File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes Jersey Restful Service and Form authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Jersey Restful Service and Form authentication" Watch "Jersey Restful Service and Form authentication" New topic

Jersey Restful Service and Form authentication

gabi gaminde

Joined: Jul 23, 2011
Posts: 4
Hi to everybody,

I have a Apache Tomcat 7 running without problems. I have deployed two webapp, one of them is consuming some webservices than run in the order. I have added Form authentication and a jdbc realm (this is defined in the Server.xml of the server). The server is running in https:localhost:8443. I can't access the webservices with the browser and get the content. Prior to that I login with my form and all is fine. Now I am going to specify what I whant to do and the weird problem I am getting:

  • First of all both applications are running in the same server.
  • They use the same jdbc realm (server.xml).
  • They both use the same roles defined in the web.xml of each web application (each webapp has its own web.xml)
  • For creating the client I use this example:

  • After login in the webapp I try to consume the restful service and the call returns the code of the login page of the other application! But if I stay in the same session with the browser open I can access the webservices as if I where logged correctly.

  • I have tried unccomenting the tomcat valve singlesignon but it doesn't work.

  • What I am doing wrong? Is there any special way to consume the webservice? I use:

    To be honest I am totally lost of what I am doing wrong as it seems I am correctly authenticated.

    Thanks in advance

    gabi gaminde

    Joined: Jul 23, 2011
    Posts: 4
    Hi to everybody,

    I think I have found what happens. It seems that if I create a client, I have tried with jersey or ApacheHttpClient, it somehow creates a new instance of the browser session. That is why I get the login page again, because I don't have the username and password when I try to consume the service. This seems weird to me. Is it possible to pass the session data to the client or get the current session? The onbly solution that I have now is making the calls trough Ajax which leads to build most of the web applicacion again!
    I agree. Here's the link:
    subject: Jersey Restful Service and Form authentication
    Similar Threads
    Want to access a secure site data with the use of URL class.
    How do I get a hold of Java's default SSL Trust Manager?
    Security:090477 Certificate chain received from x.x.x.x was not trusted causing SSL handshake
    Apache HTTP Components SSL Request
    Getting services to work with NTLM Authentication over HTTPS/SSL