[SOLVED] Java send POST data to PHP server blocked by accessRules method

Java send POST data to PHP server blocked by accessRules method

I'm POST-ing some data to PHP server in Yii framework. Login works fine. which means my data is prperly sent to the server.

but after login my subsequent requests are denied by the accessRules method on the server and im getting the login page in response.

This is the accessRules function in PHP. Where egineering are normal users other than admins.

public function accessRules()
    {
        return array(

            array('allow',  // allow all users to perform 'index' and 'view' actions
                'actions'=>array('index','view','AssignedUsers',),
                'roles'=>array('admin', 'engineering'),
                //'users'=>array('*'),
            ),
            array('allow', // allow authenticated user to perform 'create' and 'update' actions
                'actions'=>array('create','update','userReport','userNewReport',),
                'roles'=>array('admin'),
                //'users'=>array('@'),
            ),
            array('allow', // allow admin user to perform 'admin' action
                'actions'=>array('admin'),
                'roles'=>array('admin', 'engineering'),
            ),
            array('allow', // allow admin user to perform 'delete' action
                'actions'=>array('delete'),
                'roles'=>array('admin', 'admin'),
            ),
            array('deny',  // deny all users
                'users'=>array('*'),
            ),
        );
    }

but i get denied by the server.

this is JAVA request

String content ="user=" + URLEncoder.encode(userId,encoding) +
"&apiKey=" + URLEncoder.encode(apiKey,encoding);

this content is used in following with a url.

        connection = (HttpURLConnection)url.openConnection();
        connection.setRequestMethod("POST");
        connection.setDoInput(true);
        connection.setDoOutput(true);
        connection.setUseCaches (false);
        connection.setRequestProperty("Content-length",String.valueOf (content.length())); 
        connection.setRequestProperty("Content-Type","application/x-www-form-urlencoded");

        DataOutputStream printout = new DataOutputStream (connection.getOutputStream ());

        System.out.println(url+",Content = "+content);

        printout.writeBytes (content);
        printout.flush ();
        printout.close ();

Solution

Send the cookies.

When you login... A session will be created in the server and session id will be sent as cookies on http response header.

You have to catch those cookies from login response and keep on sending same on subsequent requests.

I just googled and found this example: How to Retrieve cookies from a response and How to send it in request