Announcement

Collapse
No announcement yet.

session handling problem with HTTP API

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • session handling problem with HTTP API

    Hello,

    I'm trying to use the HTTP API of Open-Xchange in order to retrieve information from the server for another application. The initial POST request to get the session id is working properly. I get the following header from the Open-Xchange server (debug log from my client):

    >Date: Fri, 09 Jan 2009 14:07:36 GMT
    >Expires: Sat, 06 May 1995 12:00:00 GMT
    >Content-Type: text/javascript; charset=UTF-8
    >Pragma: no-cache
    >Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
    >Set-Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/
    >Set-Cookie: JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/
    >Vary: User-Agent
    >Keep-Alive: timeout=15, max=100
    >Connection: Keep-Alive
    >Transfer-Encoding: chunked

    and the following data:

    {"session":"6e22a52a63ee499ba50a575b29e8eec3","ran dom":"0dce7a735a42448c8330e378747ae2fa"}

    I then try to list all folders and I sent the following GET request:

    > GET /ajax/folders?action=root&session=6e22a52a63ee499ba50a57 5b29e8eec3&columns=20,301,302 HTTP/1.1
    > Connection: Keep-Alive
    > Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/, JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/
    > Host: xchange.somehost.com
    > Accept: text/html, */*
    > Accept-Encoding: deflate, gzip
    > Accept-Language: fr, ru, us
    > User-Agent: AWS (Ada Web Server) v2.6.0w

    I get the following headers from Open-Xchange:

    >Date: Fri, 09 Jan 2009 14:07:36 GMT
    >Expires: Sat, 06 May 1995 12:00:00 GMT
    >Content-Type: text/javascript; charset=UTF-8
    >Pragma: no-cache
    >Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
    >Set-Cookie: JSESSIONID=333ab9827bd9489b823075cec6095c5a.APP1; path=/
    >Vary: User-Agent
    >Keep-Alive: timeout=15, max=99
    >Connection: Keep-Alive
    >Transfer-Encoding: chunked

    And in the body an error message:

    {"category":4,"error_params":["52582bfadac8497686df8213f08f6aec; path=/"],"error":"Your session %s expired. Please start a new browser session.","error_id":"2076621541-519","code":"SES-0203"}

    This is surprising as I am reusing the correct session id and the proper cookie seems to be sent to the server as well. Any help to spot where the error lies would be very appreciated.

    Thank you in advance,

    Michaël

  • #2
    You need to always provide the session cookie.
    You might want to have a look at this example on how
    to achieve that using curl:

    Comment


    • #3
      Thank you for your prompt answer. In fact the session cookie *is* in the request:

      Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec; path=/, JSESSIONID=8399b6a9f801477a9cb2a7a3243cdd80.APP1; path=/

      Now, it got it to work by keeping the open-xchange-session-etc. key only:

      Cookie: open-xchange-session-6e22a52a63ee499ba50a575b29e8eec3=52582bfadac849768 6df8213f08f6aec

      In that case, the request works. It looks like the server does not like the other cookie entries. Is that expected?

      Michaël

      Comment


      • #4
        Omit the ", path=/" parts, they are only for the client.

        Comment

        Working...
        X