Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

communicating between two web application

 
reshmi prasad
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
how to communicate between two servlets in different web application ???
 
Amit KumarS
Ranch Hand
Posts: 100
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi reshmi..
i donno what excetly you want to do.. but one way to call a servlet of different web application is giving the absolute web address in the sendRedirect like below..


this will force the browser to call the servlet.. but if you mean that u want to share a piece of data among two web-applications in same server then i think that's not possible
hope this helps you..
Thanks
Amit
 
Pradeep bhatt
Ranch Hand
Posts: 8927
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use servletContext.getContext(String uripath).

This method allows servlets to gain access to the context for various parts of the server, and as needed obtain RequestDispatcher objects from the context. The given path must be begin with "/", is interpreted relative to the server's document root and is matched against the context roots of other web applications hosted on this container.

In a security conscious environment, the servlet container may return null for a given URL.
In Tomcat you can use some configuration file to allow the communication if the container does not allow it.
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, there are security concerns doing direct communication between web applications (as opposed to sendRedirect or posting between them), but there are often other vendor specific problems too.
When we tried to achieve this once to allow us to .include a jsp from another context, they occured in difference threads and we couldn't control where the jsp was included. In practice I'm not sure it's a very good idea.
Dave
 
Pradeep bhatt
Ranch Hand
Posts: 8927
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
DAVID,
What are the security concerns? I am not able to think about any.
 
Ko Ko Naing
Ranch Hand
Posts: 3178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Pradeep Bhat:
DAVID,
What are the security concerns? I am not able to think about any.

Pradeep, I think David means that since they are not transparent to each other, we have to deal with security concerns... But I hope the server has ability to deal with it easily...
 
Pradeep bhatt
Ranch Hand
Posts: 8927
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ko,
Since both the applications are running in the same container I was just wondering what security issues could come up?
 
Marty Hall
Author
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Since both the applications are running in the same container I was just wondering what security issues could come up?

Just because two Web applications run on the same sever (same container) does not mean that they are developed by the same people and want to share data arbitrarily. For example, I teach a JSP/servlet class in the Johns Hopkins University part-time graduate program in Computer Science. We use Tomcat, and each student has their own Web app (mapped to http://hostname/~userID/, in fact). One student shouldn't be able to change/delete entries in another student's ServletContext, so we have this disabled.
Whether myServletContext.getContext(contextPath) returns null or not depends on the container settings -- in Tomcat you get null unless server.xml specifies crossContext="true" for the app or for DefaultContext.
Cheers-
- Marty
 
Ko Ko Naing
Ranch Hand
Posts: 3178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Marty Hall:

For example, I teach a JSP/servlet class in the Johns Hopkins University part-time graduate program in Computer Science. We use Tomcat, and each student has their own Web app (mapped to http://hostname/~userID/, in fact). One student shouldn't be able to change/delete entries in another student's ServletContext, so we have this disabled.

I think that is a very good example about the security issue among different web apps... Since you are an experienced instructor, it's a piece of cake for you to provide such example for someone else...
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic