8L1hTUFJPTEU+PFhTUFNlY3VyaXR5SUQ+MzMzPC9YU1BTZWN1cml0eUlEPjxYU1BTZWN1cml0eUlEPjk5NzwvWFNQU2VjdXJpdHlJRD48WFNQU2VjdXJpdHlJRD5HQjwvWFNQU2VjdXJpdHlJRD48WFNQU2VjdXJpdHlJRD5YMDM8L1hTUFNlY3VyaXR5SUQ+PFhTUFNlY3VyaXR5SUQ+WDAxPC9YU1BTZWN1cml0eUlEPjxYU1BSZWNpcGllbnQ+NDlBQ0NULVNZQU5HRVRSQU48L1hTUFJlY2lwaWVudD48L0VUUkFOQVVUSD48L1hNTD4=";

get.setRequestHeader("CT_REMOTE_USER", "SXYANGET");
get.setRequestHeader("ETRANAUTH", etranAuthStr2);

client.executeMethod(get);

response.getWriter().print(get.getResponseBodyAsString().toString());

I use a debugging tool called "Fiddler" to see the request headers being sent, and looks like the headers are not sending over. did I miss anything? anyone has any idea?

[rozner]

The way you have it should work fine... Can you maybe run a servlet locally and print all the headers to verify?

[hooknc]

You can also use a product called HttpTea. It acts as a local proxy and will print out all the information in the request and the response. Quite the nice product.

[sharon3874]

Thank you for your replies.

Sorry I thought it didn't work, but actually I was wrong, the headers were sent.

I have another problem. the url I am sending my request to is the login page of another application (written in asp.net). I used "www.msn.com" in my example just for testing purpose. When I sent the request to the login page, it redirected to the home page, but the images and styles were lost.

Anyone has thoughts? Thank you in advance for your help.

[rushiku]

Images and styles? Login redirects to home page? msn.com?

I'm lost.

You're creating a request, it has no images or styles, so...which images and styles are missing?

What login? msn.com login? This seems pretty specific, why are you using msn as a test?

[sharon3874]

I used msn as a test for no specific reason. it was just used to test if the header information is passed to the server. it can be any site. the problem is solved and I have already confirmed that the header was sent successfully. so just forget about msn.

I need to automatic log in by passing my header information. now it bypass the log in page successfully and goes to the home page. The content of the home page is showing, my only problem is that the look and feel (images and styles) on that page is lost (such as button images, etc.).

[sharon3874]

What I am doing is to have a link in my java in house application leads to a vendor application, which is written in asp.net.

As long as the user logs in to my java application and click on the link, the user does not need to login again.

So I need to send the user information through the http header to the vendor login page (vendor specific requirement).

I am able to log in now but the look and feel of the page (redirected from the login page) is not right (no images and styles).

Is it correct to use the following to display the content of the response? am I missing anything?

response.getWriter().print(get.getResponseBodyAsString().toString());

[rushiku]

Okay...your app is acting as a sort of a proxy to the vendor app, but, most likely, the vendor app uses relative paths for the images and styles, hence, when displayed by your localhost, the paths are invalid == no images or styles.

So, there's your problem...solution...can you open another window and let the user go to the vendor site rather than trying to play man-in-the-middle?

[sharon3874]

Thank you for your reply.

I think you are right, but if what you mean is to let user logs in by himself, then it is not an option.

I must provide single sign on functionality for the user. is there any other options?

[rushiku]

Drop the HttpClient stuff, set the same headers in the request that comes with the doPost method and redirect the user to the vendor app.

[sharon3874]

Thanks.

I believe the custom headers are not sent if I set the custom headers in the middle of a request. I tried it before.

[rushiku]

I just looked at setting headers, you would actually do it on the response, which would then be redirected.

Did you try it and check with Fiddler, which you now know doesn't work?

[sharon3874]

I had something like the following in my servlet:

response.setStatus(301);
response.setHeader("CT_REMOTE_USER", "SXYANGET");
response.setHeader("ETRANAUTH", "etranAuthStr2");
response.setHeader( "Location", "http://DNXBETRAN01-V/NBIUATeTRAN/UserLogin.aspx" );
response.setHeader( "Connection", "close" );

the custom headers were not passed over in the http header.

[rushiku]

setHeader is for setting existing headers, you'll need to use addHeader to get what you want.

[sharon3874]

I changed it and it still didn't work.

Thanks any way.