Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Authenticating using the web application session ID

Reply
Thread Tools

Authenticating using the web application session ID

 
 
Stanimir Stamenkov
Guest
Posts: n/a
 
      09-17-2003
I've wondered if it's possible... I have a HTML page which loads an
applet which is responsible for connecting to a service (other than
the web application - JSPs) on my system. I want to use the session ID
assigned by the web application to authenticate the user upon the
applet connection to avoid double logins and transmission of user name
and password, probably over a secure connection (this is already done
by the http service). The session ID is passed to the applet object
with a parameter in the generated HTML.

At this point my other service needs a way to query the web
application component for the session identified by the specified ID.
I see the 'HttpSessionContext' interface is deprecated entirely and
I've wondered how I could obtain instance and query a specific session
on the server-side from "third-party" service?

Thank you for your help in advance.
 
Reply With Quote
 
 
 
 
VisionSet
Guest
Posts: n/a
 
      09-17-2003
"Stanimir Stamenkov" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> I've wondered if it's possible... I have a HTML page which loads an
> applet which is responsible for connecting to a service (other than
> the web application - JSPs) on my system. I want to use the session ID
> assigned by the web application to authenticate the user upon the
> applet connection to avoid double logins and transmission of user name
> and password, probably over a secure connection (this is already done
> by the http service). The session ID is passed to the applet object
> with a parameter in the generated HTML.
>
> At this point my other service needs a way to query the web
> application component for the session identified by the specified ID.
> I see the 'HttpSessionContext' interface is deprecated entirely and
> I've wondered how I could obtain instance and query a specific session
> on the server-side from "third-party" service?


Your applet can open HttpUrlConnection with servlet and request any session
data.
So I don't see that it is necessary to pass it as parameter in html if you
are going to check it anyway.
--
Mike W


 
Reply With Quote
 
 
 
 
Stanimir Stamenkov
Guest
Posts: n/a
 
      09-18-2003
"VisionSet" <(E-Mail Removed)> wrote in message news:<u3Z9b.1769$(E-Mail Removed)>...
> "Stanimir Stamenkov" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) om...
> > At this point my other service needs a way to query the web
> > application component for the session identified by the specified ID.
> > I see the 'HttpSessionContext' interface is deprecated entirely and
> > I've wondered how I could obtain instance and query a specific session
> > on the server-side from "third-party" service?

>
> Your applet can open HttpUrlConnection with servlet and request any session
> data.
> So I don't see that it is necessary to pass it as parameter in html if you
> are going to check it anyway.


My applet needs to authenticate itself agains my other service (which
runs in its own JVM. It uses a TCP Socket for connection with custom
protocol, not HTTP) - not against the web service/application. I don't
want double logins nor secure transmission of sensitive data
(usernameassword) so I want to use the authentication done already
by the web application. My other service would query the web
application through JMS call or whatever on the server-side.

I hope I made it clearer this time.
 
Reply With Quote
 
Stanimir Stamenkov
Guest
Posts: n/a
 
      09-18-2003
http://www.velocityreviews.com/forums/(E-Mail Removed) (Stanimir Stamenkov) wrote in message news:<(E-Mail Removed). com>...

> [...]
> I see the 'HttpSessionContext' interface is deprecated entirely and
> I've wondered how I could obtain instance and query a specific session
> on the server-side from "third-party" service?
>


BTW I've just saw there is a 'HttpSessionListener' interface which I
could use to build a session retrieval component in the web
application, which I could query through custom mechanism from my
other service, but I couldn't see any references to it - where I could
register such listener?
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authenticating web srvices ThatsIT.net.au ASP .Net 4 09-03-2009 01:36 PM
Authenticating to web service using https and client certificate jakecjacobson Python 0 06-23-2009 01:17 PM
Web Application Suddenly No Longer Authenticating AD mirlisa ASP General 1 03-15-2006 09:39 PM
Authenticating to a web form that posts to a jsp. Jeremy Perl Misc 1 06-30-2004 09:42 PM
How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted") mrwoopey ASP .Net 3 06-30-2003 10:11 PM



Advertisments