I am new to all html and rest web service.
I have use html form in index.jsp file which accepts the username and the password.
This form call rest web service using action attribute.
Web service authenticate the user from the username and the password provided.
Now depending upon the authentication done by web service, I have to send various pages to client's browser again.
Like for manager, employee, admin, there will different pages for each one of these. Depending on the authentication, designation is fetched from the database in web service.
I have tried with doing Response.TemporaryRedirect(uri); and Response.seeOther(uri);
But it didn't work for me.
Is there any other way to redirect page from rest web service?
Thank you.
Solved, I need to write the code for redirection using Response.TemporaryRedirect(uri)in the finnaly block. It works for me.
As i mentioned earlier and as you said you have HTML and your REST service at the same location, it would be great to look at Servlet Filters... They primarily are called whenever your application REST URLs are accessed
If you are using JSP, and you have REST at the back, you can still use Servlet Filters because you are talking about a web application.
Related
Assume we are designing a Spring webservice. We need to build also a web interface for it. As i understand, browser needs an HTML document to display it to user.
Can HTML be created on server and be sent as response to client's browser or only xml docs can be a response? Any details would be helpful.
If we need to process an XML response, build HTML and display it in browser, what is the most convenient way in Java context?
Best way you can make Spring boot restful web service and get json output from it and display it with Angular2. or you can use Spring Mvc and create web template with jsp pages and you can display it on browser.
here is the best video for follow spring boot
1 - You can have static HTML on the server that is served as user requests your webpage.
2 - Add some javascript functions on the HTML pages to request your Spring java aplication endpoints and return response as json (or xml). For this purpouse Angular could be a good choice as stated above.
Note: This question is specifically for Java but I suppose it can apply to nearly any server-side language.
I have a login page with a form that submits to an application's servlet for authentication. I had to modify the login to submit to the an SSO servlet for authentication. However, I need to pass back the SSO servlet response to the application's servlet so it can complete its part. I don't want the SSO servlet to return back to the client; I want it to pass the baton to the application's servlet, which will do its thing and return a response back to the client.
How can I realize this approach?
Thank you.
From the SSO servlet you can issue a redirect to the browser with the necessary parameters. Redirect URL should be your application's servlet. Refer
http://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletResponse.html#sendRedirect(java.lang.String)
I built a ReST service using Jersey in my custom java web application, Spring not used.
I want to use the service to get data for jQuery ajax calls from a jsp.
I have the service working, and the jQuery ajax calls are working.
I need to secure the service such that only users of the application can call the service.
I don't want a user to be able to copy the ajax url and later, from some other computer, call the service directly.
I think it can done in same way you might have done for handling session for you JSP pages. Make your REST service URL session protected the way JSP page are protected.
Is there any way to use FORM and BASIC authentication together in my webapplication? I have a RESTful interface in it and I'd like to allow scripts to use it with the simple BASIC auth method but I'd like to have the FORM based auth for web clients as well. I'd like the webapp respond with 302 Moved Temporarily redirecting to the login page for unauthorized requests, but if it finds that the client is sending the BASIC authentication's HTTP headers with username and password, then accept them just like in BASIC authentication.
I see that this is not possible with a single web.xml configuration but wondered if anyone else has some solution for this.
Can you use a filter?
Inspect the request for your headers. If present do the login process and add session data etc. to the request. If it fails then either ignore it or redirect.
If I configured container auth then my code was never invoked without authentication. So the answer is no. Jenkinks CI and similar software use FORM based authentication for a restricted set of web resources and make use of Spring Security where things are more flexible.
I'm trying to create a user login page for my jersey webapp on tomcat that behaves like all the other pages on the web. That is, the user sees a nice login page opposed to a popup (like BASIC tomcat authentication) and the passwords are hashed before comparing to the DB entries. Is tomcat authentication the right way to do this?
It seems that I want to use DIGEST authentication for md5 hashing but FORM authentication to get a page rather than a popup. Perhaps there are java libraries to do this instead, and I should simply not use tomcat for this.
Check out Apache Shiro or Spring Security.
When using the form submission approach, BASIC versus DIGEST does not come into play at all since it isn't using HTTP Authentication. It simply sends the user id and password via an HTTP POST as parameters to a URL that is predefined by the Servlet specification, allowing the Servlet container to process them. Security of the data using this method is achieved through the use of SSL.