You can achieve SmartCard/PIN based authentication to a Java website using a portlet/servlet on the server side and an applet on the client side.
How would one go about achieving the same thing when you want the site to be a PHP website? (Although not a flat PHP/MySQL situation, but a 3-tier PHP→Spring WS→MySQL)
The best solution would be creating a client in PHP that talks to Spring WS.
In Spring WS you can implement an API that can be used by PHP.
I'm not sure what smartcard you have and what protocol is used.
Related
I'm developing WebSocket messaging backend using Spring WebSockets, which uses SockJS + STOMP protocol. The reason why not to use plain WebSockets is because I will need to leverage security integration that SockJS provides in Spring WebSockets and also other neat features from SockJS, such as rooms, subscriptions, etc. I was wondering if this is a good option to use so that mobile (iOS and Android) and Web client apps can easily connect to the backend server and perform messaging. If yes, then what libraries I can use for iOS and Android.
On SockJS GitHub page they are also listing available client libraries, but no iOS nor Android. So, I'm wondering if SockJS is even worth to use just because of that.
I found that for iOS client Primus-Objc (GitHub page) library claiming that they can connect to native WebSockets, Socket.IO, SockJS or perhaps engine.io. is that a true statement? And event if that's true, what about the quality of that library?
And event if it is ok to use SockJS on the back, then would it be also possible to show an example code for iOS and Android so that I can perform a proof of concept on mobile devices?
If SockJS is not a good option for me, then would it be better than to build my messaging app with Socket.io + Node.js (using JavaScript). Socket.io seems to me have all needed client libraries for iOS (official library by Socket.IO guys) and Android (official library by Socket.IO guys).
Another option can be to use Netty-Socket.io library and build each endpoint manually without any help from Spring Framework (which I'm considering to use) but there is small challenge that I'll have to tackle, that is security. Somebody actually already tried to do it (the same author asking question on the official Netty-Socket.IO Github page) but looks like he didn't have a luck in solving it yet.
Maybe it's more than a year since the question was asked. But, because it's getting in the first results when Googling for SockJS+Android. So, I am posting my answer.
From my experience with a recent project I worked on, we were able to use a STOMP client - like the one here- to connect to Spring Websocket backend from native Android app.
And from the browser, you can still use SockJS client to gain across browsers compatibility to websockets with fallback.
A note to mention that when using only STOMP client to connect to native websocket the URL will be something like ws://mydomain/SockJSEndpoint/websocket,
and when using SockJS client from the browser the URL will be like http://mydomain/SockJSEndpoint.
Please find below useful references related to your requirement for both iOS and Android
http://www.elabs.se/blog/66-using-websockets-in-native-ios-and-android-apps
https://www.cometchat.com/blog/ios-android-chat-mobile-sdk/
https://github.com/elabs/mobile-websocket-example
We have tested them, both Android-client (link) was given by #Amr K. Ismail and
this iOS-client (link) are suitable with Spring-SockJS-Server which has STOMP.
SockJS may be interesting because it provides non-ws transports. Just using WebSockets may not be possible in all situations.
There is one cross-platform SockJs client of the OpenFL project:
https://github.com/jeremyfa/openfl-sockjs
Not tested how well it works, but at least for Android it's using JavaScript from inside WebView, so should be no different than JavaScript one. Again, it is not clear how tightly it is coupled with OpenFL, but the approach of using WebView and stock SockJS client could probably be re-used.
Ok so I am still new to Objective C and currently learning it. I wanted to make an app where people can login and submit data to a database. I have research and found that I need to connect to a web server (I will use a Java web server) and from this server, it will communicate to the database server.
However, I am just wondering exactly how I would connect from an IPad app (that I will make in the future) to a Java App Server such as Glashfish. To do this, what kind of web app would I make (servlets?)? If I did, would I use the URL wrting method to transfer data?
I would want to use a http connection since I am using Glassfish.
Thanks
You can expose Restful API through the java web application; and access these api in your iOS app. There are many rest-client library for iOS now.
You can also write data to url connection directly, but it's tedious and complex.
Intro: I want to develop simple multiplayer Five in row (Gomoku). Front-end should be done using JavaScript, and back-end in Java.
Basically client and server should exchange pairs of integer numbers and game id. It's easy to do on client side with WebSockets, but...
Question: Is there simple way to process communication on server side, using Sockets and ServerSocket, without embedding Jetty or any other server?
Since Front-end is javascript it might run in a web browser. To communicate with the server most likely using http, then embedding Jetty and using dwr is the simplest way IMO.
If you intend to do such thing on a web project, have a look at the DWR project.
WebSockets browser support is poor at the moment.
If you're creating a Web application the mainstream solution for JS-Java communication is Ajax with some JS framework like jQuery or Dojo. It will not require any libs on the server side (unlike DWR) and also you don't need to put any JS stuff on your server if you use CDN.
I am currently building a mobile application using RhoMobile. The application will simply be calling a bunch of REST web services. The back-end REST services are written in Java + Spring. I was wondering what the security considerations are. Our requirements are very simple, we need a secure way for a user to log in with the application, and only then be able to call the web services.
Does anyone have any experience with marrying these technologies. And what are my options. At the moment I am looking at either using Spring Security or Shiro, but just wondering if anyone has better experience.
Just as a note, we will be using JSON for all communication.
I have my backend web server running a Ruby On Rails application.
I communicate using JSON and HTTP Basic Authentication. In this type of authentication it is needed only to pass a header with the user name and the password encoded.
It is not the best way to achieve security, because if someone is monitoring your network traffic he could discover your credentials, but it could be a simple solution.
As per title really I'm wanting to send a custom HTTP post request to a web server and I have little experience in this area. The web server uses an LDAP server for access control (not sure if that's important) for which of course I know the username and password. Could anyone flesh out some code to do this or at least get me started?
Edit for one of the comments, the server is running a LAMP stack with PhP 5+ and Apache 2+
You can use HttpClient module from Apache.
Although the java.net package provides
basic functionality for accessing
resources via HTTP, it doesn't provide
the full flexibility or functionality
needed by many applications.
HttpClient seeks to fill this void by
providing an efficient, up-to-date,
and feature-rich package implementing
the client side of the most recent
HTTP standards and recommendations.
Designed for extension while providing
robust support for the base HTTP
protocol, HttpClient may be of
interest to anyone building HTTP-aware
client applications such as web
browsers, web service clients, or
systems that leverage or extend the
HTTP protocol for distributed
communication.
LDAP and authentication are separate issues from sending POSTs to web servers.
Th server side needs to do that authentication. Set it up either in your code or in the web server itself.
If your client is a Java application, you can create a POST using UrlConnection.
If your client is an HTML page or JSP, you need a form with a POST action.