I want to implement very simple java based web service (Provider) in domino... say print "Hello World"
But this has to first authenticate/authorize the user i.e
login
user present in names.nsf
valid password
access in Db etc.
In short we can say domino login functionality.
Hope u understand the requirement. So I want Hello world to be printed only if user authenticated successfully.
The authentication is handled by the ACL of the database. The user mentioned in the ACL needs an internet password in their person document.
Once that is set up, your consumer needs to specify the user/password in the stub.
For example, I created a provider called "ws":
Ws stub = new WsServiceLocator().getDomino();
stub.setCredentials("user", "password");
stub.HELLO("world");
Related
We are trying to implement Oauth2 on our app, in our App we are login using Sign In with Google, and this returns a lot of stuff like : UID, ACCESS_TOKEN, REFRESH_TOKEN, etc.. we are thinking to send from APP to server-side the UID and store it to DB linked with user like if it was its password.
From server side we want to on each call for instance : get_products, we are thinking to use an access_token but we don't know if it's the UID from user itself or we have to create another access_token with its refres_token with expiration time. So we have one UID from user and another access_token and refresh_token from oauth.
I'm not sure about the value you refer by UID. May be it's something that I haven't come across before.
But if it stands for USER IDENTIFIER, then you should not use it to identify the end user and maintain a session. UID could be a public identifier so anyone who knows will be able to communicate to your server. Also, think about user login through multiple devices. Your server won't be able to identify the correct session.
User access_token to initiate a session. In your server, use user-information endpoint to obtain validity details and end user information. Alternatively you may choose OpenID Connect.
I want to retrieve UserPrincipalName of current logged in user using java.I can connect to AD and retrieve that, but i want to avoid all those configuration and other stuff, is there an easier way to get UPN using java?
UPN stored in AD is usually in userName#domainName format. If my user is john and domain is vmware, it should return john#vmware.
Please advise.
Java and JavaScript are separate languages. For a java servlet you can get the UserPrinciple name property with
GetPageContext().getRequest().getUserPrincipal().getName()
For javascript you'd need to have the server provide this via rendering it as a value, or have some framework or AJAX that allows the user principle be added to the response data or callable via the page script.
I have a java spring web application and currently it has a normal authentication flow. I need to add a two factor authentication implementation to it. For that can we use 3rd party provider like google or any other provider.
I need to add a two factor authentication implementation to [my java spring web application].
Here's a good package that I wrote which implements 2FA/two-factor authentication in Java code.
Copying from the READ_ME, to get this to work you:
Properly seed the random number generator.
Use generateBase32Secret() to generate a secret key for a user.
Store the secret key in the database associated with the user account.
Display the QR image URL returned by qrImageUrl(...) to the user.
User uses the image to load the secret key into his authenticator application.
Whenever the user logs in:
The user enters the number from the authenticator application into the login form.
Read the secret associated with the user account from the database.
The server compares the user input with the output from generateCurrentNumber(...).
If they are equal then the user is allowed to log in.
On android client, I create Credentials, then choose account using AccountPicker and set the account name. On GAE, I have User parameter in every endpoint method. (I described it here)
Android Client ID, Web client ID and audiences are configured correctly.
On endpoint, the user is not null and has correct email set. But when I call user.getUserId() I get null. Is this user authenticated or not?... It really makes me nervous not to know that...
What you describe is odd, and I don't know why you get null when you call getUserId(), but never-the-less I would say, Yes, you are authenticated.
If you want to be sure, then you could try using that authentication from a web client - I read that once you have authenticated an Android user you are automatically given minimal account authentication for web too. So create a minimal servlet that includes the following code:
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
Load the page while signed in with the same account you authenticated from Android and see whether it acts like it already knows you, or whether it prompts the user as it would for a different, un-authenticated user.
This is a bug on google's side.
There seems to be a clunky workaround: save User to datastore and read it back.
I have a Java Web Application that gets information from the user. Before processing the information I wanted to make sure the email entered by the user belongs to the community.
I was originally going to have a file listing everyone int the community's email address. Upon submit, grab the email and ensure it exists in the master file.
Can anyone recommend how to do this with Google App Engine platform?
Thanks so much!
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
if (user == null) {
response.sendRedirect( "/login" );
}
out.print( user.getNickname() );
You can obtain the email address from the User class above. The code above checks if a user is already logged into the google account. There is Open authorization protocol that would enable you to see if the visitor is already logged into a site that supports oAuth protocol (like Facebook etc).