I am trying to implement a new feature: the user of a PHP based site clicks on a link and is logged in into Perl based site. The logging in process itself works flawlessly. However, once I am in the Perl based site, once I click on any link, it asks me to log in again.
Upon further investigation. The code doesn’t set cookies.
Is it possible that the Perl site is doing a redirect without you being conscious of it?
Try this tool, Firefox plug/addon called LiveHTTPHeaders.
Login as normal using FF with this feature switched on and watch the ensuing headers very carefully, essentially, it is that which you have to emulate with your cURL call (well, all the key information anyhow).
I could well be wrong but it could be a case of setting CURLOPT_MAXREDIRS if you detect redirects are happening.
Here’s my guess on what’s happening. From the code you supplied it seems like:
You make a Curl request to a remote server passing along the username and password.
The credentials are accepted by the remote webserver. A cookie is set on by the remote server in your cookie jar on your webserver.
You then echo out the remote site’s html to the user after doing some fiddling with the base href.
You then attempt to click a link in the html that was spit out from the remote site by your curl request.
If that’s true, I would guess that it’s asking you to log in again because the login cookie for your remote session was set on your webserver, not your browser.
Cups: right when I am logged into the Perl site with curl, I don’t see the session cookie set. Isn’t it a problem with cookies? However, I can’t figure out why curl is not passing the cookie to the browser.