Reusing HTTP Session

I am trying to reuse the JSESSIONID from the header of the response in order to reuse the HTTP session. However, everytime I do that I get the following:

(401, ‘Unauthorized’)
HTTP Status 401 - Full authentication is required to access this resource

my request was a GET for /ws/sci

any idea how to solve this?

I think you need to supply the authentication headers for each request. Not just the first one.

You need more than just the JSESSIONID value from the set-cookie header if you want to maintain your session without re-authenticating. The easiest would be to take all of the values sent down in the Set-Cookie header and return them in your Cookie header.

Chris

I am trying to reuse the JSESSIONID from the header of the response in order to reuse the HTTP session. However, everytime I do that I get the following:

(401, ‘Unauthorized’)
HTTP Status 401 - Full authentication is required to access this resource

my request was a GET for /ws/sci

any idea how to solve this?

I also had this same problem. These post helps me so much.

hi cpopp,

do you have a code example on what you have explained?

I don’t have a clean example, but I did code a small rough snippet to try it to make sure it worked before responding earlier. I attached it, but mainly for the purposes of showing how I grabbed the cookies and included them in a subsequent request.

I just saved any entries that showed up in the “Set-Cookie” header, making sure to handle multiple entries, and then included them in the “Cookie” header in subsequent requests. The code would need to be a bit more robust to handle different scenarios though…for example, if your session times out you might need to handle that situation and provide your credentials to create a new session.

Alternatively, you could provide your credentials along with the cookies with each request. The credentials would be ignored unless the session is invalid, and then a new session with be created without a 401 being returned. (In this case, you would be given a new session in the Set-Cookie header).

Chris