I built a ReST service using Jersey in my custom java web application, Spring not used.
I want to use the service to get data for jQuery ajax calls from a jsp.
I have the service working, and the jQuery ajax calls are working.
I need to secure the service such that only users of the application can call the service.
I don't want a user to be able to copy the ajax url and later, from some other computer, call the service directly.
I think it can done in same way you might have done for handling session for you JSP pages. Make your REST service URL session protected the way JSP page are protected.
Related
I have a method residing at backend of GWT framework , I usually call this method via RPC.
I am in a situation where the application redirects to a separate JSP page , Now from this jsp page i like to call the same method which resides at the backend.
Is there a possibility i can call that method from my jsp page via RPC or some other means .
There are 2 approaches I'd suggest:
Load the app's JS file (in your JSP), and have a JS function "exported" from it, which knows how to make RPC calls. This function would thus work as a passthrough JSP->GWT->Backend
Expose your GWT backend through an easier protocol, one that can be used easily from JSP (such as a REST API, or even a simple ajax call), and avoid RPC alltogether.
Other than this, please be aware that you can't easily decode and/or compose a RPC message, so I don't think you can do it yourself.
I need to make few pages CSRF protected in my project. I am using struts2.
I have a page where I make multiple JQuery AJAX calls at the same time to get data from server.
My problem is that if I pick token parameter from JSP and send it with one of the JQuery AJAX
calls then what about other AJAX Calls because once the token is sent to server that token will be invalidated after use.
Any help on this is appreciated.
I've build a RESTful backend in Spring + Hibernate framework. Now, i'm starting with frontend in Spring MVC. So, my jsp pages make an AJAX call to the frontend URL which inturn calls the backend URL to get the data.
Is this a proper way of implementation? Or should i re-think on the design? How about replacing frontend Spring MVC with Angular.js or any other framework?
So, my jsp pages make an AJAX call to the frontend URL which inturn calls the backend URL to get the data.
No. The JSPs are your frontend. JSPs are one way to generate and deliver HTML to the client. When it is successfully delivered to the client, the HTML is rendered and the JS is executed.
Within the JS-code you are able to make calls to the backend to get your data.
Is this a proper way of implementation?
Yes.
How about replacing frontend Spring MVC with Angular.js or any other framework?
You are free to do that as you like.
Since recommending one or the other framework would be based on my subjective opinion, I won't say anything but: Angular is en vogue. So: yes, it is one possible solution.
And since Angular itself is only a JS-framework you could combine it without further ado with JSPs.
I am new to all html and rest web service.
I have use html form in index.jsp file which accepts the username and the password.
This form call rest web service using action attribute.
Web service authenticate the user from the username and the password provided.
Now depending upon the authentication done by web service, I have to send various pages to client's browser again.
Like for manager, employee, admin, there will different pages for each one of these. Depending on the authentication, designation is fetched from the database in web service.
I have tried with doing Response.TemporaryRedirect(uri); and Response.seeOther(uri);
But it didn't work for me.
Is there any other way to redirect page from rest web service?
Thank you.
Solved, I need to write the code for redirection using Response.TemporaryRedirect(uri)in the finnaly block. It works for me.
As i mentioned earlier and as you said you have HTML and your REST service at the same location, it would be great to look at Servlet Filters... They primarily are called whenever your application REST URLs are accessed
If you are using JSP, and you have REST at the back, you can still use Servlet Filters because you are talking about a web application.
I am working on a project that uses Spring MVC, and one of the requirement involves sending request to an external services to handle some transactions.
The problem now is the external services only takes POST method, and I've looked everywhere and could not find a way to forward user to external site as a POST request(similar to form submit).
What we are trying to do:
1) My Controller will receives request and execute some backend thing and construct some parameters to pass on.
2) *Send request to external service via HTTP POST method with some parameters.
(note. User's browser will show URL of the external site.)
I've looked into different return types for Spring MVC and could not find anything that fits.
Any advice would be greatly appreciated.
Thanks!
You can use the Apache HttpComponents library to send HTTP requests from you controller. It's easy to use, and there's plenty of documentation and examples.
Supposed that this is not an issue related the Spring MVC. That's the same solution Which you try to implement such operations in Servlet I think.
First of all, this external site should be an async service and you neednt get the response from it, right? If yes, i think the simplest solution is that you can new URLConnection within your Servlet or Controller, construct the params and set the POST method, and then send out the request. After that, you can response to your local page as you like.
The second solution, a dummy JSP page is needed. The page will post a form to external service and redirect to the target page as you needed. No matter you use a javascript or not, I think the user will see a refresh on the browser.
You won't be able to redirect as that implies a GET.
Since your client is using a web browser, it should be possible to return an HTML document with a form, and then to submit that form (with a method attribute of POST) when the page has loaded.