File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Sending the value from jsp to jsp in two different web applicaitons

 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
i should have to send the value like username from one application to other application which are running in same server.i am redirecting to other application using response.sendRedirect(url) if i am adding the username at the end of url it is revealing the username in the url and using request scope its not possible so how can i do that?


Thanks
Ganesh Kumar CH
 
jhon masco
Ranch Hand
Posts: 98
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please write the line of code.
You code is similar to this??


Are you using

for request the parameter?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64178
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Any means that you use to pass the information to the other application via HTTP will expose the values unless you use SSL.

Perhaps you can use a server-side sharing mechanisms like the database if they share a database.

Are you trying to implement single-sign-on?
 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yeah i am trying to implement sso for my application......

i m just redirecting to my application jsp page from other application jsp page using the following code



so its being displayed in URL along with value and there is no sharing database...

How can i implement this? My thought is that i will encrypt the username value in source end and decrypt in destination end so that it wont be revealed...

Do you suggest this?


Aim: How can i get the value from one webapplication to other webapplication either using objects like request,response,session and application or in different way?
 
jhon masco
Ranch Hand
Posts: 98
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I dont understand why you can not get the value from the url really but...
please try JSTL redirect and request the value in the destiny page with JSTL too.
May be this work. Also would be fine if you can show a piece of you code.


 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i think that it will not work....

As per my knowledge if we redirect to new webapplication i.e new request so that container will create new request and response objects...
 
Noel Alex
Greenhorn
Posts: 7
Fedora Java Opera
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

yeah i am trying to implement sso for my application......

How about using something like Java CAS ?
Regards,
Simple
 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am using my official SSO login page for my application....
 
Niju Thomas
Greenhorn
Posts: 13
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
it is possible as sending through url.If you want to hide encrypt it through xml configuration file.
 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
could you please let me know how to encrypt through xml configuration file?
 
Kumar Raja
Ranch Hand
Posts: 547
2
Hibernate Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Why don't you POST it instead.
 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Raja,

Check this http://www.jguru.com/faq/view.jsp?EID=285822
 
Kumar Raja
Ranch Hand
Posts: 547
2
Hibernate Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I did not mean to POST it through sendRedirect.. I meant that you can POST to servlet/jsp by other means. afterall its a HTTP request and you can use other means, for eg, HTTP Post. I had not tried this personally before, so would be glad to know the results if it works for you.
 
Pete Nelson
Ranch Hand
Posts: 147
Debian Eclipse IDE Tomcat Server
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Kumar Raja wrote:I did not mean to POST it through sendRedirect.. I meant that you can POST to servlet/jsp by other means. afterall its a HTTP request and you can use other means, for eg, HTTP Post. I had not tried this personally before, so would be glad to know the results if it works for you.


POST isn't any more secure than GET. You still end up sending the username over the network, and you're still vulnerable to someone altering the request to change the username to whatever they wish.

The only way I can see to do this securely is through some sort of shared persistence between the web application contexts. This could be a database, a datafile, Kerberos server, etc. The browser can't be the ONLY way your two web applications communicate, or it's only going to be as secure as that browser.
 
Kumar Raja
Ranch Hand
Posts: 547
2
Hibernate Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How about encrypting the username through some Private/Public key encryption, before POSTing. I do not mean to oppose your proposal of shared persistence, but just curious on encryption+POST
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64178
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Maybe I missed a nuance somewhere, but why not just use SSL?
 
Ganeshkumar cheekati
Ranch Hand
Posts: 362
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
At present, i done it using encryption/decryption with

Is there any other way except shared DB,server and SSL?
 
gabrilla ebinezer
Greenhorn
Posts: 1
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You will have to configure your web-server accordingly. Tomcat for example provides a valve for that. See here: http://tomcat.apache.org/tomcat-6.0-doc/config/host.html#Single_Sign_On

Note: The localhost-URL you posted, only works on your computer (hence the name "local").

It would be much easier though to just add all of your modules into one Web-Application or to use one of the countless Java Web Application Frameworks.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic