HttpClient For User Login From Application

Andy Daykin July 18, 2013

Hello, I want to allow a user to click a link in a separate application and then be automatically logged into confluence. I am trying to accomplish this with the apache HttpClient library to make a post request to the login page and then retrieve the cookie, and then redirect the user the home page. Right now I am able to get the studio.crowd.tokenkey cookie for authentication after I make the post request, but when I try and redirect the user to the home page it doesn't seem to work. Here is the code that I am trying to use:

DefaultHttpClient httpclient = new DefaultHttpClient();
        HttpPost httpost = new HttpPost("https://mycompany.atlassian.net/wiki/dologin.action");

        CookieHandler.setDefault(new CookieManager());

        List <NameValuePair> nvps = new ArrayList <NameValuePair>();
        nvps.add(new BasicNameValuePair("os_username", "user"));
        nvps.add(new BasicNameValuePair("os_password", "pass"));
        nvps.add(new BasicNameValuePair("login", "Log In"));

        httpost.setHeader("Accept","*/*");
        httpost.setHeader("Content-Type", "application/x-www-form-urlencoded");
        httpost.getParams().setParameter(
                ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY);

        httpost.setEntity(new UrlEncodedFormEntity(nvps, Consts.UTF_8));
        
        HttpResponse response = null;
        try {
            response = httpclient.execute(httpost);
            HttpEntity entity = response.getEntity();
            EntityUtils.consume(entity);
            System.out.println("Login form get: " + response.getStatusLine());
        } catch (ClientProtocolException e1) {
            e1.printStackTrace();
        } catch (IOException e1) {
            e1.printStackTrace();
        }   

        httpclient.getConnectionManager().shutdown();
        
        System.out.println("Post logon cookies:");
        List<Cookie> cookies = httpclient.getCookieStore().getCookies();
        ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
        HttpServletResponse servletResponse = (HttpServletResponse) ec.getResponse();

        if (cookies.isEmpty()) {
            System.out.println("None");
        } else {
            for (int i = 0; i < cookies.size(); i++) {
                javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(cookies.get(i).getName(), cookies.get(i).getValue());
                cookie.setDomain(cookies.get(i).getDomain());
                cookie.setPath(cookies.get(i).getPath());
                cookie.setMaxAge(10000);
                cookie.setSecure(true);
                servletResponse.addCookie(cookie);
cookies.get(i).getValue(), cookieParams);
cookieString);CookieManager.getDefault().
            }
        }
try {
            servletResponse.sendRedirect("https://mycompany.atlassian.net");
        } 
        catch (IOException e) {
        }

1 answer

1 accepted

1 vote
Answer accepted
Dave
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 23, 2013

Hi Andy,

This is currently by design. For security purposes, it is not possible to login to OnDemand via any sort of script or call outside of using SSO via GApps (which is currently only possible if you are using JIRA as well).

Thanks,

-dave

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events