java android authentication http-post session-cookies

Android - Session Cookies

I need to authenticate the username and password with my website which provides session cookies.

I am collecting the username and password from the EditText on the form and passing it onto authenticate session as follows:

@Override
public void onClick(View v) {
    String Username = username.getText().toString();
    String Password = password.getText().toString();
    String value = LoginAuthenticate.getSessionCookie(Username, Password);
    // This is just check what session value is brought back
    username.setText(value);
}

The username and password are then checked if they are correct to return the session cookie.

public static String getSessionCookie(String username, String password) {
    String login_url = "http://www.example.com/session/create";
    URLConnection connection = null;
    String sessionXML = "<session><username>" + username + "</username><passsword>" + password + "</password></session>";
    String cookieValue = null;
    try {
        URL url = new URL(login_url);
        connection = url.openConnection();

        connection.setRequestProperty("Content-Type", "application/xml");

        connection.setDoOutput(true);

        OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream());
        out.write(sessionXML);

        out.close();
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
    String headerName = null;
    for (int i = 0; (headerName = connection.getHeaderFieldKey(i)) != null; i++) {
        if (headerName.equals("Set-Cookie")) {
            cookieValue = connection.getHeaderField(i);
        }
    }

    // return connection.getHeaderField("Set-Cookie:");
    return cookieValue;
}

In the Manifest file, I have the following permissions set:

<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>

There are no errors but null is returned at the end. Using the debugger, I have checked that the username and password are correct before being passed into the function.

Why is null being returned instead of the session cookie?

Solution

For anyone interested; here is the working code. Its an exert of it showing the method.

try
{
    URL url = new URL(login_url);
    connection = (HttpURLConnection) url.openConnection();  

    connection.setDoOutput(true);
    connection.setRequestMethod("POST");
    connection.setRequestProperty("Content-Type", "application/xml");

    OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream());
    out.write(sessionXML);
    out.flush();
    out.close();

    String headerName = "";

    for (int i = 1; (headerName = connection.getHeaderFieldKey(i)) != null; i++)
    {       
        if(headerName.equals("Set-Cookie"))
        {
            cookieValue = connection.getHeaderField(i);         
        }
    }
} 
catch (Exception e)
{
    e.printStackTrace();
}
finally
{
    if(connection != null)
        connection.disconnect();
}