• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

Use of HttpClient in Applet

 
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello All,
Please shed some light on my query regarding the use HttpClient in Applets.

Currently we are using Suns' HttpUrlConnection for connecting to our servlet which is behind the Single sign on. So in a sense, our every request from applet,
contains the cookie, for the SSO agent to be authenticated and passed to the servlet. My understanding is, that this cookie maintenance is performed by the java-plugin on the user machine with every request to the servlet and the HttpURLConnection combination.
But every now and then we receive the Invalid Stream header exception, on client machines, which is very random, and we think its coming from the SSO agent authenticating the request. This was not even caused with the long user inactivity, it happens even when user hits the servlet even for first time, and the SSO session is just created.

I was reading about HttpUrlConnection api, and the general opinion is, it is sometimes buggy with the browser api calls.
So, i wanted to know does moving on to HttpClient, mitigates this problem, or will we be facing the same random invalid stream headers.
If i want to do a POC using HttpClient, i was wondering how to do i maintain the SSO cookie, on my every request to servlet. Since in case of the HttpUrlConnection it was automatically taken care of by the java-plugin.

Please advise,


Thank you



 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It's impossible to say whether HttpClient will or won't exhibit this problem, because we don't know what's causing it. There may be a bug in the HttpUrlConnection class (which HttpClient wouldn't have), or there may be a bug in the underlying Socket class (which HttpClient would have as well), or the problem may be with the network connection (in which case it doesn't matter what client is used), or the application code on top of the HTTP connection may be buggy.

HttpClient fully supports cookies, so I wouldn't think that that would be a problem.
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Ulf,
Thank you for the reply.
Yes i totally agree with you on the fact of where the actual problem can be.
but just so that if i can prove its not the HttpUrlConnection, which is causing this problem. How can i implement the same
functionality with use of HTTpClient.
Right now my code looks like :


Here the SSO cookie is manage by the java-plugin, am just not sure how do i get the SSO authetication with the use of
HTTPClient.

Any pointers on this, will be very helpful.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HttpClient handles cookies transparently, there should be no need to do anything in code. (Actually, I'm not sure if cookie support is turned on by default - check the javadocs, there's a method named something "turnOnCookies" or some such). There are also methods to check which cookies you got after the response is received.
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi Ulf,
So i got the basic communication between my applet to servlet using HTTPClient, below is my applet side code :


The above code works perfectly if i dont have my servlet SSO protected.
But when i enable SSO protection this communication just fails with Invalid Stream Header error.

Am still not sure how to handle the browser proxy configuration or cookies to make my request pass through the SSO agent.

Any advise ?

Thanks
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What does it mean to "have my servlet SSO protected" - how does anything change with respect to that? What does the documentation of whatever SSO solution you're using say about programmatic access to protected resources?
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


What does it mean to "have my servlet SSO protected"



It meant, when i try to hit my servlet with a get request, i am first shown a SSO page to login my credentials and then only the get request passes through
to hit my servlet. This SSO policy is enabled on our App servers, where the rootcontext "/XXX" is SSO protected.
So if i servlet is "www.testporject.net/XXX/myservlet" i will be shown a SSO first

So when i change my rootContext to "/YYYY" i can hit my servlet without any SSO.

So my actual scenario is,
I login to server1 with SSO protection, access the Applet hosted inside JSP there, and this applet tries to make connections to my servlet on server2, which is SSO protected too, since till now my java-plugin used to take care of all the cookie handling and i can access my servlet with SSO authentication again, since at server1 i was already authenticated and java-plugin carries this info for server2 SSO agent.

But with HTTPClient, i am not able to send this authentication info across to it just restricts me at the SSO of server2.

Hope this conveys my scenario

Thanks

 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Like I said, you need to investigate which cookies the SSO system sets if you use a browser, and then make sure that the same cookies are retained when you use HttpClient. Obviously, that must be done using the same instances of whatever objects HttpClient uses, so that the cookies are still there.
 
Amit Hetawal
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes, i was thinking on the same lines.
Let me try to get those cookies and place in my every request to the servlet.

Will try and post my findings.
Thanks for your help Ulf.
 
I think he's gonna try to grab my monkey. Do we have a monkey outfit for this tiny ad?
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic