Jump to content

With Java, using the REST API, how do I auth via POST and then use the returned cookie for subsequent calls (GET or POST)?


Recommended Posts

I have example code that will do a POST to authenticate to my server.  That works and is as far as I can get, I have not figured out how to make subsequent calls using the connection that is returned.

After the POST, I want to do a GET.  As I understand it, I must save or use the returned cooking for subsequent calls if I want to do a GET.

Does anyone have a simple single file .java example of doing a POST to authenticate to the server and then doing a GET with the connection that is returned?

I cannot find an example of this anywhere in any documentation or site, but it seems like a very common thing that would be done.

Any help would be greatly appreciated.  If there are dependencies, inncluding a pom.xml would be extremely helpful.


//this works

byte[] creds = ("superuser:superuser").getBytes("utf-8");String jasperAuth = "Basic " + Base64.getEncoder().encodeToString(JasperCred);URL url = new URL("http://localhost:8080/jasperserver-pro");HttpURLConnection con = (HttpURLConnection) url.openConnection();con.setRequestProperty("Authorization", jasperAuth);con.setRequestMethod("POST");

now I have a connection 'con', and want to do another GET and possibly more POST's

How does one auth with POST, and then do a subsequent GET?


I am assuming the POST would save a cookie that I can use in the GET so I would not have to auth with the GET?

I do not want to auth via GET because the user login/password would/could be saved in server log files and is an insecure approach.


Link to comment
Share on other sites

  • 4 weeks later...
  • Replies 1
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic


May i know, why you want to do authentication via POST. 

Anyway, use URL as

"http://localhost:8080/jasperserver-pro/j_spring_security_check?"+ "j_username=" + username+ "&j_password=" + password;

Remove the line "con.setRequestProperty("Authorization", jasperAuth);"   as you are passing credentials in the URL.

Then, your code for connection object with POST should work.

check the response code. If 200, build session id as below:

String session_id = con.toString() + "";
int index1 = session_id.indexOf("=");
int index2 = session_id.indexOf("?");
jsessionId = session_id.substring(index1 + 1, index2); return jsessionId;

pass this session ID for the next request by setting request property as below for new connection object for GET method

url = new URL(urlGET);

HttpURLConnection getConnection = (HttpURLConnection) urlGET.openConnection();

getConnection .setRequestProperty("Cookie", "JSESSIONID=" + session_id);

make sure to set Content-Type, Accept  and request method as "GET" for getConnection object.

Hope it helps.


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...