This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Servlets and the fly likes communicating between two web application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "communicating between two web application" Watch "communicating between two web application" New topic
Author

communicating between two web application

reshmi prasad
Greenhorn

Joined: Nov 08, 2003
Posts: 4
how to communicate between two servlets in different web application ???
Amit KumarS
Ranch Hand

Joined: Oct 10, 2003
Posts: 100
hi reshmi..
i donno what excetly you want to do.. but one way to call a servlet of different web application is giving the absolute web address in the sendRedirect like below..


this will force the browser to call the servlet.. but if you mean that u want to share a piece of data among two web-applications in same server then i think that's not possible
hope this helps you..
Thanks
Amit


****************************<br />In 24 hrs Earth rotates once on its Axis.
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8904

You can use servletContext.getContext(String uripath).

This method allows servlets to gain access to the context for various parts of the server, and as needed obtain RequestDispatcher objects from the context. The given path must be begin with "/", is interpreted relative to the server's document root and is matched against the context roots of other web applications hosted on this container.

In a security conscious environment, the servlet container may return null for a given URL.
In Tomcat you can use some configuration file to allow the communication if the container does not allow it.


Groovy
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

Yes, there are security concerns doing direct communication between web applications (as opposed to sendRedirect or posting between them), but there are often other vendor specific problems too.
When we tried to achieve this once to allow us to .include a jsp from another context, they occured in difference threads and we couldn't control where the jsp was included. In practice I'm not sure it's a very good idea.
Dave
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8904

DAVID,
What are the security concerns? I am not able to think about any.
Ko Ko Naing
Ranch Hand

Joined: Jun 08, 2002
Posts: 3178
Originally posted by Pradeep Bhat:
DAVID,
What are the security concerns? I am not able to think about any.

Pradeep, I think David means that since they are not transparent to each other, we have to deal with security concerns... But I hope the server has ability to deal with it easily...


Co-author of SCMAD Exam Guide, Author of JMADPlus
SCJP1.2, CCNA, SCWCD1.4, SCBCD1.3, SCMAD1.0, SCJA1.0, SCJP6.0
Pradeep bhatt
Ranch Hand

Joined: Feb 27, 2002
Posts: 8904

Ko,
Since both the applications are running in the same container I was just wondering what security issues could come up?
Marty Hall
Author
Ranch Hand

Joined: Jan 02, 2003
Posts: 111
Since both the applications are running in the same container I was just wondering what security issues could come up?

Just because two Web applications run on the same sever (same container) does not mean that they are developed by the same people and want to share data arbitrarily. For example, I teach a JSP/servlet class in the Johns Hopkins University part-time graduate program in Computer Science. We use Tomcat, and each student has their own Web app (mapped to http://hostname/~userID/, in fact). One student shouldn't be able to change/delete entries in another student's ServletContext, so we have this disabled.
Whether myServletContext.getContext(contextPath) returns null or not depends on the container settings -- in Tomcat you get null unless server.xml specifies crossContext="true" for the app or for DefaultContext.
Cheers-
- Marty


Java training and consulting
Ko Ko Naing
Ranch Hand

Joined: Jun 08, 2002
Posts: 3178
Originally posted by Marty Hall:

For example, I teach a JSP/servlet class in the Johns Hopkins University part-time graduate program in Computer Science. We use Tomcat, and each student has their own Web app (mapped to http://hostname/~userID/, in fact). One student shouldn't be able to change/delete entries in another student's ServletContext, so we have this disabled.

I think that is a very good example about the security issue among different web apps... Since you are an experienced instructor, it's a piece of cake for you to provide such example for someone else...
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: communicating between two web application
 
Similar Threads
Difference between web server and web application
how to find session btn two web appl
Forward or Redirect http request to a web application on different web container/JVM with some param
Session ID
About encodeRedirectURL