HttpClient 4, HTTP authentication fails OR session persistance problem DefaultHttpClient httpclient = new DefaultHttpClient(); httpclient.getParams().setParameter(ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY); CookieStore cookieStore = new BasicCookieStore(); HttpContext client_context = new BasicHttpContext(); client_context.setAttribute(ClientContext.COOKIE_STORE, cookieStore); httpclient.setRedirectStrategy(new DefaultRedirectStrategy() { // this is necessary to automatically redirect if new URL is defined in the responce body @Override public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) { boolean isRedirect = false; try { isRedirect = super.isRedirected(request, response, context); } catch (ProtocolException e) { // TODO Auto-generated catch block e.printStackTrace(); } if (!isRedirect) { int responseCode = response.getStatusLine().getStatusCode(); if (responseCode == 301 || responseCode == 302) { return true; } } return isRedirect; } }); HttpPost login = new HttpPost("http://localhost:8080/web/j_spring_security_check"); HttpParams param = new BasicHttpParams(); param.setParameter("j_username", "me"); param.setParameter("j_password", "p"); login.setParams(param); HttpResponse response = httpclient.execute(targetHost, login, client_context); ... ... 1 [org.apache.http.impl.conn.DefaultClientConnection] Sending request: POST /web/j_spring_security_check HTTP/1.1 2 [org.apache.http.headers] >> POST /web/j_spring_security_check HTTP/1.1 3 [org.apache.http.headers] >> Content-Length: 0 4 [org.apache.http.headers] >> Host: localhost:8080 5 [org.apache.http.headers] >> Connection: Keep-Alive 6 [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.1.2 (java 1.5) 7 [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 302 Moved Temporarily 8 [org.apache.http.headers] << HTTP/1.1 302 Moved Temporarily 9 [org.apache.http.headers] << Server: Apache-Coyote/1.1 10 [org.apache.http.headers] << Set-Cookie: JSESSIONID=7FDB4CC310A8784A3DE7B5D9370D124D; Path=/web 11 [org.apache.http.headers] << Location: http://localhost:8080/web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D 12 [org.apache.http.headers] << Content-Length: 0 13 [org.apache.http.headers] << Date: Thu, 01 Sep 2011 17:35:49 GMT 14 [org.apache.http.client.protocol.ResponseProcessCookies] Cookie accepted: "[version: 0][name: JSESSIONID][value: 7FDB4CC310A8784A3DE7B5D9370D124D][domain: localhost][path: /web][expiry: null]". 15 [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely 16 [temp.LoginTest$1] Redirect requested to location 'http://localhost:8080/web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D' 17 [org.apache.http.impl.client.DefaultHttpClient] Redirecting to 'http://localhost:8080/web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D' via HttpRoute[{}->http://localhost:8080] 18 [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: compatibility 19 [org.apache.http.client.protocol.RequestAddCookies] Cookie [version: 0][name: JSESSIONID][value: 7FDB4CC310A8784A3DE7B5D9370D124D][domain: localhost][path: /web][expiry: null] match [localhost:8080/web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D] 20 [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context 21 [org.apache.http.impl.client.DefaultHttpClient] Attempt 2 to execute request 22 [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D HTTP/1.1 23 [org.apache.http.headers] >> GET /web/application.html;jsessionid=7FDB4CC310A8784A3DE7B5D9370D124D HTTP/1.1 24 [org.apache.http.headers] >> Host: localhost:8080 25 [org.apache.http.headers] >> Connection: Keep-Alive 26 [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.1.2 (java 1.5) 27 [org.apache.http.headers] >> Cookie: JSESSIONID=7FDB4CC310A8784A3DE7B5D9370D124D 28 [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 302 Moved Temporarily 29 [org.apache.http.headers] << HTTP/1.1 302 Moved Temporarily 30 [org.apache.http.headers] << Server: Apache-Coyote/1.1 31 [org.apache.http.headers] << Location: http://localhost:8080/web/login.html 32 [org.apache.http.headers] << Content-Length: 0 33 [org.apache.http.headers] << Date: Thu, 01 Sep 2011 17:35:49 GMT 34 [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely