Using the AndroidHttpClient with cookies gives me intermixed 200 ok and 403 forbidden responses. I'm not sure what I am doing wrong.
I'm using the AndroidHttpClient in the following manner:
I have several background thread classes, and each one does the following:
HttpGet get...
HttpClient client = AndroidHttpClient.newInstance("Android");
HttpContext http_context = HttpSupport.getHttpContextInstance();
CookieStore cookie_store = HttpSupport.getCookieStoreInstance();
http_context.setAttribute(ClientContext.COOKIE_STORE, cookie_store);
client.execute(
HttpSupport is a class with two static fields; a CookieStore and a HttpContext:
public class HttpSupport {
private static HttpContext _context;
private static CookieStore _cookieStore;
public static synchronized HttpContext getHttpContextInstance() {
if (_context == null) {
_context = new BasicHttpContext();
}
return _context;
}
public static synchronized CookieStore getCookieStoreInstance() {
if (_cookieStore == null) {
_cookieStore = new BasicCookieStore();
}
return _cookieStore;
}
}
Is it ok to have multiple instances of the AndroidHttpClient in the application? Am I storing the cookies correctly?
I would recommend using the Android Asynchronous HTTP Client
It implements its own persistent cookie store (PersistentCookieStore) which is really easy to use. In fact, if you don't want to use the library for its asynchronous abilities you could just use it for the Persistent Cookie Store that it provides.. However the asynchronous abilities of it are highly worth while.
So to use it with your current class you could simply make a change in your HttpSupport class that has
public static synchronized CookieStore getCookieStoreInstance(Context context) {
if (_cookieStore == null) {
_cookieStore = new PersistentCookieStore(context);
}
return _cookieStore;
}
Note that you will have to add the context to the method as it is required for the PersistentCookieStore to work.
HttpClient automattically stores the cookies I have found, you should really be doing all this in an async task (as to Android 3.0> requirments).
The 200 response is when everything has been sent through right and the file you want is avaliable to you, this isn't a problem.
The 403 error is pretty obvious, does this server require some type of log in to get the file or webpage? This is what you should investigate, a way to work out how to log in is to use something like google chrome, right click on the webpage, go inspect element, then watch the network files going through, log in, watch for a post request. Find out how the website works.
Have a look here for a async task: HTTP POST request ANDROID 4 (working in 2.3)?
I believe you can have multiple instances of HttpClient, but to be using the same cookies you should be using one for everything that is connected
For eg:
You should have one HttpClient to log in, then request a page using get, do what ever you need to do etc.
Sorry I relised you were using AndriodHttpClient not HttpClient, AndroidHttpClient does not store cookies by default so yeah, Any reason why you are using AndroidHttpClient over HttpClient?
Related
I have created an Android application, in that I want to get Session from webview.
How to make it possible ?
Thanks.
I use this method for getting session cookies from a webview:
public static String getCookieFromAppCookieManager(String url) throws MalformedURLException {
CookieManager cookieManager = CookieManager.getInstance();
if (cookieManager == null)
return null;
String rawCookieHeader = null;
URL parsedURL = new URL(url);
rawCookieHeader = cookieManager.getCookie(parsedURL.getHost());
if (rawCookieHeader == null)
return null;
return rawCookieHeader;
}
There are two ways:
If a developer has made a httpclient, and makes an api auth call and store the cookie. Then you sync the httpclient's cookie with webview and maintain a session natively.
If user has used a webview to make an auth call and the cookie resides in the webview.
First one is your code and simply making a getter will return instance of DefaultHTTPClient. The instance will have access to cookies too. you can make async calls to auth api to get correct cookie in the instance. Make sure to keep HttpClient and Webview in sync.
For retrieving cookie in second method, you would use CookieManager object and the url which user is logged into and you need cookie for, example twitter.com See the second post here for implementation details.
I am using an HttpClient to make server connection, like this:
DefaultHttpClient client = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://www.example.com/login");
HttpResponse response = client.execute(httppost);
The server session works with cookies.
And to maintain session I have to use the same client for all the subsequent connections. Which I am doing and works fine.
But the problem is, in android usually Activity data is destroyed when there is a need, which destroys the HttpClient too (when my application is in baclground) and hence the session is being lost.
Is there a way to make a HttpClient persistent? Or how do I solve this case?
Thank You.
There is no way as I know to save your session and recreate after Activity relaunch.
The only one way is to put your HttpClient code to Service. By this way you can play with activities and do not worry about broken sessions.
You can find Services documentation here
The server session works with cookies.
for Android by default cookies are enable and you don't need to worry about.
For sure you can store Cookies but I don't see the reason that it can help you somehow for your question.
Anyways this is a technique to fetch Cookies:
List<Cookie> mCookies = null;
mCookies = httpclient.getCookieStore().getCookies();
if (mCookies.isEmpty()) {
Log.d("test_runner", "Cookies: None");
} else {
for (int i = 0; i < mCookies.size(); i++) {
System.out.println("- " + mCookies.get(i).toString());
Log.d("test_runner", "Cookies: [" + i + "]" + mCookies.get(i).toString());
}
}
And this is a way how to put them back:
CookieStore cookieStore = new BasicCookieStore();
for(Cookie cook : mCookies){
cookieStore.addCookie(cook);
}
httpclient = new DefaultHttpClient(params);
httpclient.setCookieStore(cookieStore);
The best idea is to put all the function that your server do in on unique class which is going to be call by the tasks which want to connect. I call this class WebServiceManager. This class have exactly the same method than the server.
As you want an unique session do :
private static WebServiceManager wsm = null;
public static WebServiceManager getInstance() {
if (wsm == null) {
wsm = new WebServiceManager();
}
return wsm;
}
private final HttpClient httpClient;
private WebServiceManager() {
httpClient=new DefaultHttpClient();
}
and then you call the method of your instance of webServiceManager to use always the same httpclient and you keep your cookies. :)
I know this question has been asked a hundred times, and I've read and tried for 2 hours now, but I can't find my error :-(
I am trying to create a simple webbrowser and therefore have a webview, where I login on a site and get access to a picture area. With help of a DefaultHttpClient, I want to make it possible to download pictures in the secured area.
Therefore I am trying to share the cookies from the webview and pass them on to the HttpClient, so that it is authenticated and able to download. But whatever I try and do, I always get a 403 response back...
Basically the steps are the following:
1) Enter URL, webview loads website
2) Enter login details in a form
3) Navigate to picture and long hold for context menu
4) Retrieve the image URL and pass it on to AsynTask for downloading
Here's the code of the AsyncTask with the Cookie stuff:
protected String doInBackground(String... params) {
//params[0] is the URL of the image
try
{
CookieManager cookieManager = CookieManager.getInstance();
String c = cookieManager.getCookie(new URL(params[0]).getHost());
BasicCookieStore cookieStore = new BasicCookieStore();
BasicHttpContext localContext = new BasicHttpContext();
localContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
String[] cookieParts = null;
String cookies[] = null;
cookies = c.split(";");
for(int i=0;i<cookies.length;i++)
{
cookieParts = cookies[i].split("=");
BasicClientCookie sessionCookie = new BasicClientCookie(cookieParts[0].trim(), cookieParts[1].trim());
sessionCookie.setDomain(new URL(params[0]).getHost());
cookieStore.addCookie(sessionCookie);
}
DefaultHttpClient httpClient = new DefaultHttpClient();
httpClient.setCookieStore(cookieStore);
HttpGet pageGet = new HttpGet(new URL(params[0]).toURI());
HttpResponse response = httpClient.execute(pageGet, localContext);
if(response.getStatusLine().getStatusCode() == HttpStatus.SC_OK)
--> NEVER Happens, always get 403
.) One of the problems is that the webview saves some cookies for the host *www.*example.com, but the image-URL to download (params[0]) is *static.*example.com. The line
cookieManager.getCookie(new URL(params[0]).getHost());
returns null, because there is no cookie for static.example.com, but only for www.example.com.
.) When I manually say cookieManager.getCookie("www.example.com"); I get some cookies back, which I add to the HttpClient cookie store:
There are 5 cookies added
- testcookie = 0
- PHPSESSID = 320947238someGibberishSessionId
- email = my#email.net
- pass = 32423te32someEncodedPassGibberish
- user = 345542
So although these cookies, a session ID and other stuff, get added to the HttpClient, it never get's through to download an image. Im totally lost... though I guess that it either has something to do with the cookies domains, or that Im still missing other cookies.
But from where the heck should I know which cookies exist in the webview, when I have to specify a specific URL to get a cookie back?? :-(
Any advice?
I guess we have made it too complicated in above snippet.
Use these easy steps -
1)Retrieve the cookie from webView -wherever your webview is, use this code to re
String cookie = CookieManager.getInstance().getCookie(
url.toString());
Log.d("mytcs", "cookie downloadlistner " + cookie);
2) Pass this in your downloading asyncTask using params -
downloadImageTask = new DownloadImage();
downloadPDFTask.execute(url, cookie);
(I assume you know to retrieve this cookie in asyncTask, you will use params[1],
3) set this cookie in your http request using -
if (cookie != null)
con.setRequestProperty("cookie", cookie);
where con is HttpURLConnection con;
so you can set it to your need, in HttpGet.
You probably figured out the answer already coz it is a pretty late answer. But, just in case...
Try this. When you retrieve the cookie from WebView just use example.com in the domain name. When you set the cookie in BasicClientCookie and set the domain, set the domain name to .example.com. Note the "." in the beginning. Now, i think the session should work across all subdomains in your application.
I've got a class:
public class WebReader implements IWebReader {
HttpClient client;
public WebReader() {
client = new DefaultHttpClient();
}
public WebReader(HttpClient httpClient) {
client = httpClient;
}
/**
* Reads the web resource at the specified path with the params given.
* #param path Path of the resource to be read.
* #param params Parameters needed to be transferred to the server using POST method.
* #param compression If it's needed to use compression. Default is <b>true</b>.
* #return <p>Returns the string got from the server. If there was an error downloading file,
* an empty string is returned, the information about the error is written to the log file.</p>
*/
public String readWebResource(String path, ArrayList<BasicNameValuePair> params, Boolean compression) {
HttpPost httpPost = new HttpPost(path);
String result = "";
if (compression)
httpPost.addHeader("Accept-Encoding", "gzip");
if (params.size() > 0){
try {
httpPost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
} catch (UnsupportedEncodingException e1) {
e1.printStackTrace();
}
}
try {
HttpResponse response = client.execute(httpPost);
StatusLine statusLine = response.getStatusLine();
int statusCode = statusLine.getStatusCode();
if (statusCode == 200) {
HttpEntity entity = response.getEntity();
InputStream content = entity.getContent();
if (entity.getContentEncoding() != null
&& "gzip".equalsIgnoreCase(entity.getContentEncoding()
.getValue()))
result = uncompressInputStream(content);
else
result = convertStreamToString(content);
} else {
Log.e(MyApp.class.toString(), "Failed to download file");
}
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return result;
}
private String uncompressInputStream(InputStream inputStream)
throws IOException {...}
private String convertStreamToString(InputStream is) {...}
}
I cannot find a way to test it using a standard framework. Especially, I need to simulate total internet lost from inside the test.
There are suggestions to manually turn the Internet in the emulator off while performing the test. But it seems to me as not quite a good solution, because the automatic tests should be... automatic.
I added a "client" field to the class trying to mock it from inside the test class. But implementation of the HttpClient interface seems quite complex.
The Robolectric framework allows the developers to test Http connection as far as I know. But I guess there is some way to write such a test without using so big additional framework.
So are there any short and straightforward ways of unit testing classes that use HttpClient? How did you solve this in your projects?
I added a "client" field to the class trying to mock it from inside the test class. But implementation of the HttpClient interface seems quite complex.
I am a little bit confuse about this statement. From the question title, you are asking about unit-testing httpClint, by mocking a FakeHttpClient may help you unit-testing other part of app except httpClient, but doesn't help anything for unit-testing httpClient. What you need is a FakeHttpLayer for unit-testing httpClient (no remote server, network requires, hence unit-testing).
HttpClient Dummy Test:
If you only need examine app behavior in the situation that internet is lost, then a classic Android Instrument Test is sufficient, you can programmatically turn the Internet in the emulator off while performing the test:
public void testWhenInternetOK() {
... ...
webReader.readWebResource();
// expect HTTP 200 response.
... ...
}
public void testWhenInternetLost() {
... ...
wifiManager = (WifiManager) this.getSystemService(Context.WIFI_SERVICE);
wifiManager.setWifiEnabled(false);
webReader.readWebResource();
// expect no HTTP response.
... ...
}
This requires the remote http server is completely setup and in a working state, and whenever you run your test class, a real http communication is made over network and hit on http server.
HttpClient Advanced Test:
If you want to test app behavior more precisely, for instance, you want to test a http call in you app to see if it is handle different http response properly. the Robolectric is the best choice. You can use FakeHttpLayer and mock the http request and response to whatever you like.
public void setup() {
String url = "http://...";
// First http request fired in test, mock a HTTP 200 response (ContentType: application/json)
HttpResponse response1 = new DefaultHttpResponseFactory().newHttpResponse(HttpVersion.HTTP_1_1, 200, null);
BasicHttpEntity entity1 = new BasicHttpEntity();
entity1.setContentType("application/json");
response1.setEntity(entity1);
// Second http request fired in test, mock a HTTP 404 response (ContentType: text/html)
HttpResponse response2 = new DefaultHttpResponseFactory().newHttpResponse(HttpVersion.HTTP_1_1, 404, null);
BasicHttpEntity entity2 = new BasicHttpEntity();
entity2.setContentType("text/html");
response2.setEntity(entity2);
List<HttpResponse> responses = new ArrayList<HttpResponse>();
responses.add(response1);
responses.add(response2);
Robolectric.addHttpResponseRule(new FakeHttpLayer.UriRequestMatcher("POST", url), responses);
}
public void testFoo() {
... ...
webReader.readWebResource(); // <- a call that perform a http post request to url.
// expect HTTP 200 response.
... ...
}
public void testBar() {
... ...
webReader.readWebResource(); // <- a call that perform a http post request to url.
// expect HTTP 404 response.
... ...
}
Some pros of using Robolectric are:
Purely JUnit test, no instrument test so don't need start emulator (or real device) to run the test, increase development speed.
Latest Robolectric support single line of code to enable/disable FakeHttpLayer, where you can set http request to be interpreted by FakeHttpLayer (no real http call over network), or set the http request bypass the FakeHttpLayer(perform real http call over network). Check out this SO question for more details.
If you check out the source of Robolectric, you can see it is quite complex to implement a FakeHtppLayer properly by yourself. I would recommend to use the existing test framework instead of implementing your own API.
Hope this helps.
I created an NTLM authenticating SOAP client based on KSOAP-Android and JCIFS. The implementation looks something like this:
public class NtlmServiceConnection implements ServiceConnection
{
public NtlmServiceConnection(final SoapConnectionInfo connectionInfo, String path)
{
httpclient = new DefaultHttpClient();
httpclient.getAuthSchemes().register(AuthPolicy.NTLM, new NTLMSchemeFactory());
//...
#Override
public InputStream openInputStream() throws IOException {
ByteArrayEntity re = new ByteArrayEntity(bufferStream.toByteArray());
post.removeHeaders("CONTENT-LENGTH");
post.setEntity(re);
HttpResponse rep = httpclient.execute(post);
InputStream stream = rep.getEntity().getContent();
return stream;
}
//....
}
From the looks of it KSOAP is generating the correct message because bufferStream is populated with the SOAP envelope as expected. JCIFS seems to be doing its job as well as I can see the NTLM challenge response taking place via Wireshark. The issue is that the message body is missing. It is simply null. Due to this the web service encounters a 501 and the InputStream returned is null.
Anyone have a clue why this would happen?
Note: I'm removing the CONTENT-LENGTH header below because setEntity apparently tries to set this but KSOAP has already set it. I simply remove it and allow setEntity to reset it.
I finally figured it out and blogged about it here: http://csharpening.net/blog/?p=271