Set the SMSESSION cookie to get the response back

java jsp session-cookies siteminder

16,579

Solution 1

The SMSESSION cookie changes periodically so you won't be able to set it statically as you have in the code above. Since you're using Java you may want to look at the Java SDK for SiteMinder

Solution 2

SMSESSION is a system cookie used by Siteminder. You shouldn't/mustn't mess with it.

If your application is Siteminder-enabled, Siteminder will take care of the authentication process of the users.
Once the user is authenticated by Siteminder, the Siteminder agent on your application will add specific HTTP headers (notably SM_USER) that will contain information about the user.
You just have to fetch those informations from the request.

16,579

Author by

arsenal

profile for ferhan on Stack Exchange, a network of free, community-driven Q&A sites http://stackexchange.com/users/flair/335839.png

Updated on June 13, 2022

Comments

arsenal about 2 years

I am trying to get the response back from the server. So for that what I did is, I passed my username and password in the code for authentication because that server needs authentication and then I got the response back from the server... So is there any way that I can set the SMSESSION cookie of that user instead of passing username and password in the code.. Supposing user has already login into that browser with his/her username and password. This is my below code.. As I commented out that portion of passing username and password.. and that one is working fine.. But instead of passing username and password, I want to set the SMSESSION cookie of that user that has already login into that browser.. So I added the code of setting cookie but it is not working, I am getting

Access Denied Error




<%@ page language="java" import="
org.apache.http.HttpEntity,
org.apache.http.HttpResponse,
org.apache.http.auth.AuthScope,
org.apache.http.auth.UsernamePasswordCredentials,
org.apache.http.client.methods.HttpPost,
org.apache.http.client.methods.HttpGet,
org.apache.http.impl.client.DefaultHttpClient,
org.apache.http.util.EntityUtils,
java.io.InputStream,
java.io.InputStreamReader,
java.io.BufferedReader,
java.security.KeyStore,
java.io.FileInputStream,
java.io.File,
org.apache.http.conn.ssl.SSLSocketFactory,
org.apache.http.conn.scheme.Scheme,
javax.net.ssl.HostnameVerifier,
org.apache.http.impl.conn.SingleClientConnManager,
javax.net.ssl.HttpsURLConnection,
org.apache.http.conn.scheme.SchemeRegistry,
javax.net.ssl.SSLContext,
java.security.cert.X509Certificate,
javax.net.ssl.X509TrustManager,
javax.net.ssl.TrustManager,
org.apache.http.conn.ClientConnectionManager,
java.security.cert.CertificateException,
org.apache.http.conn.scheme.Scheme"
contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>

<%
String a_Url = request.getParameter( "url" ) ;

DefaultHttpClient httpclient = new DefaultHttpClient();


/*
    httpclient.getCredentialsProvider().setCredentials(
            new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, null),
            new UsernamePasswordCredentials("test", "pass"));
*/



    Cookie[] cookies = request.getCookies();
    boolean foundCookie = false;
   // System.out.println(" hello  " +cookies);
    for(int i = 0; i < cookies.length; i++) { 
        Cookie c = cookies[i];
        //System.out.println("  " +c);
        if (c.getName().equals("SMSESSION")) {
            System.out.println("sm = " + c.getValue());
            foundCookie = true;
        }
    }

    if (foundCookie) {
        //System.out.println(foundCookie);
        Cookie c = new Cookie("SMSESSION", "3jHUz3BcnWfVfgWH806Sro9Qs9obgTS6gp+b71d86HcPpupyZ8kcSI48KBpxcLT0DlTxnaKjP4Mgdn8iQFRkyJ1Uyji83qupvMy8zaD0b83h+5edOqF4GrDiXUDqzRBhwJ9wHMmswbf4As6gcu6aJDOoppI1pCoeA+yoLHpxMYi+B3VM1IZhOKiVkKb2+IrQwhvLCxMKy3oF/ew2gctmJ6AVfe/cA053niXPERjWW111cJhJMViFd/fP7YuxLuLZNzqBEBAdSBoK8YorzGwUTX0DDUTI7QJF9OGdeGETpmddHzE4u3hdqMZxrIdAYQc6zDLOf5I5MoMie7WnQVIu5gH8xa3b37BDk3rVuf4orOcaahv/UlrHPRRjIUtaWal1sAZXBHpYgQKH4wd3nNtPthW0hBAlxXQnGgHqZvJvQH4jLWlTV9uwC2q1hbMHrmo9zXCNO7uIxK6o0PyTYW6UhdVmcYtoHn/+mAX3dW3PRYAUM7ItAdIfsPV6LAs+bLiVexDf2P9E2ub4zF+ZSN+3AUSssMLiGKCOnWQ/IQyB8WOngkMa9Qc58pZv8g8E5Lxm5g/udiGbhqK24kYauJ8cUI4JtTW+JJKqwoqTbnwwdbTqdSenyNnrEnbH13CDowNxbSgJZeSUw2Z51ELARrXp+N5kGokLr+YXxwsgmvoXQxxo/5y9Lgn1RKtc4QAJiWjQNzDOFX2HoiFw+oWUXgrET8qTHHVOj+v9auqyxS0cPgcXj8wQmjJrUH+tYGlQmCdF2CCt5Ywf12Jaev+wfNcVb447fAmTR7LJTgtb/D5U15YqAMYZg36tVrPkx1MhP37XbEYLsCcpfdDO4FUVKb5t7zl0rTAhUvbCF3/Wn6V/0LjJ58UGl4GEhIF2y4K+vFJSkL7qJ+2ufVi9hfXu5362QKCtqqXt0LihgjmH9z0Mgg1Brfgl0jVPuO44os0KBKzfCuhFMzEK9oorNVpgWrVWED+yiBNO0B2JA4lurdsFFAwOcx3ZFyhJ1TC2jUYJpIBW ");
        c.setMaxAge(24*60*60);
        response.addCookie(c); 
    }     


    HttpGet httpget = new HttpGet(a_Url);



    System.out.println("executing request" + httpget.getRequestLine());
    HttpResponse res = httpclient.execute(httpget);

    HttpEntity entity = res.getEntity();

    System.out.println("----------------------------------------");
    System.out.println(res.getStatusLine());
    if (entity != null) {

        System.out.println("Response content length: " + entity.getContentLength());
        InputStream input = entity.getContent();
        BufferedReader reader = new BufferedReader(new InputStreamReader(input));
        String ln = "";
        while((ln = reader.readLine()) != null) {
            out.println("" + ln);
        }
        entity.consumeContent();
    }
    EntityUtils.consume(entity);

%>

And in the response header I am getting this:-

Response Headers
Content-Type    text/html; charset=iso-8859-1
Expires Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie  SMSESSION="3jHUz3BcnWfVfgWH806Sro9Qs9obgTS6gp+b71d86HcPpupyZ8kcSI48KBpxcLT0DlTxnaKjP4Mgdn8iQFRkyJ1Uyji83qupvMy8zaD0b83h+5edOqF4GrDiXUDqzRBhwJ9wHMmswbf4As6gcu6aJDOoppI1pCoeA+yoLHpxMYi+B3VM1IZhOKiVkKb2+IrQwhvLCxMKy3oF/ew2gctmJ6AVfe/cA053niXPERjWW111cJhJMViFd/fP7YuxLuLZNzqBEBAdSBoK8YorzGwUTX0DDUTI7QJF9OGdeGETpmddHzE4u3hdqMZxrIdAYQc6zDLOf5I5MoMie7WnQVIu5gH8xa3b37BDk3rVuf4orOcaahv/UlrHPRRjIUtaWal1sAZXBHpYgQKH4wd3nNtPthW0hBAlxXQnGgHqZvJvQH4jLWlTV9uwC2q1hbMHrmo9zXCNO7uIxK6o0PyTYW6UhdVmcYtoHn/+mAX3dW3PRYAUM7ItAdIfsPV6LAs+bLiVexDf2P9E2ub4zF+ZSN+3AUSssMLiGKCOnWQ/IQyB8WOngkMa9Qc58pZv8g8E5Lxm5g/udiGbhqK24kYauJ8cUI4JtTW+JJKqwoqTbnwwdbTqdSenyNnrEnbH13CDowNxbSgJZeSUw2Z51ELARrXp+N5kGokLr+YXxwsgmvoXQxxo/5y9Lgn1RKtc4QAJiWjQNzDOFX2HoiFw+oWUXgrET8qTHHVOj+v9auqyxS0cPgcXj8wQmjJrUH+tYGlQmCdF2CCt5Ywf12Jaev+wfNcVb447fAmTR7LJTgtb/D5U15YqAMYZg36tVrPkx1MhP37XbEYLsCcpfdDO4FUVKb5t7zl0rTAhUvbCF3/Wn6V/0LjJ58UGl4GEhIF2y4K+vFJSkL7qJ+2ufVi9hfXu5362QKCtqqXt0LihgjmH9z0Mgg1Brfgl0jVPuO44os0KBKzfCuhFMzEK9oorNVpgWrVWED+yiBNO0B2JA4lurdsFFAwOcx3ZFyhJ1TC2jUYJpIBW";Expires=Wed, 06-Jul-11 16:57:11 GMT
Content-Length  2786
Server  Jetty(6.1.21)

Any suggestions will be appreciated...