Home/ Questions/Q 7914547
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T14:09:20+00:00

My application makes multiple web calls in order to get authentication. I need to

  • 0

My application makes multiple web calls in order to get authentication. I need to store this session in a cookie. I wanted to use Cookie Manager but after doing some research, I found out it is only available to API 9 and above and my application needs to be backward compatible.

I make my web connections using HTTPURLConnection to a secure HTTPS. Quick example of my code

    public String iStream_to_String(InputStream is)
{
    BufferedReader rd = new BufferedReader(new InputStreamReader(is), 4096);
    String line;
    StringBuilder sb = new StringBuilder();
    try
    {
        while ((line = rd.readLine()) != null)
        {
            sb.append(line);
        }
        rd.close();

    } catch (IOException e)
    {
        e.printStackTrace();
    }
    String contentOfMyInputStream = sb.toString();
    return contentOfMyInputStream;
}

final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier()
{
    public boolean verify(String hostname, SSLSession session)
    {
        return true;
    }
};

/**
 * Trust every server - dont check for any certificate
 */
private static void trustAllHosts()
{
    // Create a trust manager that does not validate certificate chains
    TrustManager[] trustAllCerts = new TrustManager[]
    { new X509TrustManager()
    {
        public java.security.cert.X509Certificate[] getAcceptedIssuers()
        {
            return new java.security.cert.X509Certificate[]
            {};
        }

        public void checkClientTrusted(X509Certificate[] chain,
                String authType) throws CertificateException
        {
        }

        public void checkServerTrusted(X509Certificate[] chain,
                String authType) throws CertificateException
        {
        }
    } };

    // Install the all-trusting trust manager
    try
    {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection
                .setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e)
    {
        e.printStackTrace();
    }
}

Then I make a request like so

    try
    {
        url = new URL(url1);



        trustAllHosts();
           HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
       https.setHostnameVerifier(DO_NOT_VERIFY);
        http = https;

        InputStream in = new BufferedInputStream(http.getInputStream());

        sAuthenticateP1 = iStream_to_String(in);
        in.close();


    } catch (Exception e)
    {
        e.printStackTrace();
    }

The full authentication is done in 4 steps. I need to have it so the session is remembered throughout the 4 steps. Seeing I can’t use CookieManager, I have been looking around for other ways of doing this, but can’t seem to find any. Would anyone be able to point me in the right direction.

Thanks in advance!!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Figured it out. Incase anyone else is having similar problem, will give quick outline of code. As I said before mine is a several step authentication process. So after the first request, after you have received a response, take the cookie like so

    String cookie = http.getRequestProperty("Cookie");
            if (cookie != null && cookie.length() > 0)
            {
                sCookie = cookie;
                Log.v("cookie2", sCookie);
            }

    sCookie is a static string variable I have set up. Then in the next request, after this line

    https = (HttpsURLConnection) url.openConnection();

    Just put

                https.setRequestProperty("Cookie", sCookie);
            https.setRequestMethod("POST");
            https.setDoInput(true);
            https.setDoOutput(true);

    And do the same thing for each request after that requires the session, and it should work fine

    • 0