Mimicking a browser sigining into a website
My apologies for the unusual title; not sure what this is called.
I have a need to write some Java code to essentially automate signing in to a website and doing things in their account. Sounds creepy, I know, but I promise it is legit. Part of what we do is permit our members to provide credentials to another site, and we use this to synchronize data with the other site.
I'm using the well-known Apache HttpClient library to do this, but I am just wondering if anyone has any experience with this sort of thing, and if so would you be willing to share with us here.
Here are some of the things I am concerned about:
- Most sites offer a "remember me" option, which usually results in an extra cookie being returned. Would it be wise to try to retain this and use it for future updates to the external site?
- If multiple updates are being performed in the same session (ours is a web-application), then would it make sense to leave the HttpClient object in session memory and try to re-use it for updates that occur in the same session on our end? Of course, this would require knowing what the session expiration is on the remote site, which we don't know, and even if we did, it could change over time. I suppose assuming a short (10-minute?) session would be safest.
- What else should I be thinking about?
Thanks in advance, and also moderators please forgive me if this is not in the proper category, etc.