HttpClient For User Login From Application

Hello, I want to allow a user to click a link in a separate application and then be automatically logged into confluence. I am trying to accomplish this with the apache HttpClient library to make a post request to the login page and then retrieve the cookie, and then redirect the user the home page. Right now I am able to get the studio.crowd.tokenkey cookie for authentication after I make the post request, but when I try and redirect the user to the home page it doesn't seem to work. Here is the code that I am trying to use:

DefaultHttpClient httpclient = new DefaultHttpClient();
        HttpPost httpost = new HttpPost("https://mycompany.atlassian.net/wiki/dologin.action");

        CookieHandler.setDefault(new CookieManager());

        List <NameValuePair> nvps = new ArrayList <NameValuePair>();
        nvps.add(new BasicNameValuePair("os_username", "user"));
        nvps.add(new BasicNameValuePair("os_password", "pass"));
        nvps.add(new BasicNameValuePair("login", "Log In"));

        httpost.setHeader("Accept","*/*");
        httpost.setHeader("Content-Type", "application/x-www-form-urlencoded");
        httpost.getParams().setParameter(
                ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY);

        httpost.setEntity(new UrlEncodedFormEntity(nvps, Consts.UTF_8));
        
        HttpResponse response = null;
        try {
            response = httpclient.execute(httpost);
            HttpEntity entity = response.getEntity();
            EntityUtils.consume(entity);
            System.out.println("Login form get: " + response.getStatusLine());
        } catch (ClientProtocolException e1) {
            e1.printStackTrace();
        } catch (IOException e1) {
            e1.printStackTrace();
        }   

        httpclient.getConnectionManager().shutdown();
        
        System.out.println("Post logon cookies:");
        List<Cookie> cookies = httpclient.getCookieStore().getCookies();
        ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
        HttpServletResponse servletResponse = (HttpServletResponse) ec.getResponse();

        if (cookies.isEmpty()) {
            System.out.println("None");
        } else {
            for (int i = 0; i < cookies.size(); i++) {
                javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(cookies.get(i).getName(), cookies.get(i).getValue());
                cookie.setDomain(cookies.get(i).getDomain());
                cookie.setPath(cookies.get(i).getPath());
                cookie.setMaxAge(10000);
                cookie.setSecure(true);
                servletResponse.addCookie(cookie);
cookies.get(i).getValue(), cookieParams);
cookieString);CookieManager.getDefault().
            }
        }
try {
            servletResponse.sendRedirect("https://mycompany.atlassian.net");
        } 
        catch (IOException e) {
        }

1 answer

1 accepted

1 vote
Accepted answer

Hi Andy,

This is currently by design. For security purposes, it is not possible to login to OnDemand via any sort of script or call outside of using SSO via GApps (which is currently only possible if you are using JIRA as well).

Thanks,

-dave

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Oct 24, 2018 in Confluence

Atlassian Research opportunity with Confluence templates

Do you use templates with Confluence? Take part in a remote 1-hr workshop. You'll receive USD $100 for your time!   We're looking for people to participate in a   remote 1-hr workshop...

1,569 views 26 14
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you