1
0
-1

Hi,

I am writing a "SSO Get Auth Token" script in Security Manager trying to extract a SSO token from a form post.

Problem

         For some weird reason the body of the HTTPServletRequest is empty. 


Diagnostics

  1. In the HttpServletRequest, all header information are intact, all requestParameters are intact, but when I do HttpServletReqest.getReader() to get the BufferedReader to ready the whole request body in, I got empty String.
  2. I tried to reset the BufferedReader, and read it again, still it is empty string.


Question

  1. When I look at script for Prefill Service, as part of the input to the script, it has "formRequestParams", and that has the form post data I need, but in the "SSO Get Auth Token" script, all I got was "HTTPServletRequest ", how can I get the form post data in the body? Clearly it was read and stored somewhere, but where? How do I access it?
  1. Malcolm Edgar

    With the Java HttpServlet API you can only read the request input data once from memory.  With multi-part posts you have to process in inputstream, parse it out and the pass through the derived request parameters.

    What time of request are you dealing with form-url encoded or multi-part post ?

    regards Malcolm Edgar

CommentAdd your comment...

1 answer

  1.  
    1
    0
    -1

    After receiving help from Larry, we found it was due to URL was incorrect.

    My original URL was

    https://maestro.avoka.com/maguire/servlet/SmartForm.html?formCode=mikechenssotestform

    and since the form is under SecurityManager, so it will redirect to the secured site, and that redirection does not pass the post data through.

    If we change the URL to the "secure" site, then all the post data will go through

    https://maestro.avoka.com/maguire/secure/servlet/SmartForm.html?formCode=mikechenssotestform

      CommentAdd your comment...