Testing the protected functionality of a .jsp page?
There is a web page here that allows service providers to check the validity of customer insurance. The page contains a text box for entering the customer's insurance number, a button for submitting the verification number, and a box that displays the results. This is the java server page and https. As you can probably tell, I don't know about it. What I would like to do is check the numbers directly from my program? Is there a way to do this transparently, without having to show the webpage to the user using the webpage source? If so, can someone point me in the right direction Thanks
source to share
What you need to do is force your program to send an HTTPS POST request to this URL, and then you will need to parse the resulting HTML to extract the results you are interested in.
However, presumably the service provider must be logged in to access this page. As such, you will need the provider's login details (like prompting the user to enter them), plus you will need to send a request to the server to login (possibly another HTTP POST). You will also capture the results that the login page returns (perhaps a cookie), so you can set up the following request correctly and associate it with a session owned by that service provider. This, in turn, may lead to the withdrawal of the service provider if they are using the browser on this site at the time.
So it is possible, but at best it is rather frustrating.
Another solution, depending on your programming environment, might be to programmatically control a browser control (possibly behind the scenes) to do the same login and form name and then parse the resulting HTML. This will still be pretty ugly, but save your code from having to pretend to be a web browser.
Before you try any of these steps, it is worth checking to see if the site has a web service API for accessing programs or if they want to provide one.
source to share