curl-library
RE: authentication and cookie
Date: Thu, 18 Mar 2004 00:39:48 +1100
Are the original cookies kept in the second request (the request that
include the user and password)?
Are you calling curl_easy_perform() twice?
Do I have to call other curl api for making it happen?
Thanks
Yoav
_____
From: curl-library-bounces_at_cool.haxx.se
[mailto:curl-library-bounces_at_cool.haxx.se] On Behalf Of Ralph Mitchell
Sent: Wednesday, March 17, 2004 1:02 PM
To: libcurl development
Subject: Re: authentication and cookie
I've had this kind of thing happen to me. What I had to do was to "prime
the pump", as it were, by doing an initial fetch of the page *without*
trying to hand over the userid/password. I would then get back the demand
for authentication and re-do the page fetch *with* the userid/password.
In both page fetches, save and send cookies as necessary...
Ralph Mitchell
Yoav Schreiber wrote:
1. The user and password are correct but the cookie is missing (the server
sends the set-cookie in the header only with the 401 response).
BTW, is this a common behavior?
2. Yes, the Server wants the authentication header and the cookie.
3. We tried using the cookie jar option. The problem is that after this the
same cookie is sent in all requests of the session (after the 401 we get 302
redirection). This is problematic, because the server gives dynamic cookies
which differ in each response of the session. It seems libcurl keeps sending
the cookie from the cookie jar in all the following requests.
Thanks
Yoav
-----Original Message-----
From: curl-library-bounces_at_cool.haxx.se
<mailto:curl-library-bounces_at_cool.haxx.se>
[mailto:curl-library-bounces_at_cool.haxx.se
<mailto:curl-library-bounces_at_cool.haxx.se> ] On Behalf Of Daniel Stenberg
Sent: Wednesday, March 17, 2004 12:08 PM
To: libcurl development
Subject: Re: authentication and cookie
On Wed, 17 Mar 2004, Yoav Schreiber wrote:
I'm trying to connect a web server that requires basic authentication. I'm
connecting it with the user and the password (curl_easy_setopt() with
CURLOPT_USERPWD).
The response I am getting from the server is error 401 with a set cookie
in
the response header (although the user and password were set correctly).
If the user name and password are correct, then why is the server not
letting
you in?
The Server expects me to resend the request with the cookie set (from
looking at IE / Mozilla communication, this behavior does work and the
Server response is valid - 200).
So it wants the autentication header _and_ the cookie?
Is there any way I can overcome this with libcurl?
Provide the cookie in the request? There are multiple cookie options.
________________________________________________________________________
This email has been scanned for all viruses.
Mercury Interactive Corporation
Optimizing Business Processes to Maximize Business Results
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
Received on 2004-03-17