I'm trying to develop an android app which needs to fetch information from a servlet hosted in my Java EE application server.
To access this servlet, I need to be first authenticated with the Application server. I searched the web to get information on how exactly this works. During authentication how dows the android app store the cookie, and then how does it transfers the cookie to the server for every request?
I got some bits and pieces of information about HttpClient. I'm not sure if this is the correct one which I should be using. It will be a great help if someone could guide me. If there are any documents available please share with me.
Maybe the HttpUrlConnection documentation page is what you are looking for?
I am assuming this is native app, if so, first you need to authenticate and get the cookie. It would be your responsibility to store the cookie some where and pass it in sussequent http calls. If it is not native, I am not sure how it works.
Related
I have made school management software...for the server side I have designed the admin panel using servlet and jsp technology.and have used mysql database and for the client I have created an Android app. I want to perform login and logout authentication and fetch data of that particular user on his app.. but I m unable to integrate. I need to know what are ways through which this thing is done professionally....
Thanks in advance
At your backend side you have your servlet which handles incoming requests GET or POST. So in android app you just need to make call to your servlet and handle the response.
In android
1. Get the user credentials and pass it along with your request.Either make GET request and append your credentials to servlet url or pass the parameters as POST request.2. To make network calls use libraries such as Volley, Retrofit or you can even use android built-in AsyncTask.(If you are a beginner start with AsyncTask first and then upgrade to libraries mentioned).
Professional way is to develop REST apis at your backend and call them from your android app.
I have two different spring web applications with authentication,
My first application has to get some responses from second application in order to show the required details to the user. Now the problem is, Since the second app also secured I'm unable to get responses from it. Suggest me how can I authenticate second app from server code at first app.
Note: I tried to use CAS server, It returned me the login page's html text when I made a request.
Refer to this https://stackoverflow.com/a/24486898/3487801. Services could be secured using CAS. All you need to do is to add restlet module on your cas server and build a simple Java client to get the ticket and authenticate to your service.
Some says, there is no working Java client for headless CAS. But groovy example on the CAS restful API https://wiki.jasig.org/display/casum/restful+api is actually working. You need to get it modified just a little bit to get it work.
I have taken up an assignment for a website and I am creating an android app for them. I am new to android programming and also new to web programming (using xml, http post and get, etc.).
My doubt is a basic one. I am trying to create the login page for this website and I don't know if the url of the website is sufficient or I need some other data such as the website's server address. And if I do need the web server address, is there a way to obtain this from my browser? Or do I ask the people who made the website itself for this?
P.S. I apologize if this is a very basic doubt. Bear with me. I am a beginner.
I am not an android application expert but I think you would need to get details about the following :
How to pass authentication details to server, for example if you need to get a SAML token from any of the ID servers? Or is it just sending out the plain username and password.
Just the website url may not be enough.
Please have a look at the weblink for authenticating against openID or SAML technologies
https://developers.google.com/accounts/docs/MobileApps
It depends on how the website is structured. Is there some kind of API for the website? If so use that. Otherwise you'll have to post the data to the same page the data gets POSTed to through a browser and find some way to catch an error or success. This method is not preferred. Also there may be some kind of central authentication server (Such as LDAP or AD) If so you would have to interface directly with that.
I am trying to login my Android users with their Google accounts. I managed to get auth token from AccountManager. I also found some info that I need to use Google App Engine (so I did). I wrote some code (it is not the issue) and I have two questions. Maybe someone can help me.
I was following this tutorial. I understand most of it. But should I write any server-side scripts? This tutorial doesn't mention any. Also according to this tutorial I should get code 302 response, which I get. Does it mean that authentication was positive? Or maybe now I have to do something?
I am getting auth cookie (I think it is auth cookie) which contains very long value (I think over 500 symbols), expiration date and name. How should I use this cookie? Or maybe I don't have to use it? How can I use it to get user google account username? (I think there is that kind of value, different from email address)
Anyone can help?
Thanks in advance.
You don't need to write any server side scripts, all the server side stuff is already on every Google App Engine App.
You need to pass the cookie when doing a request into App Engine.
I'd like to embed an ajax application into a wordpress site. The ajax application will communicate with servlets running on tomcat. Now the servlets need a way to verify if a request originates from a user that is logged in to wordpress. How does this commonly get solved?
AFAIK, wordpress is stateless and does not use sessions, which makes me curious how a logged in user in wordpress can be tracked.
The second problem is, how can a servlet request wordpress to verify if a given user is still logged in?
Any advice is welcome,
Thank you.
The only thing that you can do is read the cookies. And that will work only if you are using the same domain (or subdomain and the cookies are valid for all subdomains). The session cookie might not give you sufficient information, however. You can't read a PHP session from a Java app, and generally, you can't mix two applications that way.
As a little workaround, you can check with javascript who is the currently logged user (by finding the username in the DOM), and send that with ajax, but that is not secure at all.