Friends,

I have a J2EE web app that I need to write a LWP script for. This web app has a web page where your enter username and password. I can't seem to figure out the correct way to have my LWP scripts send the username and password.

Here's a snippet that demostrates what I am doing ... 
#!/usr/local/bin/perl -w
use strict;
use LWP::UserAgent;
use LWP::Simple;  
use HTTP::Cookies;
use HTTP::Request::Common;
use HTTP::Headers;       

.
.
.

sub do_LWPsetup {
        my $ref2browser = shift;

    $HTTP::Request::Common::DYNAMIC_FILE_UPLOAD = 1;

    #create an LWP browser object
    $$ref2browser = LWP::UserAgent->new();

    #allow POST redirects
    push @{$$ref2browser->requests_redirectable}, 'POST';

    #enable cookie support (dont know if this is really neccesary
    $$ref2browser->cookie_jar(new HTTP::Cookies );

    return 1;
}

sub do_logon {
    my $userid      = shift;
    my $password    = shift;
    my $url         = shift;
    my $browser     = shift;
    my $loginurl    = "$url/logon.jsp";

    my $resp  = $browser->post($loginurl,
            [                
            'j_username' => $userid,
            'j_password' => $password,
            'submit' => 'Submit'      
    ]);                  

    print "do_logon " . __FILE__ . "[" . __LINE__ ."] resp =[" . Dumpe
+r($resp) . "]\n";
    if (do_errorcheck($resp,'Logon')) { print $resp->{'_msg'} . "\n"; 
+return 0; }
    if ($debug_level > 0) { print "\nLogon Success: $userid"; }
    return 1;
}

.
.
.

getUserPassword( \$user, \$password );

my $browser;


my $rc = do_LWPsetup( \$browser );
if ($rc==0) {
        print "Failure: do_LWPStuff failed\n";
    exit 1;
}      
       
if (!do_logon( $user, $password, $url, $browser )) {
        print "Failure: do_logon failed\n";
        exit 2;
} else {
        print "Where in!\n";
}

[download]
Here's what happens when I run it ... 
Enter user: TEST001
Enter password: *******
do_logon BEGIN myscript.pl[269]
do_logon resp myscript.pl[283] resp =[$VAR1 = bless( {
                 '_protocol' => 'HTTP/1.1',
                 '_content' => '
<html>
<head>
<title>
  xyz Secure HTTP File Uploader Logon 
</title>
</head>
<center>
<br><br><form action="j_security_check" method=post>
<table>
<tr>
   <td align="center" >
   <table border="0">
   <tr>
   <td><b>Enter your name: </b></td>
   <td>
      <input type="text" size="15" name="j_username"> 
   </td>
   </tr>
   <tr>
   <td><b>Enter your password: </b></td>
   <td> 
      <input type="password" size="15" name="j_password">
   </td>
   </tr>
   <tr>
   <td></td>
   <td align="right"> 
   <input type="submit" value="Submit">
   </td>
   </tr>
   <tr>
   <td><br></td>
   </tr>
</table>
</td>
</tr>
</table>
</form>
</center>
</html>
',
                 '_rc' => '200',
                 '_headers' => bless( {
                                        'connection' => 'close',
                                        'x-powered-by' => [
                                                            'Servlet/2
+.4',
                                                            'JSP/2.0'
                                                          ],
                                        'client-response-num' => 1,
                                        'set-cookie' => 'JSESSIONID=27
+CCB71220635A381F38052A601A5C33; Path=/xyzSecureUpLoad_III; Secure',
                                        'date' => 'Mon, 01 Mar 2004 17
+:43:47 GMT',
                                        'client-ssl-cert-issuer' => '/
+C=US/ST=California/L=Santa Clara/O=Sun Microsystems/OU=SunONE/CN=S1AS
+',
                                        'client-ssl-cipher' => 'EDH-RS
+A-DES-CBC3-SHA',
                                        'client-peer' => 'localhost:10
+43',
                                        'content-length' => '661',
                                        'client-date' => 'Mon, 01 Mar 
+2004 17:43:47 GMT',
                                        'content-type' => 'text/html;c
+harset=ISO-8859-1',
                                        'client-ssl-warning' => 'Peer 
+certificate not verified',
                                        'client-ssl-cert-subject' => '
+/C=US/ST=California/L=Santa Clara/O=Sun Microsystems/OU=SunONE/CN=S1A
+S',
                                        'server' => 'Sun-Java-System/A
+pplication-Server-PE-8.0',
                                        'title' => 'xyz Secure HTTP Fi
+le Uploader (ASHFU) Logon'
                                      }, 'HTTP::Headers' ),
                 '_msg' => 'OK',
                 '_request' => bless( {
                                        '_content' => 'j_username=TEST
+001&j_password=TEST001&submit=Submit',
                                        '_uri' => bless( do{\(my $o = 
+'https://localhost:1043/xyzSecureUpLoad_III/logon.jsp')}, 'URI::https
+' ),
                                        '_headers' => bless( {
                                                               'user-a
+gent' => 'libwww-perl/5.69',
                                                               'conten
+t-type' => 'application/x-www-form-urlencoded',
                                                               'conten
+t-length' => 51
                                                             }, 'HTTP:
+:Headers' ),
                                        '_method' => 'POST'
                                      }, 'HTTP::Request' )
               }, 'HTTP::Response' );
]
do_logon END myscript.pl[289]

[download]

I gave the correct user and password but all I get is logon.jsp again! I have entered incorrect user and passwords and still all I get is logon.jsp!?!?!?

I have tried changing the line ... 
    my $loginurl    = "$url/logon.jsp";

[download]
... to ... 
    my $loginurl    = "$url/j_security_check";

[download]
But when I do that I get this HTML ... 
HTTP Status 400 - Invalid direct reference to form login page

type Status report

message Invalid direct reference to form login page

description The request sent by the client was syntactically incorrect
+ (Invalid direct reference to form login page).

J2EETM 1.4 Application Server

[download]
Anyone know what that is all about?

What am I doing wrong?

Plankton: 1% Evil, 99% Hot Gas.

20040301 Edit by Corion: Changed PRE tag around server response to CODE to remove the page-widening

20040301 Edit by jdporter: added <readmore> tags

In reply to LWP and j_security_check form-based login? by Plankton

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.