Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How do you do basic Tomcat authentication from Swing?

 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a collection of servlets which are accessed from a Swing client.
Can someone give me pointers on how to require password access to the
servlets? My needs are pretty simple: I want to ask once for the password
at the start of each client session, and currently I don't need any
encryption.

All the authentication examples I've found so far are browser-based!.

Thanks,
Glenn
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This entry in the Applet FAQ tells you how. In that regard applets and applications are identical.
 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you very much, Ulf. This is a case where JavaRanch is invaluable;
it's surprising how ineffective Google was for this query.

Cheers,
Glenn
 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I must be missing something from the applet FAQ. In my servlet,
"request.getRemoteUser();" returns null when I use the following code
and <security-constraint> in my app's web.xml, and no authentication
failure happens (I have no users "dude" or "username" in
tomcat-users.xml).

Any help would be appreciated.

Thanks,
Glenn



 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi again,

I must also be missing something from HttpClient. The following gives the same results (no auth failure, null user in servlet request).

Is there something in server.xml that needs to be set? I am using a vanilla 5.30 install with the struts-config.xml fix.

Thanks,
Glenn

 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anyone?

Thanks,
Glenn
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does the server part work correctly, i.e. are you required to provide credentials if you access that URL through a browser?
 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ulf Dittmer:
Does the server part work correctly, i.e. are you required to provide credentials if you access that URL through a browser?


Using my first example above with Base64*, no, it doesn't. The
servlet just works (in this case, returning some XML). But something
is going wrong before then, perhaps. With this code:


I get the output "Auth: null", which doesn't seem right.

With HTTPClient code as in the previous post, the browser shows "the
request doesn't contain a multipart/form-data or multipart/mixed
stream, content type header is null", but doesn't authenticate.

It's as if the authentication code isn't doing anything. My servlets
keep chugging along, but I certainly have to use a user/pw to browse
to manager/html. This makes me think that there is something wrong in
my web.xml snippet in the previous post, but I don't see it.

Thanks much,
Glenn
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I meant, do you need to enter credentials if you surf to /app... with the browser? Surfing to /manager... would be no indication of whether the server-side authentication is set up correctly for /app..., because that is in a different web app.
 
Glenn Murray
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ulf Dittmer:
I meant, do you need to enter credentials if you surf to /app... with the browser? Surfing to /manager... would be no indication of whether the server-side authentication is set up correctly for /app..., because that is in a different web app.


My clients have have complete access to my /app servlets no matter what
I do in the way of trying authentication code (see examples above). No
authentication is asked for when I access them with a browser, either.

Cheers,
Glenn
[ June 12, 2006: Message edited by: Glenn Murray ]
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No authentication is asked for when I access them with a browser, either.

That's an indication that authentication is not set up correctly on the server. Both Java clients and web browsers should be required to provide credentials if it works.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic