I've got a simple SPA Sprint Boot application - executable jar with embedded tomcat and looking to plug it into siteminder with preauthenticatedauthenticationprovider. Application is http://someserver:1234
Documentation states that a WebAgent is installed on a web server and that 'intercepts' requests. Would the WebAgent be deployed in a separate container? If so, how does it intercept requests? All documentation refers to this intercept, but doesn't state the mechanism.
Does it need to be deployed inside the same container to intercept requests? The only way I can think any http headers are intercepted is through proxies.
There are 2 ways to configure Web Agent.
1. Local Configuration
- Setup Agent in the sever where Applciaiton is hosted.
2. Centralized Configuration
- Setup Agent in the a web server like Apache and add proxy entries to the backend applications. this configuration intercepts each and every request going from the webagent server. I recommend this. if you have still questions drop here.
- Thanks,
Chiranjeevi
Related
I want to know how a web service written using java and spring framework able to receive and respond to HTTP request using web server. Is web server is one of the component of a web framework or it is independent of what framework we use. Can we deploy service written in node + express on a tomcat server ? If web server is a part of web framework then what is the flow. How spring instantiate a web server and how multiple clients request are responsed. Is it true that tomcat server can create a max limit of 200 threads only . What if we have more than 200 client request, why the response does not get delayed.
For handling http requests you will simply deploy the java/spring web application as war or convert into spring boot jar.
Tomcat can have more than 200 threads.
Can you deploy node+express on tomcat? the theoretical answer is possibly with some hack, but the practical answer is no.
Node is designed to run as a separate process. You can run your app using:
$node app.js
I have developed a Spring MVC app that can detect Ajax requests sent into my local environment 'localhost:8000/examplePath' with a json body being received as a mapped parameter. So, until here, all is fine.
My question is: Do i still need to deploy my application on a container 'Apache Tomcat/ HTTP Server for example' for my application to be accessible externally on a possible production environment, and if so why?
I want to better understand the necessity of such, if my backend 'Spring MVC app' can already receive and respond to ajax requests
Spring MVC creates a Web application that must be deployed to a Web Application Server to run. The server handles the low level stuff such as raw sockets and the HTTP protocol.
This is because you can't access from internet to your local environment, you need a public adress to access your application from everywhere only if you want to access it over internet otherwise can do it with a local network connection to access it.
If you want any container, you can do it easy with Pivotal. This a container platform for Spring apps.
my web application based on standard OSGi with three different bundles that expose the API Rest (CXF library) for back-end otherwise Play framework for Front-end that calls the api exposed from three bundles before cited. Actually there is already authentication process by SSO and password with in front of an Apache proxy configured with virtual host listened on a port defined. How and where can I insert authorization layer to cover all three bundles that expose the API services ? What is your advise ?
You can add a CXF interceptor . Just implement/override the common CXF interceptors to customize the authentification process.
How can i enable SSL (two way handshake) in web application in tomcat to external application. I searched in google. But it gives a way to enable SSL between tomcat and client. But i need to enable SSL between Web app to external application (the application in tomcat calls an another rest web service). How can i do that?
EDIT
I know that we can consider that the web app as a client and external application as the server and then we can enable SSL. But i need to find a way to configure it in Tomcat. In here the external Application means, .
There are no way to do it in tomcat level. I could enable it in the application (in the server) level. I used this link to do that.
We want to realize a SSO-infrastructure with some IBM Domino / Websphere products and one custom web application. All IBM products are configured for SSO. Therefore, the WebSphere Application Server 8 generates an LTPAToken2 after successful login in one of the IBM products. We want to achieve the same behaviour for our own custom web application. After login into this web app, a LTPAToken2 should be generated.
Therefore my question: Is it possible to generate a valid LTPAToken2 in our custom web application? Or maybe, is it possible to use the WebSphere Application Server APIs for this generation? Which steps would be nessecary to achieve this? At the moment, our custom web application is not hosted in a WAS, but on a Tomcat.
Thanks and best regards
Ben
As long as you have your application hosted on a tomcat server that is not possible. There is no open API from IBM for creating LTPA tokens.
If you would have had the same user directory and using standard Java Security Mechanisms you could move your application to WAS, where SSO is configured. Not only would it be possible, your LTPA tokens would be created on login to your web application without any further configuration.
As it seems have a solution with two different user directories, sharing the same user id but not the password, you need to take other measures to achieve SSO.
One is to have an Access manager software which handles login for all your applications,
A second solution is to write some custom code. Login into the tomcat server could generate a custom cookie. You need to write code to generate this cookie. Then you can write a TAI to intercept it on the WebSphere server thus accepting the login. The TAI would be configured in the container rather than in a separate application itself. (example)
I also assume you could solve this by writing servlet filters to handle the login, rather than a TAI.
If your Tomcat app is on the same domain as (one of) the WebSphere servers, and the Tomcat server has network access to the WebSphere instance, you could have a servlet in your Tomcat app accept credentials on its request and pass them in an outbound http request to something like /<secured app>/j_security_check on the WAS instance, record the LtpaToken2 if successful and then add a cookie with its value in the servlet response on Tomcat.
As long as the two servers are on the same domain the browser will send the cookie back if the Tomcat app links/redirects the user to a secured URI on the WAS app, and you have SSO.