Homepage | Products | OX Knowledge Base | Support | Try Now | Contact | Company
OX Logo
Results 1 to 4 of 4
  1. #1

    Default session handling problem with HTTP API

    Hello,

    I'm trying to use the HTTP API of Open-Xchange in order to retrieve information from the server for another application. The initial POST request to get the session id is working properly. I get the following header from the Open-Xchange server (debug log from my client):

    >Date: Fri, 09 Jan 2009 14:07:36 GMT
    >Expires: Sat, 06 May 1995 12:00:00 GMT
    >Content-Type: text/javascript; charset=UTF-8
    >Pragma: no-cache
    >Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
    >Set-Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/
    >Set-Cookie: JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/
    >Vary: User-Agent
    >Keep-Alive: timeout=15, max=100
    >Connection: Keep-Alive
    >Transfer-Encoding: chunked

    and the following data:

    {"session":"6e22a52a63ee499ba50a575b29e8eec3","ran dom":"0dce7a735a42448c8330e378747ae2fa"}

    I then try to list all folders and I sent the following GET request:

    > GET /ajax/folders?action=root&session=6e22a52a63ee499ba50a57 5b29e8eec3&columns=20,301,302 HTTP/1.1
    > Connection: Keep-Alive
    > Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/, JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/
    > Host: xchange.somehost.com
    > Accept: text/html, */*
    > Accept-Encoding: deflate, gzip
    > Accept-Language: fr, ru, us
    > User-Agent: AWS (Ada Web Server) v2.6.0w

    I get the following headers from Open-Xchange:

    >Date: Fri, 09 Jan 2009 14:07:36 GMT
    >Expires: Sat, 06 May 1995 12:00:00 GMT
    >Content-Type: text/javascript; charset=UTF-8
    >Pragma: no-cache
    >Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
    >Set-Cookie: JSESSIONID=333ab9827bd9489b823075cec6095c5a.APP1; path=/
    >Vary: User-Agent
    >Keep-Alive: timeout=15, max=99
    >Connection: Keep-Alive
    >Transfer-Encoding: chunked

    And in the body an error message:

    {"category":4,"error_params":["52582bfadac8497686df8213f08f6aec; path=/"],"error":"Your session %s expired. Please start a new browser session.","error_id":"2076621541-519","code":"SES-0203"}

    This is surprising as I am reusing the correct session id and the proper cookie seems to be sent to the server as well. Any help to spot where the error lies would be very appreciated.

    Thank you in advance,

    MichaŽl

  2. #2
    Carsten Hoeger is offline Open-Xchange Professional Services
    Join Date
    Mar 2007
    Posts
    703

    Default

    You need to always provide the session cookie.
    You might want to have a look at this example on how
    to achieve that using curl:

    http://www.open-xchange.com/wiki/ind...xport_icl/vard
    OXpedia.org - the answer to almost all questions.

  3. #3

    Default

    Thank you for your prompt answer. In fact the session cookie *is* in the request:

    Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/, JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/

    Now, it got it to work by keeping the open-xchange-session-etc. key only:

    Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec

    In that case, the request works. It looks like the server does not like the other cookie entries. Is that expected?

    MichaŽl

  4. #4
    Join Date
    Feb 2007
    Posts
    253

    Default

    Omit the ", path=/" parts, they are only for the client.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •