C # website logon Study Notes (2): access the pages that can only be accessed after Logon

Source: Internet
Author: User

Previous Note: C # website logon study note (1): log on to a simple website

The previous note describes how to use httpwebrequest and httpwebresponse to log on to a simple website in C #. However, if you use the same method to access a page that requires logon, what will happen? Let's try it first!

Try one:In the previous note, a simple website is created for testing, where loginsuccess. the ASPX page is accessible only after logon. (a user who has not logged on to the page will be redirected to default. ASPX page ). Here we call gethtml ("http: // localhost/testlogin/loginsuccess. aspx") to directly access the loginsuccess. ASPX page and capture packets using HTTP Analyzer:

(Figure 1)
You can see from the packet capture (figure 1) that whenProgramWhen you access the loginsuccess. ASPX page, it is redirected to the default. aspx page, proving that you cannot directly access the page.

Test 2:So is it okay to log on to the loginsuccess. ASPX page by using a program? Let's try again: 1. call gethtml ("http: // localhost/testlogin/default. aspx ", postdata, method. post) login; 2. call gethtml ("http: // localhost/testlogin/loginsuccess. aspx ") Access loginsuccess. ASPX page.

(Figure 2)
Figure 2 shows the second attempt to moderate HTTP analyzer packet capture. 1, 2: The program is in default. after successful logon in aspx, the system automatically jumps to loginsuccess. aspx; 3, 4: after the program successfully logs on, It accesses loginsuccess. the ASPX page is redirected to default. aspx. It seems that this attempt failed again.

However, is there no way to access the page that requires logon in the program? The answer is no! How can this problem be achieved? Before implementation, you must first understand some basic knowledge:

The following text is translated from the blog of Deep BlueArticleUse C # to log on to a website user

HTTP is a connectionless protocol. That is to say, the content and status of this conversation have nothing to do with the previous one. To achieve persistent interaction with users, before the website and the browser establish a session
Creates a session in the memory of the server. This session identifies the user (browser) and each session has a unique ID.
IDs are sent to the browser. In the next browsing, each request sent to the server will contain the sessionid, which indicates its identity.

The server uses memory to save information in the session. What does the browser use to save the sessionid allocated by the server? Yes, it is a cookie. In
When a session is established, the browser requests to the server will not contain the sessionid in the cookie. The server considers the session to be a brand new session and allocates a memory to the server.
Session is used, and the session ID is sent to the browser using set-cookie in the HTTP header.

Haha, it turns out to be a cookie! It seems that we only need to bring the cookie corresponding to the website when accessing the page to be logged on. Cookiecontainer is used to save the cookie.

Try 3:Specify cookiecontainer for httpwebrequest, and log on to and access the loginsuccess. ASPX page.

The modifiedCode:

Cookiecontainer =   New Cookiecontainer (); // Declare cookiecontainer object

// Log on to the website
Httpwebrequest loginhttpwebrequest = (Httpwebrequest) httpwebrequest. Create ( " Http: // localhost/testlogin/default. aspx " );
Loginhttpwebrequest. cookiecontainer = Cookiecontainer; // Specify cookiecontainer for httpwebrequest

Byte [] Byterequest = Encoding. Default. getbytes (postdata );
Loginhttpwebrequest. contenttype = Contenttype;
Loginhttpwebrequest. Referer =   " Http: // localhost/testlogin/default. aspx " ;
Loginhttpwebrequest. Accept = Accept;
Loginhttpwebrequest. useragent = Useragent;
Loginhttpwebrequest. Method =   " Post " ;
Loginhttpwebrequest. contentlength = Byterequest. length;

Stream stream = Loginhttpwebrequest. getrequeststream ();
Stream. Write (byterequest, 0 , Byterequest. Length );
Stream. Close ();

Loginhttpwebrequest. getresponse ();

// Access loginsuccess. aspx
Httpwebrequest = (Httpwebrequest) httpwebrequest. Create ( " Http: // localhost/testlogin/loginsuccess. aspx " );
Httpwebrequest. cookiecontainer = Cookiecontainer; // Specify cookiecontainer for httpwebrequest
Httpwebrequest. getresponse ();

 
Packet Capture:

(Figure 3)
Note that the difference between figure 2 and Figure 2 is "4" missing, which means that the program successfully accesses the page loginsuccess. aspx that requires logon.

Click to download the sample code (vs2008)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.