Closed GoogleCodeExporter closed 8 years ago
I don't see that you're setting any cookies in the request?! Or do you mean to
log the response? Here you're only logging the request.
Original comment by johan.ha...@gmail.com
on 14 May 2013 at 7:02
The response is containing Set-Cookie header and HTTP status 302
(redirect-after-post pattern)
You can see that rest-assured does not log any cookies.
Original comment by everf...@gmail.com
on 18 May 2013 at 10:30
You're only logging the HTTP request, not the response. In order to log the
HTTP response you should use:
expect().log().all().when().get("/demo");
Original comment by johan.ha...@gmail.com
on 21 May 2013 at 9:31
Right, changed test case - still cookies not logged.
I even added a request logging filter like
final String body = given().filter(new
RequestLoggingFilter()).expect().log().all().get("/demo").asString();
Request method: GET
Request path: .../demo
Request params: <none>
Query params: <none>
Form params: <none>
Path params: <none>
Headers: Accept=application/json
Content-Type=application/json
Cookies: <none>
Body: <none>
HTTP/1.1 404 Not Found //this is fine and expected
Date=Tue, 21 May 2013 11:00:17 GMT
Server=Apache
Strict-Transport-Security=max-age=2592000; includeSubDomains
X-Content-Type-Options=nosniff
X-XSS-Protection=1; mode=block
Vary=Accept-Encoding
Content-Encoding=gzip
Content-Length=182
Keep-Alive=timeout=5, max=100
Connection=Keep-Alive
Content-Type=text/html; charset=iso-8859-1
<html xmlns="http://www.w3.org/1999/xhtml">
What I see is the *second* request beeing logged, not the first where the
authentication happens/cookies are beeing set and a HTTP 302 is returned.
Original comment by everf...@gmail.com
on 21 May 2013 at 11:02
I don't understand, I don't see that you do any authentication in your example!?
Original comment by johan.ha...@gmail.com
on 21 May 2013 at 11:10
Accessing the special URL ("/demo") is sufficient for authentication in my
application.
That requests results in
HTTP 302 + set-cookie
Original comment by everf...@gmail.com
on 21 May 2013 at 11:15
What kind of authentication are you using?
Original comment by johan.ha...@gmail.com
on 21 May 2013 at 11:20
Accessing that URL is sufficient as authentication. A session is created for
the user then.
Original comment by everf...@gmail.com
on 21 May 2013 at 11:24
What if you configure RA to not follow redirects, does that mean that you get a
cooke?
Original comment by johan.ha...@gmail.com
on 21 May 2013 at 11:48
final String cookie = given().redirects().follow(false).filter(new
RequestLoggingFilter()).expect().log().all().get("/demo").cookie("JSESSIONID");
logger.info("Cookie:" +cookie);
Still no session cookie, neither in request logging filter, nor in the result
of .cookie();
Request method: GET
Request path: ..../demo
Request params: <none>
Query params: <none>
Form params: <none>
Path params: <none>
Headers: Content-Type=*/*
Cookies: <none>
Body: <none>
HTTP/1.1 302 Found
Date=Tue, 21 May 2013 17:17:47 GMT
Server=Apache-Coyote/1.1
Strict-Transport-Security=max-age=2592000; includeSubDomains
X-Content-Type-Options=nosniff
X-XSS-Protection=1; mode=block
X-Version=1.0.0.CI-SNAPSHOT-7e87603
Location=....
Content-Language=en-US
Content-Length=0
Keep-Alive=timeout=5, max=100
Connection=Keep-Alive
INFO n.b.p.i.HttpRestIT:104 - Cookie:null
Original comment by everf...@gmail.com
on 21 May 2013 at 5:22
Are you really sure that your server really provides a cookie?
Original comment by johan.ha...@gmail.com
on 22 May 2013 at 6:29
Yes.
This is the workaround I have in place for RA-229, RA-234, RA-235 now. It is
called in a @BeforeClass part of the junit test.
private static void authenticateQuirk() throws Exception
{
final CookieStore cookieStore = new BasicCookieStore();
final HttpClient httpclient = HttpClientBuilder.create().setDefaultCookieStore(cookieStore).build();
httpclient.execute(new HttpGet("/demo"));
final List<Cookie> cookies = cookieStore.getCookies();
for (final Cookie cookie : cookies)
{
if(cookie.getName().equals("JSESSIONID"))
{
final String sessionId = cookie.getValue();
//RestAssured.sessionId = sessionId; // 234
final com.jayway.restassured.response.Cookie sessionCookie = new com.jayway.restassured.response.Cookie.Builder("JSESSIONID", sessionId).build();
RestAssured.requestSpecification.cookie(sessionCookie);
}
}
}
Original comment by everf...@gmail.com
on 22 May 2013 at 9:41
So if I were to reproduce this I could just create a resource that returns a
cookie and a redirect at the same time? In these cases RA doesn't include the
cookie?
Original comment by johan.ha...@gmail.com
on 22 May 2013 at 9:51
That is my current understanding of the issue.
Original comment by everf...@gmail.com
on 22 May 2013 at 9:57
Ok I'll try to see if I get reproduce it when I find some time. Thank you so
far!
Original comment by johan.ha...@gmail.com
on 22 May 2013 at 10:01
I've tried to reproduce this but I can't. Here's my server resource:
get("/redirect-and-set-cookie") {
val url: String = {params("url")}
val cookie: Cookie = new Cookie("cookieName", "cookieValue")
response.addCookie(cookie)
redirect(url)
}
And this is the test:
given().
redirects().follow(false).
param("url", "/hello").
expect().
statusCode(302).
cookie("cookieName", "cookieValue").
header("location", "http://localhost:8080/hello").
when().
get("/redirect-and-set-cookie");
This means that I get cookies when redirects are disabled. By default Rest
Assured is configured not to include cookies in redirects but if you change
that it'll be included on redirects as well:
given().
config(newConfig().httpClient(httpClientConfig().setParam(COOKIE_POLICY, BROWSER_COMPATIBILITY))).
param("url", "/reflect").
expect().
statusCode(200).
cookie("cookieName", "cookieValue").
when().
get("/redirect-and-set-cookie");
Original comment by johan.ha...@gmail.com
on 22 Nov 2013 at 7:53
Original issue reported on code.google.com by
everf...@gmail.com
on 11 May 2013 at 6:15