Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

basic authentication

 
JigaR Parekh
Ranch Hand
Posts: 112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have created web application which has all servlet secured and i am using basic http authentication.
so when ever i execute any servlet first it will ask me user name and password and then it will allow me execute that servlet.
now one of the jsp page is loading applet in same context and this applet is calling servlet. This call again ask for that password though i have sucessfully login.
So i think when call that servlet using urlconnection i have to provide some username and password

how can i achive that ??

any help and sugestion will be appriciated.

Jigar
 
Chetan Parekh
Ranch Hand
Posts: 3640
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Put username and password in session as soon as user login into the application.Pass username and password from session to applet using applet parameter. Applet internally passes username and password to Servlet while calling it.
 
JigaR Parekh
Ranch Hand
Posts: 112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thx chetan for reply,

I am not using programatic security,
I am using container managed security for authentication.

Jigar
[ October 20, 2005: Message edited by: JigaR Parekh ]
 
Chetan Parekh
Ranch Hand
Posts: 3640
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jigar!

I don�t have any ideas about container-managed security.

Which is your app server?
[ October 20, 2005: Message edited by: Chetan Parekh ]
 
JigaR Parekh
Ranch Hand
Posts: 112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am using jboss and DatabaseServerLoginModule as authenticator
 
Chetan Parekh
Ranch Hand
Posts: 3640
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey Jigar,

I feel that you should put your problem in JBoss Forum1 or JBoss Forum2, as it is more related to it.
[ October 20, 2005: Message edited by: Chetan Parekh ]
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There's nothing JBoss-specific about this. It's just that the browser and the JVM use different network code, so both need to send the username/password independently of each other. You can use Chetans suggestion of encoding the username and password as applet parameters in the web page (although that's a security risk).

If you're using a [Http]URLConnection in the applet, the following code adds the authentication header to the connection:

String authorization = Base64Coder.encode(username + ":" + password);
connection.setRequestProperty("Authorization", "Basic " + authorization).

The Base64Coder class can be found here, or you can use any other Base64 encoding classes, e.g. Jakarta Commons Codec.
[ October 20, 2005: Message edited by: Ulf Dittmer ]
 
JigaR Parekh
Ranch Hand
Posts: 112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thx Dittmer,

Your solution works fine.

Thx
Jigar
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic