Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
The moose likes Web Services and the fly likes Jersey Restful Service and Form authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Jersey Restful Service and Form authentication" Watch "Jersey Restful Service and Form authentication" New topic

Jersey Restful Service and Form authentication

gabi gaminde

Joined: Jul 23, 2011
Posts: 4
Hi to everybody,

I have a Apache Tomcat 7 running without problems. I have deployed two webapp, one of them is consuming some webservices than run in the order. I have added Form authentication and a jdbc realm (this is defined in the Server.xml of the server). The server is running in https:localhost:8443. I can't access the webservices with the browser and get the content. Prior to that I login with my form and all is fine. Now I am going to specify what I whant to do and the weird problem I am getting:

  • First of all both applications are running in the same server.
  • They use the same jdbc realm (server.xml).
  • They both use the same roles defined in the web.xml of each web application (each webapp has its own web.xml)
  • For creating the client I use this example:

  • After login in the webapp I try to consume the restful service and the call returns the code of the login page of the other application! But if I stay in the same session with the browser open I can access the webservices as if I where logged correctly.

  • I have tried unccomenting the tomcat valve singlesignon but it doesn't work.

  • What I am doing wrong? Is there any special way to consume the webservice? I use:

    To be honest I am totally lost of what I am doing wrong as it seems I am correctly authenticated.

    Thanks in advance

    gabi gaminde

    Joined: Jul 23, 2011
    Posts: 4
    Hi to everybody,

    I think I have found what happens. It seems that if I create a client, I have tried with jersey or ApacheHttpClient, it somehow creates a new instance of the browser session. That is why I get the login page again, because I don't have the username and password when I try to consume the service. This seems weird to me. Is it possible to pass the session data to the client or get the current session? The onbly solution that I have now is making the calls trough Ajax which leads to build most of the web applicacion again!
    I agree. Here's the link:
    subject: Jersey Restful Service and Form authentication
    Similar Threads
    Security:090477 Certificate chain received from x.x.x.x was not trusted causing SSL handshake
    Want to access a secure site data with the use of URL class.
    How do I get a hold of Java's default SSL Trust Manager?
    Apache HTTP Components SSL Request
    Getting services to work with NTLM Authentication over HTTPS/SSL