CURL to access a page that requires a login from a different page
I have 2 pages: xyz.com/a and xyz.com/b. I can only access xyz.com/b if and only if I login to xyz.com/a first. If accessing xyz.com/b without going through the other, I simply get access denied (no redirect to login) via the browser. Once I login at xyz.com/a, I can access the other.
My problem is doing this using the curl command. I can login successfully to xyz.com/a using curl, but then try xyx.com/b and I get access denied.
I use the following:
curl --user user:pass https://xyz.com/a #works ok
curl https://xyz.com/b #doesn't work
I've tried using the second line with & without the user/password part and still doesn't work. Both pages uses the same CA, so that's not a problem. Any suggestions? Thanks
Answer
The web site likely uses cookies to store your session information. When you run
curl --user user:pass https://xyz.com/a #works ok
curl https://xyz.com/b #doesn't work
curl is run twice, in two separate sessions. Thus when the second command runs, the cookies set by the 1st command are not available; it's just as if you logged in to page a in one browser session, and tried to access page b in a different one.
What you need to do is save the cookies created by the first command:
curl --user user:pass --cookie-jar ./somefile https://xyz.com/a
and then read them back in when running the second:
curl --cookie ./somefile https://xyz.com/b
Alternatively you can try downloading both files in the same command, which I think will use the same cookies.