Login to a CAS server using HTTPComponents Client

[marcomandy]

I'm trying to login into a CAS server using the apache HTTPComponents client.
I observed the behaviour of the server through fiddler login into the server with a web browser and tryed to reproduce this behaviour with HTTPComponents.

The browser is redirected at the page below which url changes every time.
Here it gets the cookie, the unique url (from the html) where it has to post and the value of the variable "it".

Then it post to the url getted the user name, the password, the "it" variable and some other variables. The server responds with a "302 moved temporaly" which contains the link to the page i'm interested to.

XML Code:

GET https://cas.unibo.it/cas/login?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3&cas_aware_sessionid=766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3 HTTP/1.1
Host: cas.unibo.it
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: https://almaesami.unibo.it/almaesami/welcome.htm
    
    
HTTP/1.1 200 OK
Date: Sun, 25 Mar 2012 20:26:31 GMT
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Set-Cookie: JSESSIONID=B7983385BA6B02BA6A568533F7C38C83.cas-joss2; Path=/cas/; Secure; HttpOnly
Content-Type: text/html;charset=UTF-8
Content-Language: it-IT
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 6038
    
    
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
... 
 <body>
...
<form id="fm1" method="post" 
action="/cas/login;jsessionid=B7983385BA6B02BA6A568533F7C38C83.cas-joss2?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_securi
ty_check%3Bjsessionid%3D766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3&amp;cas_aware_sessionid=766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3">
  <table class="tbSimpleInput"  width="600" summary="Tabella di struttura" style="margin-left:auto; margin-right:auto;text-align:left">
  <!-- table width="600" summary="Tabella di struttura" -->

	<tr valign="top">
		 <td colspan="4" style="padding-bottom: 12px;">
			<p><SPAN class="testoNormale"> 
				  <span id="AbstractPH"> 
				  </span>
				</SPAN>
			</p>
		</td>
	</tr>
	<tr>
		<td colspan="2">
			<div align="center">
			  <a href="https://www.dsa.unibo.it">
				 <img src="https://www.dsa.unibo.it/uniboldap2/image/logindsa.jpg" alt="Login di Ateneo - DSA" border="0" width="160" height="48">
			  </a>
			</div>
		</td>
	</tr>
	<tr>
	  <td class="formLabel"><label for="username">Username</label></td>
	  <td class="formField">
		<input id="username" name="username" type="text" value=""/>
	  </td>
	</tr>
	<tr>
	  <td class="formLabel"><label for="password">Password</label></td>
	  <td class="formField">
		<input id="password" name="password" type="password" value=""/>
	  </td>
	</tr>
	<tr>
		<td colspan="2"></td>
	</tr>
	<tr>
	  <td></td>
	  <td colspan ="2" class="buttonCells" style="text-align:left;padding-top:9pt">
		<input type="hidden" name="lt" value="_c3B3C903C-5312-F9A2-1F7C-842C2814FE30_k153B2920-D56A-8F46-BCB3-2C97CA3AFF4F" />
		<input type="hidden" name="_eventId" value="submit" />
		<input type="hidden" id="userType" name="userType" value="STUDENTE"/>
		<input type="submit" class="button" value='Accedi' name="submit" /><br/><br/></td>
...     
  </body>
</html>
___________________________________________________________
    
POST https://cas.unibo.it/cas/login;jsessionid=B7983385BA6B02BA6A568533F7C38C83.cas-joss2?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3&cas_aware_sessionid=766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3 HTTP/1.1
Host: cas.unibo.it
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: https://cas.unibo.it/cas/login?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3&cas_aware_sessionid=766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3
Cookie: JSESSIONID=B7983385BA6B02BA6A568533F7C38C83.cas-joss2
Content-Type: application/x-www-form-urlencoded
Content-Length: 187
    
username=***.***@***&password=*****&lt=_c3B3C903C-5312-F9A2-1F7C-842C2814FE30_k153B2920-D56A-8F46-BCB3-2C97CA3AFF4F&_eventId=submit&userType=STUDENTE&submit=Accedi
    
    
HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Mar 2012 20:26:33 GMT
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Set-Cookie: CASPRIVACY=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/cas
Set-Cookie: CASTGC=TGT-76765-YPoosBGiZCKQhZ3KKHdPXpl9bWMEh5BvCgxPKoNdlIH4aKHNQN-lucifer-Joss2; Path=/cas; Secure
Location: https://almaesami.unibo.it/almaesami/studenti/j_acegi_cas_security_check;jsessionid=766A9DDE236DAEF92E2968C04E07EBBB.mic-joss3?ticket=ST-43535-7PY7fq3ojZSP1pqMRW7p-lucifer-Joss2&siteLanguage=it
Content-Language: it-IT
Content-Length: 0
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: text/plain

What follows is what i succeeded to reproduce analyzed with fiddler.

XML Code:

GET https://cas.unibo.it/cas/login?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D50854241BA8158A576B8B1FEE0B57A1D.mic-joss2&cas_aware_sessionid=50854241BA8158A576B8B1FEE0B57A1D.mic-joss2 HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: https://almaesami.unibo.it/almaesami/welcome.htm
Host: cas.unibo.it
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.2 (java 1.5)


HTTP/1.1 200 OK
Date: Mon, 26 Mar 2012 11:52:44 GMT
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Set-Cookie: JSESSIONID=0ADBB997A5BFEFB2391EF3B79070E28E.cas-joss1; Path=/cas; Secure
Content-Type: text/html;charset=UTF-8
Content-Language: it-IT
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 6038


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
...
  <body>
...  
<form id="fm1" method="post" action="/cas/login;jsessionid=0ADBB997A5BFEFB2391EF3B79070E28E.cas-joss1?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D50854241BA8158A576B8B1FEE0B57A1D.mic-joss2&amp;cas_aware_sessionid=50854241BA8158A576B8B1FEE0B57A1D.mic-joss2">
  <table class="tbSimpleInput"  width="600" summary="Tabella di struttura" style="margin-left:auto; margin-right:auto;text-align:left">
  <!-- table width="600" summary="Tabella di struttura" -->

	<tr valign="top">
		 <td colspan="4" style="padding-bottom: 12px;">
			<p><SPAN class="testoNormale"> 
				  <span id="AbstractPH"> 
				  </span>
				</SPAN>
			</p>
		</td>
	</tr>
	<tr>
		<td colspan="2">
			<div align="center">
			  <a href="https://www.dsa.unibo.it">
				 <img src="https://www.dsa.unibo.it/uniboldap2/image/logindsa.jpg" alt="Login di Ateneo - DSA" border="0" width="160" height="48">
			  </a>
			</div>
		</td>
	</tr>
	<tr>
	  <td class="formLabel"><label for="username">Username</label></td>
	  <td class="formField">
		<input id="username" name="username" type="text" value=""/>
	  </td>
	</tr>
	<tr>
	  <td class="formLabel"><label for="password">Password</label></td>
	  <td class="formField">
		<input id="password" name="password" type="password" value=""/>
	  </td>
	</tr>
	<tr>
		<td colspan="2"></td>
	</tr>
	<tr>
	  <td></td>
	  <td colspan ="2" class="buttonCells" style="text-align:left;padding-top:9pt">
		<input type="hidden" name="lt" value="_cB0CC1EB0-B7BE-DF43-7522-801C1A7910C5_kCE55F797-1DD8-5EB0-D85F-BE9D74B7836D" />
		<input type="hidden" name="_eventId" value="submit" />
		<input type="hidden" id="userType" name="userType" value="STUDENTE"/>
		<input type="submit" class="button" value='Accedi' name="submit" /><br/><br/></td>
...
  </body>
</html>

____________________________________________________________________
POST https://cas.unibo.it/cas/login;jsessionid=0ADBB997A5BFEFB2391EF3B79070E28E.cas-joss1?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D50854241BA8158A576B8B1FEE0B57A1D.mic-joss2&cas_aware_sessionid=50854241BA8158A576B8B1FEE0B57A1D.mic-joss2 HTTP/1.1
Referer: https://cas.unibo.it/cas/login?service=https%3A%2F%2Falmaesami.unibo.it%2Falmaesami%2Fstudenti%2Fj_acegi_cas_security_check%3Bjsessionid%3D50854241BA8158A576B8B1FEE0B57A1D.mic-joss2&cas_aware_sessionid=50854241BA8158A576B8B1FEE0B57A1D.mic-joss2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Length: 187
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Host: cas.unibo.it
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.2 (java 1.5)
Cookie: JSESSIONID=0ADBB997A5BFEFB2391EF3B79070E28E.cas-joss1

username=***.***@***&password=*****&it=_cB0CC1EB0-B7BE-DF43-7522-801C1A7910C5_kCE55F797-1DD8-5EB0-D85F-BE9D74B7836D&_eventId=submit&userType=STUDENTE&submit=Accedi


HTTP/1.1 200 OK
Date: Mon, 26 Mar 2012 11:52:44 GMT
Pragma: No-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Content-Language: it-IT
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Length: 5984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
...

As you can see I post to the CAS server the same request as my browser, getting the same variables, but instead of redirecting me to the new page i get the same page as before from the server!

This is the code i wrote:

Java Code:

public class TestHttpClient {

	public static void main(String[] args) throws Exception {

		HttpGet httpget = new HttpGet("");
		HttpPost httppost = new HttpPost("");
		HttpResponse response;
		HttpEntity entity;
		URI uri;
		HeaderIterator iter;
		String itvalue="", location="", referer="", stringentity="";

		SchemeRegistry schemeRegistry = new SchemeRegistry();
		schemeRegistry.register(
				new Scheme("http", 80, PlainSocketFactory.getSocketFactory()));
		schemeRegistry.register(
				new Scheme("https", 443, SSLSocketFactory.getSocketFactory()));
		ThreadSafeClientConnManager connectionmanager = new ThreadSafeClientConnManager(schemeRegistry); //the default connection manager can't manage multiple connections
		DefaultHttpClient httpclient = new DefaultHttpClient(connectionmanager);
		

		httpclient.getParams().setParameter(ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY); //default cookie policy creates dirty cookies
		

		HttpHost proxy = new HttpHost("127.0.0.1",8888); //this is to debug on fiddler
		httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,proxy);
		httpclient = (DefaultHttpClient) WebClientDevWrapper.wrapClient(httpclient);

		
		httpget.setHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
		httpget.setHeader("Accept-Language", "it-it,it;q=0.8,en-us;q=0.5,en;q=0.3");
		httpget.setHeader("Accept-Encoding","gzip, deflate");
		httpget.setHeader("Referer", "https://almaesami.unibo.it/almaesami/welcome.htm");


		//GET///////////
		uri= new URI("https://almaesami.unibo.it/almaesami/studenti/home.htm");
		httpget.setURI(uri);
		

		httpclient.setRedirectStrategy(new RedirectStrategy() { //blocking the auto redirect to get the redirection url
			public HttpUriRequest getRedirect(HttpRequest arg0,
					HttpResponse arg1, HttpContext arg2)
					throws org.apache.http.ProtocolException {
				return null;
			}
			public boolean isRedirected(HttpRequest arg0, HttpResponse arg1,
					HttpContext arg2) throws org.apache.http.ProtocolException {
				return false;
			}
		});

		
		response = httpclient.execute(httpget);
		entity = response.getEntity();
		
		System.out.println(response.getStatusLine().toString());

		printCookies(httpclient);

		iter = response.headerIterator("Location");
		while (iter.hasNext())referer =""+iter.next();
		referer = referer.replace("Location: ", "");
		System.out.println("referer: "+ referer);
		
		httpclient.setRedirectStrategy(new DefaultRedirectStrategy()); //reset automatic redirect
		
		
		
		if (entity != null) {
			EntityUtils.consume(entity);
		}
		
		
		//GET///////////
		uri= new URI(referer);
		httpget.setURI(uri);
		response = httpclient.execute(httpget);
		entity = response.getEntity();
		System.out.println(response.getStatusLine().toString());
		
		stringentity = EntityUtils.toString(entity);
		int startindex = stringentity.indexOf("name=\"lt\" value=\"")+17;
		int endindex = stringentity.indexOf("\"", startindex);
		itvalue = stringentity.substring(startindex, endindex);
		System.out.println("it value: "+itvalue);
		
		startindex = stringentity.indexOf("method=\"post\" action=\"")+22;
		endindex = stringentity.indexOf("\"", startindex);
		location = "https://cas.unibo.it"+stringentity.substring(startindex, endindex);
		location = location.replaceAll("&", "&");
		System.out.println("location: "+location);
		
		printCookies(httpclient);
		
		
		if (entity != null) {
			EntityUtils.consume(entity);
		}
		
		 
		//POST/////////
		
		List <NameValuePair> nvps = new ArrayList <NameValuePair>();
		nvps.add(new BasicNameValuePair("username", "***.***@***"));
		nvps.add(new BasicNameValuePair("password", "*****"));
		nvps.add(new BasicNameValuePair("it", itvalue));
		nvps.add(new BasicNameValuePair("_eventId", "submit"));
		nvps.add(new BasicNameValuePair("userType", "STUDENTE"));
		nvps.add(new BasicNameValuePair("submit", "Accedi"));
		
		httppost.setEntity(new UrlEncodedFormEntity(nvps,HTTP.UTF_8));
		httppost.setHeader("Referer", referer);
		httppost.setHeader("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
		httppost.setHeader("Accept-Language", "it-it,it;q=0.8,en-us;q=0.5,en;q=0.3");
		httppost.setHeader("Accept-Encoding","gzip, deflate");
	
		uri= new URI(location);
		httppost.setURI(uri);
		
		response = httpclient.execute(httppost);
		entity = response.getEntity();
		System.out.println(response.getStatusLine().toString());
		
		printCookies(httpclient);
		

		httpclient.getConnectionManager().shutdown();        
	}




	public static void printCookies(DefaultHttpClient httpclient){
		System.out.println("COOKIES: ");
		List<Cookie> cookies = httpclient.getCookieStore().getCookies();
		if (cookies.isEmpty()) {
			System.out.println("None");
		} else {
			for (int i = 0; i < cookies.size(); i++) {
				System.out.println("- " + cookies.get(i).toString());
			}
		}
	}
}

Can anyone tell me where I've been wrong? Does CAS have some other security system I can't see? Is there something else in the request done from the browser i didn't noticed? I searched for CAS client API but can't find anything interesting. I tried with some different cookies polycie becouse the default in httpComponents left some dirty cookies and I also tried modifying the encoding of the variable i post.

[marcomandy]

Well, I'm going on my project even if nobody could help me till now. I examined more deeper the exchange of information with the CAS server and I noticed that connection my client does with the server is different from the one the web browser establishes. Is it possible that the server checks the connection information? Anybody knows how to force HTTPComponents to establish different connections?

[marcomandy]

solved! There was a wrong varible name!