In Android/Java I have a requirement where with the username and password I hit a particular site and get the reponse.
I am able to get that reponse. But from that response how would I know if I have entered the correct username/password. As I get response for both correct and wrong username/password.
I have response and cookies with me. From these how can I know if wht I have entered is correct username/password.
This is the code that I am using.
HttpGet httpGet = new HttpGet(uri);
httpGet.addHeader("User-Agent", USER_AGENT);
HttpResponse response = httpClient.execute(httpGet, httpContext);
Here in response I am getting the same content for correct and wrong username/password
The server has its logic to deal with in/correct username/password, but typically, this is done via the response body, not the response headers. About the only time the 401 response code is used, is when a site uses domain (NTML) credentials and either they haven’t been supplied or they were incorrect.
The difference being that NTML authentication is done by the browser, and so it knows how to ask for the username/password, while the more typical forms based authentication is done by the server asking for and then validating the input – the browser really doesn’t understand what kind of request is being made, it is just submitting some form data, and the server then responds to that with some data: for 🙂 or :(. The browser treats both contents the same way.