Waves

HttpURLConnection in the JDK has a bizarre bug. When it receives a HTTP response code in the 3xx range, it performs redirection to the web page mentioned in the “Location” header. However, when it does this, it forgets to send all the cookies with the request. Therefore, if you are working with any of the web 2.0 APIs which perform redirection and require this authentication cookie with each request, you are doomed because the server will redirect to the login page thinking that this is an unauthenticated request.

The solution for this is pretty simple. If you have written code like below:

URL u = new URL(“http://www.example.com”);

HttpURLConnection conn = (HttpURLConnection) u.openConnection();

You have to add one more line that sets redirection to “FALSE” & do the redirection yourself with the cookies, which becomes like:

URL u = new URL(“http://www.example.com”);

HttpURLConnection conn = (HttpURLConnection) u.openConnection();

conn.setInstanceFollowRedirects(false); // do not redirect

String locHeader = conn.getHeaderField(“Location”); // get the location

String cookies = conn.getHeaderField(“Set-Cookie”); // get the cookie

u = null; conn = null;

u = new URL(locHeader);

conn = (HttpURLConnection) u.openConnection();

conn.setRequestProperty(“Cookie”, cookies); // set the cookie yourself

….

Done! That should solve the bug. If this seems too much to do, then you should consider using this excellent HttpClient library from Apache.

I did the above mentioned stuff for this Free SMS Java Library because:

1. The library has to be very small because it is just one file.
2. Eliminate external dependencies that will bloat the library.