I'm trying to make a Java application that sends some POST requests to a server. The first request is the one with authentication information. Then when I send the next request, I'm getting the answer that my session is expired. But I'm sending the next request within the same second, so, it can't be timed out.

So I guess there is something like a HTTP Session in Java, which I need to use for sending my request that way the server knows its following the previous request.

I've been searching Google, but can't find anything. Only something about Servlets. But I'm creating a desktop application.

PS: I'm new to sending HTTP requests and this kind of things.

Thanks in advance,
Martijn

Edit: This is the code I use currently:

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;

/**
 *
 * @author martijn
 */
public class PostRequest {

    private String _url;
    private List<PostParameter> params;

    public PostRequest(String url) {
        this._url = url;
        this.params = new ArrayList<PostParameter>();
    }

    public void addParam(String key, String value)
    {
        params.add(new PostParameter(key, value));
    }

    public String getURL()
    {
        return _url;
    }

    public InputStream request() throws IOException {
        URL url = new URL(this._url);
        URLConnection conn = url.openConnection();
        if (params.size() > 0) {

            conn.setDoOutput(true);

            StringBuilder data = new StringBuilder();
            for (int i = 0; i < params.size(); i++) {
                if (i > 0) {
                    data.append("&");
                }
                String key = params.get(i).key;
                String value = params.get(i).value;
                data.append(URLEncoder.encode(key, "UTF-8"));
                data.append("=");
                data.append(URLEncoder.encode(value, "UTF-8"));
            }

            OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
            wr.write(data.toString());
            wr.flush();
        }

        return conn.getInputStream();
    }

    public class PostParameter {

        public String key;
        public String value;

        public PostParameter(String key, String value) {
            this.key = key;
            this.value = value;
        }

        public PostParameter() {
        }

        public String getKey() {
            return key;
        }

        public String getValue() {
            return value;
        }

        public void setKey(String key) {
            this.key = key;
        }

        public void setValue(String value) {
            this.value = value;
        }
    }
}

And then send two request after each other:

PostRequest postAuthentication = new PostRequest("http://blahblah.com");
postAuthentication.addParam("user", user);
postAuthentication.addParam("password", pass);
Utils.dumpReader(postAuthentication.request());

PostRequest postDoSomething = new PostRequest("http://blahblah.com/function.php");
postDoSomething.addParam("func", "blah");
postDoSomething.addParam("value", "14");
Utils.dumpReader(postDoSomething.request());
    // Here I'm getting the session is expired.

These will help you:

• Apache HttpComponents
• Apache HttpClient

If the session ID is stored in cookies, you have to provide a way of storing cookies and passing them to the second request. Refer to this example for cookie handling in Apache's HTTP client.

When you receive answer to authentication request you need to store information about session When you send next request you need to add session information to request.

http://en.wikipedia.org/wiki/HTTP_cookie

The server is probably relying on HTTP session Cookies (only) to track requests. You'll need to analyze the HTTP traffic to the server (when using a browser) to see if this is the case. The server provides cookies to the client, via the Set-Cookie response header.

If the assumption is true, that cookies are required, then the cookie must be supplied on every request by the client to the server. This is done by the client setting a Cookie request header.

I assume that you are using the HttpUrlConnection class provided by the Java API. A very comprehensive answer by Balus exists on this topic at StackOverflow. Refer to the section on "Maintaining the session".