Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Using servlets outside of browsers  RSS feed

 
Rishi Singh
Ranch Hand
Posts: 321
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I have an application that is accessible from a browser to manage some
items but there are calls that should be performed from fat client
programs. There is authentication being done from browser forms and
the
session management is the default container cookie/url rewriting
scheme.
Obviously a client app will not know what to do with a cookie and it
can't use url rewriting as the response is just an XML file that is a
result of the initial request. Those initial actions must be
authorized
but I don't want to authenticate on every request. Having said that
these are the basic two questions:
1. Is this a good idea to use servlets or should I do SOAP instead
(this
is without consideration for session management, just pure
technological
question for web based service called from an app)?
2. How would I manage sessions in when all calls would be
programmatical
HTTP requests? I thought of a scheme where an initial request from an
application should go to AuthenticationServlet which would return a
token that then would be included in every subsequent request for other
functions.
What do you think?
Thanks,
d.
is accessible from a browser to manage some
items but there are calls that should be performed from fat client
programs. There is authentication being done from browser forms and
the
session management is the default container cookie/url rewriting
scheme.
Obviously a client app will not know what to do with a cookie and it
can't use url rewriting as the response is just an XML file that is a
result of the initial request. Those initial actions must be
authorized
but I don't want to authenticate on every request. Having said that
these are the basic two questions:
1. Is this a good idea to use servlets or should I do SOAP instead
(this
is without consideration for session management, just pure
technological
question for web based service called from an app)?
2. How would I manage sessions in when all calls would be
programmatical
HTTP requests? I thought of a scheme where an initial request from an
application should go to AuthenticationServlet which would return a
token that then would be included in every subsequent request for other
functions.
What do you think?
Thanks,
 
Rishi Singh
Ranch Hand
Posts: 321
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
whether this would suffice.....
1) put (copies of) your servlets in a different protection domain, and
authenticate the client by ipaddress and/or digital certificate. This
only works if you dont need the session, ie all the state is held in the
fat client.
2) Teach the client to do cookies. (which isnt too hard,
httpunit.sourceforge.net does it.)
As for SOAP, I'd also like to know what people think.
any comments, advice ..plz
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!