HTTP POST & Cookie

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

I have a login page. The login details are authenticated upon submission of the page. If successful, a cookie is setup and the page is redirected to "application.cgi". If user details are invalid, then it goes to the logon page. On every page, user authentication is done. Cookie information is used here. If cookie does not exist, then the user is forced to sign in. This works fine when I go through the logon page.

However, I have links to this application from some other application. I do not want to force the users to login every time. Hence, we came up with an idea to POST these details using LWP::UserAgent. This way everything else works excpet creation of cookie. When the user is successfully authenticated, the page is redirected and status_line prints the status as redirected.

Any of you have any idea why cookie is not being setup?

Here is the code.

1. setcookie.cgi:

#!/usr/local/bin/perl
use CGI;
use DbFunctions;
my $q = new CGI;
my $username = $q->param("username");
my $password = $q->param("password");
my $role = '';
my $redirectto;
if ( $username ne ""  && $password ne "" ) {

        my $validated = Authenticate($username,$password);
        if ( $validated ){
                if( $role eq 'view' ){
                        $redirectto = "searchresults.cgi";
                }
                else{
                        $redirectto = "application.cgi";
                }
                my $cookie_value = $username."^".$password."^".$role;
                my $cookie = $q->cookie( -name    => "cookie_user",
                       -value   => "$cookie_value",
                       -domain  => "",
                       -expires => "+1d",
                       -path    => "");
                #print $q->header(-cookie => $cookie);
                print $q->redirect( -location => $redirectto,
                    -cookie => $cookie );
        }
        else{
                print $q->redirect( -location => "index.cgi?msg=1");
                exit;
        }

}
else {

        print $q->redirect( -location => "index.cgi");
}

exit;
[download]

2. post.pl ( Here I will be passing some id as input. I had removed that part of code.)

#!/usr/local/bin/perl
use CGI;

my $q = new CGI;
use LWP;
use HTTP::Request::Common qw(POST GET);
use LWP::UserAgent;


print "Content-type: text/html\n\n";

$ip_line="http://XXXXXX/setcookie.cgi";

my $ua = new LWP::UserAgent;
#$ua->agent("AgentName/0.1 " . $ua->agent);

#my $req = new HTTP::Request "POST","$ip_line";
#$req->content("username=user&password=pwd");
$ua->timeout(45);                       # 45-sec timeout

my $req = POST $ip_line, [
    username => "user",
    password => "pwd"
];

my $res = $ua->request($req);
print "status=[".$res->status_line."]n";
#$content = $res->content();
#print $content;
[download]

Edited by Chady -- code tags.

Comment on HTTP POST & Cookie Select or Download Code

Replies are listed 'Best First'.
Re: HTTP POST & Cookie by trantor (Chaplain) on Jul 20, 2004 at 15:40 UTC
I couldn't try your code because you didn't follow the Writeup Formatting Tips, however you need at least to define a cookie jar where to store your cookies on the client side, for example: `$ua = LWP::UserAgent->new(cookie_jar => $cookie_jar_name);` LWP::UserAgent has much more on the subject of setting up a cookie jar.	[reply] [d/l]
Re: HTTP POST & Cookie by gwhite (Friar) on Jul 20, 2004 at 15:38 UTC
Your code looks OK at first glance, it could be an issue with the webserver. What flavor are you using? On the Perl side, have you tried your code with the CGI non-parsed headers option (-nph in your redirect) turned on? g_White	[reply]
Re: HTTP POST & Cookie by Anonymous Monk on Jul 20, 2004 at 18:27 UTC
Thanks for the replies. I added this following line to my code. my $ua = new LWP::UserAgent; $ua->cookie_jar(HTTP::Cookies->new(file=>'cookies.txt',autosave=>1,ignore_discar d=>1)); Then I can see the cookie details in cookies.txt file. The status tells me that the page is redirected to "application.cgi". But I do not see the contents of the redirected page. AKJ.	[reply]
Re^2: HTTP POST & Cookie by Joost (Canon) on Jul 20, 2004 at 18:31 UTC
You can use <code> tags. please do. it will make your posts easier to read, your code easier to download, and you're much more likely to get a helpful reply. And use the preview button and look at the output before you submit a post. "What should it profit a man, if he should win a flame war, yet lose his cool?"	[reply]