• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Using servlets outside of browsers

 
Ranch Hand
Posts: 321
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,
I have an application that is accessible from a browser to manage some
items but there are calls that should be performed from fat client
programs. There is authentication being done from browser forms and
the
session management is the default container cookie/url rewriting
scheme.
Obviously a client app will not know what to do with a cookie and it
can't use url rewriting as the response is just an XML file that is a
result of the initial request. Those initial actions must be
authorized
but I don't want to authenticate on every request. Having said that
these are the basic two questions:
1. Is this a good idea to use servlets or should I do SOAP instead
(this
is without consideration for session management, just pure
technological
question for web based service called from an app)?
2. How would I manage sessions in when all calls would be
programmatical
HTTP requests? I thought of a scheme where an initial request from an
application should go to AuthenticationServlet which would return a
token that then would be included in every subsequent request for other
functions.
What do you think?
Thanks,
d.
is accessible from a browser to manage some
items but there are calls that should be performed from fat client
programs. There is authentication being done from browser forms and
the
session management is the default container cookie/url rewriting
scheme.
Obviously a client app will not know what to do with a cookie and it
can't use url rewriting as the response is just an XML file that is a
result of the initial request. Those initial actions must be
authorized
but I don't want to authenticate on every request. Having said that
these are the basic two questions:
1. Is this a good idea to use servlets or should I do SOAP instead
(this
is without consideration for session management, just pure
technological
question for web based service called from an app)?
2. How would I manage sessions in when all calls would be
programmatical
HTTP requests? I thought of a scheme where an initial request from an
application should go to AuthenticationServlet which would return a
token that then would be included in every subsequent request for other
functions.
What do you think?
Thanks,
 
Rishi Singh
Ranch Hand
Posts: 321
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
whether this would suffice.....
1) put (copies of) your servlets in a different protection domain, and
authenticate the client by ipaddress and/or digital certificate. This
only works if you dont need the session, ie all the state is held in the
fat client.
2) Teach the client to do cookies. (which isnt too hard,
httpunit.sourceforge.net does it.)
As for SOAP, I'd also like to know what people think.
any comments, advice ..plz
reply
    Bookmark Topic Watch Topic
  • New Topic