taylansan Posted May 27, 2015 Share Posted May 27, 2015 Dear AutoIt Community,I have checked some HTTP examples in the forums. So, I created a basic script as the following:$login = ObjCreate("winhttp.winhttprequest.5.1") $sUsername = "ty" $sPassword = "AAbb11!!" Local $url = "http://192.168.182.160:9889/authenticate.action" $login_packet = "username=" & $sUsername & "&password=" & $sPassword & "&vcode=0000&dstInfo=300%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0&language=en_US&name=default" $login.open("POST", $url) $login.SetRequestHeader("Content-Type", "application/x-www-form-urlencoded") $login.send($login_packet) $login.WaitForResponse() $cookies = $login.GetAllResponseHeaders() ConsoleWrite($cookies & @CRLF)Actually, the username and password is correct. I got the following response:Cache-Control: no-store,no-cache Date: Wed, 27 May 2015 12:33:22 GMT Content-Length: 95 Content-Type: text/plain;charset=UTF-8 Server: OpenAS Set-Cookie: session_cookie=34431a76-54d5-498f-aae2-866dd5199304; Path=/; HttpOnly Set-Cookie: JSESSIONID=3FCE7FEE16230EF25BD2DFA280958212; Path=/; HttpOnlyIf I change the username or password, I want to a failed login, I got this:Cache-Control: no-store,no-cache Date: Wed, 27 May 2015 12:34:25 GMT Content-Length: 87 Content-Type: text/plain;charset=UTF-8 Server: OpenAS Set-Cookie: session_cookie=01a233ed-a008-496a-89b1-0d044d03949a; Path=/; HttpOnly Set-Cookie: JSESSIONID=4350A7C51D6C0E7F294ED9D6E08DB9A6; Path=/; HttpOnlyOnly the session cookie and session ID is changed. But there is no result whether I failed to login. Here is the successful HTTP result:http://192.168.182.160:9889/authenticate.action POST /authenticate.action HTTP/1.1 Host: 192.168.182.160:9889 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded;charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://192.168.182.160:9889/login.action?ssoLogin=true Content-Length: 148 Cookie: session_cookie=77e59d47-fa86-4ce4-87c2-8486e68c7dbd; JSESSIONID=05788845F16A110B6C7747DFDB9B7F3F; bme_locale_session=en_US; sna_cookie=; locale_cookie=en_US; access_time_cookie=0 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache username=ty&password=AAbb11!!&vcode=0000&dstInfo=300%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0&language=en_US&name=default HTTP/1.1 200 OK Cache-Control: no-store,no-cache Set-Cookie: session_cookie=99e86bd3-6308-4ce1-ab29-960aa69147e9; Path=/; HttpOnly Set-Cookie: sna_cookie=99e86bd3-6308-4ce1-ab29-960aa69147e9; Path=/; HttpOnly Set-Cookie: locale_cookie=en_US; Expires=Fri, 26-Jun-2015 10:31:48 GMT; Path=/ Set-Cookie: JSESSIONID=56472DD2CEBF17A3218C3765585380A9; Path=/; HttpOnly Content-Type: text/plain;charset=UTF-8 Content-Length: 49 Date: Wed, 27 May 2015 10:31:47 GMT Server: OpenASHere is the failed HTTP result:http://192.168.182.160:9889/authenticate.action POST /authenticate.action HTTP/1.1 Host: 192.168.182.160:9889 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded;charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://192.168.182.160:9889/login.action?ssoLogin=true Content-Length: 149 Cookie: session_cookie=acec9a18-b702-4f7b-96c6-667a7b35ac08; JSESSIONID=4211585FF6FE3DFC19FEF39196DCB61A; bme_locale_session=en_US Connection: keep-alive Pragma: no-cache Cache-Control: no-cache username=ty&password=dsadsadsa&vcode=0000&dstInfo=300%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0%3A0&language=en_US&name=default HTTP/1.1 200 OK Cache-Control: no-store,no-cache Content-Type: text/plain;charset=UTF-8 Content-Length: 111 Date: Wed, 27 May 2015 11:21:43 GMT Server: OpenAS As I see, the successful result includes cookies and session ID; but failed result doesn't include these.I wonder why the result of the script for failed attempt still showing session ID.Can you please tell me what to modify in my script in order not to get session ID when login failed?Any comments are welcome, thanks. TY. Link to comment Share on other sites More sharing options...
taylansan Posted May 28, 2015 Author Share Posted May 28, 2015 (edited) Hello, still need some advice on this. Thanks again Edited May 29, 2015 by taylansan TY. Link to comment Share on other sites More sharing options...
taylansan Posted May 29, 2015 Author Share Posted May 29, 2015 Hello, still need some advice on this. Thanks again.Sorry for duplicate message. Because of the massive Korean spam yesterday, I thought people couldn't see my post. TY. Link to comment Share on other sites More sharing options...
.thumb.jpg.bcfb48e92c107ce0a0b880bf95ad6da9.jpg)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now