I am developing a web application where users are going to register on it, after that it displays a dashboard for each user.A Dashboard will be unique to the every user,It should be similar to facebook(i.e if user registers to the FB the unique URL address is generated like www.facebook.com/'name-of-theuser'). I want to implement same functionality on my web application ,what is the logic behind this?How do i implement this? Kindly help me.
Technology using for this is: Front-end : HTML and scripts
Server-Side:Servlets and JSP's
I will have a servlet whose url pattern is /users/*
Then for every user I will have urls
/users/usera
/users/userb
/users/userc etc
In the servlet I will check the getContextPath of the HttpServletRequest and serve a unique page based on the contextPath.
This should help you out:
http://www.workingwith.me.uk/articles/scripting/mod_rewrite
And here is a 'Java version' (for use as a ServletFilter):
http://www.tuckey.org/urlrewrite/
Related
I am developing an application using Spring , jsp and Apache 7.0 server, now suppose i have register domain such as "www.example.com" and in my application the user fills the registration form in which the user is ask to enter his url to name such "123" as soon he submit the form after filling details i want to redirect the him to the newly created URL now in our case "123.example.com"
Now at this movement i have to create sub domain in my code itself before he gets redirected. I have gone through google not find much.
Any help
Thanks in advance.
I am using Struts 1.x framework in my web application .
When the user hits the application URL... ..intranet link is fetched from the db and it should generate the PDF and send this to the user..
Shall I use response.sendRedirect(intranet link);
Will this work in public server(internet)?
Please help me with this
A browser on the web will in general not be able to fetch something from the intranet.
The expensive alternative is to fetch the files from the intranet by your application, and stream them out.
If the intranet uses a user authentication, browser based, maybe Windows Active Directory (via LDAP), maybe SAML, then it gets even harder.
Pragmatic might be to send an e-Mail with the link, allowing the user to get the document in-house only.
I have a web PHP web application that has a link to a java web application. The php application has a login page, and a link to the the java application, but not every user has permission to access the java web application. What I was trying to do is send user credentials from the php application to the java application, and then the java application checks the credentials and if correct logs in the user. I was thinking of using http headers to do this.
So my question is what is how to send user credentials from a PHP application to a java application?
If it helps I am using a Java web framework called Vaadin.
Do a normal POST request from the PHP application to the java application. This can be done as simply as having a normal HTML form in the PHP application, set the form's method to "POST" and action to the java application's URL. If you want to catch HTTP parameters in a Vaadin application, you can do it by using request handlers (https://vaadin.com/book/vaadin7/-/page/advanced.requesthandler.html).
Then a few words of advice or something to at least consider. If your login page is in the PHP application and your "admin" application is the Vaadin application, then I discourage you from doing the credential checking in the Vaadin application. This is because when you enter the Vaadin application, a new application instance is created. This means that your UI will be initialized and whatever else you do in the UI's init method. What you probably want to do, is to hinder the user from entering the Vaadin application unless she is logged in - which means that you need to do the credential checking somewhere else - for example, have a separate servlet whose only responsibility is to log in the user. If login is granted, then give access to the Vaadin application, if access is denied, forward the user to the PHP login screen. The next question is, how do you hinder the user from accessing the Vaadin application until she is logged in? Typically, this is done using servlet filters.
I highly encourage you to use a 3rd party framework for doing the authentication and authorization. Take a look at http://shiro.apache.org/, it's easy to install and seems to work nicely together with Vaadin. All you need to do is to configure it and implement a login screen, the framework will take care of the rest.
If I understood your question, you want to be able to provide an "auto-login-link" to some specific users that are logged in to the PHP application. This link should automatically login the user to the java application, right?
Without knowing any details about this case, like are both apps running on the same domain or do they use the same database (same user credentials in both apps), etc., I would propose the following solution:
Create an action (link) on the java application, which receives the necessary parameters (as GET) needed for creating the session (probably userId is sufficient), timestamp and a signature of all parameters. For example:
http://javaapp.example.com/autologin?userId=123&timeStamp=123456789&sign=hj23kh4j234jk324h
Where the signature is calculated with some strong encryption algorithm. Then you verify that the signature is correct at the receiving end (java app). If it is correct, you create the session. Signature calculation could be something like:
$signature = sha1($userId . $timeStamp . 'some salt' . $sharedSecretBetweenBothApps);
With the timeStamp you are able to check that an old link is not used. For example not allow older than 15 min old links and store used links in the java app to make sure they are never re-used. You do not have to keep history of links older than the expiration time.
Another idea, as discussed in the comments, is creating an API on the java side, which is able to provide a one-time link.
The sha1 algorithm is probably not strong enough, but shows the idea and is simple to implement.
Does this answer your question?
I am developing an application using Spring , jsp and Apache 7.0 server, now suppose i have register domain such as "www.example.com" and in my application the user fills the registration form in which the user is ask to enter his url to name such "123" as soon he submit the form after filling details i want to redirect the him to the newly created URL now in our case "123.example.com"
Now at this movement i have to create sub domain in my code itself before he gets redirected.
I have gone through google not find much.
Any help
Thanks in advance.
You need to enable wildcard subdomains. That will allow your app to respond to requests from anything.yourdomain.com. Next, your app needs to define a route which converts the subdomain to a variable so that you can use it to scope your database requests to their account. Once the user has their custom subdomain set up, they should register their domain under their account (so that you can look up the account by domain instead of subdomain) then create a CNAME DNS record which points to their subdomain. These principles apply regardless of the language/framework.
You could use a wildcard cname (i.e *.example.com) then use a spring interceptor (https://dzone.com/articles/using-spring-interceptors-your) to determine which subdomain the user requested.
I'd like to embed an ajax application into a wordpress site. The ajax application will communicate with servlets running on tomcat. Now the servlets need a way to verify if a request originates from a user that is logged in to wordpress. How does this commonly get solved?
AFAIK, wordpress is stateless and does not use sessions, which makes me curious how a logged in user in wordpress can be tracked.
The second problem is, how can a servlet request wordpress to verify if a given user is still logged in?
Any advice is welcome,
Thank you.
The only thing that you can do is read the cookies. And that will work only if you are using the same domain (or subdomain and the cookies are valid for all subdomains). The session cookie might not give you sufficient information, however. You can't read a PHP session from a Java app, and generally, you can't mix two applications that way.
As a little workaround, you can check with javascript who is the currently logged user (by finding the username in the DOM), and send that with ajax, but that is not secure at all.