File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to use j_security_check directly (skip the login page)?

 
Efrat Bar-Nahum
Ranch Hand
Posts: 57
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a web application that is using j_security_check. (I have a login page, and login module and everything works fine).
I have another application (Swing), that can invoke the web application.
Since the user was already authenticated & authorized when entering the swing application there's no need to launch the web application login page again.

I want that when the application is open as a stand alone application (opening a browser and typing the URL), the login page will be loaded (like today).
But when it is launched from the web application I want to skip the login page.

How can I call the j_security_check and pass it the username & password directly from the Swing application?

I tried openning a page that includes the following:



but it didn't work...
Any idea how to do it?

Thanks,
Efrat
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Assuming you're using an HttpUrlConnection to access the web app from your Swing client, you can set the authentication header directly, as is described here. It works the same way for all Java clients, not just applets.
 
Efrat Bar-Nahum
Ranch Hand
Posts: 57
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was trying to open a browser using the following URL:


The parameters that I passed are corerct (I managed to decrypt the given password in the login module).

But I got
HTTP Status 408 - The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser

Why didn't it work?
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What are you trying to prove or find out by doing this in the browser?
 
Efrat Bar-Nahum
Ranch Hand
Posts: 57
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is the URL that I'm passing when opening the browser from my rich client application.
This is what I'm trying to do: Open my web client application from a rich client application, and I want to skip the login page by passing the user name & password that I got from the rich client application.

So instead of opening a browser with the URL: http://localhost:8080/EM/ (which will open the login page), I'm trying to pass the parameters to the j_security_check.

I'm really lost here, please help...
Thanks,
Efrat
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Now I understand - by "I have another application (Swing), that can invoke the web application." you meant that the Swing app opens a web browser and points that to the web app, not that the Swing app actually accesses the web app.

It might be possible that the j_security_check thing only works with POST, not GET (which it would be through the browser URL). You could use a tool like LiveHTTPHeaders (a Firefox extension) to check what HTTP actually gets sent over the wire. Thta may give you a clue what's different when you try it from the Swing app.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic