I will try to keep my question simple..
using an arduino and an ethernet shield i have succesfully set up an http server. over a telnet interface i can send and receive strings between the server and my computer, and that's all i want. But i want to do it over an android application.
i've done my searching and i've found that the simplest connection to an http server is by httpUrlConnection. But i have not managed to get it through.
Everywhere i searched there was the same exmple but i had problems with writeStream() and readStream().. just to be clear i do not want to use complicated methods like post, get, put etc etc, i just want to send and receive strings.
thanks in advance,
Loukas
edit:sorry but after some search i found out i can use http client and not http url connection because i have set up a server at the arduino. my question now is how can i simulate telnet through http, i have found only examples tha use sockets, i want to use httpclient and just send and receive stings like telnet, thanks and i am really sorry i cannot be more clear..
Indeed I can't see the "writeStream" or "readStream" routines in your app. If you made a copy-paste from somewhere, you might want to look at the definitions for those functions...
I googled for an example that looked similar to yours and found this, not sure if it'll help:
http://pastebin.com/gE650RrS
In a nutshell: you need to create those methods.
Related
Im developing a little serverside api to use with a java client (which i wrote too).
The api is written with jersey (RESTful) und running on a tomcat server. The data it provides is passed to the client as Json-String and all communication is performed via Http.
I now want to ensure that only my own client programm is able to access the api (At the moment, as its http, everyone could receive the json data via an ordinary browser). Therefor, im looking for a way to "identify" my clientside programm to the api with a key or something like that. I first thought about using the user-agent for identification, but this could easily be copied. So i need some kind of key which changes dynamically or something like that.
Whats a good way to do that?
I searched in the net but didnt find a proper answer (maybe wrong keywords?), so im happy for every hint and/or link about that topic.
Edit: The client side programm is an android app. I want to make sure noone is creating a similar app and use my server for his purpose.
If the attacker has a the client in his possession, there's almost no security that can't eventually be compromised.
A good start, that's fairly out of box is bi-directional SSL authentication (Client and Server certificates). This is supported out of the box and requires little code changes.
For some reasons I need to develope an own HTTP client. I managed working with the HTTP protocol, but I don't know how to send it via java...
For example, I got the following request message I want to send (I couldn't test it, so I am not sure that it is in a correct format):
GET http://example.com HTTP/1.1
Transfer-Encoding:UTF-8
someOtherParam=thatIsThis&name=value
All I could find was making up a connection using URL.openConnection() - but with that connection, I can't send the whole message, but have to put the header values via the connection.addRequestProperty() method.
Can anyone help me and tell me how to send such a message to a server?
(And yes; I do know libraries like Apache HttpComponents :))
Best greetings,
Martin Bories
thanks for your help - Sockets did it :).
For anyone who is running into the same problem: Use sockets - you can simply write and receive messages and implement an own HTTP implementation.
I currently have an TCP Java socket communication implementation in which I have a server that is listening to a port (let's say port 5478). Then I need an Android client to remotely connect to the Java server and send a SQL query, than will then be executed on the server side database and then I want to send a list of results back to the Android client (already implemented with a custom Java class named Result that implements Serializable). I do this by sending an ArrayList of Result to the Android client. The Java server is always listening to the port and supports multiple clients trough multiple Threads. How can I migrate this implementation to a more secure platform and what is the best way to do it? I don't need to respect HTTP protocol to afford this communication. Is Tomcat the best solution?
Thanks
I would use Servlet3.0 as part of tomcat.
Then from android you just have to send http requests to the server using a URL and the servlet can database them. You can also serialize the data as well if you need to.
I hope that answers your question.
~ Dan
//EDIT:
Once you have set up eclipse and tomcat, you can start writing servlets. First - you have to configure the server to use servlets for certain addresses, for example localhost:8080/myServlet - that means that anything you send to local host triggers the servlet. The code for your first servelet looks like this:
public class ExampServlet extends HttpServlet {
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
Your doPost method is what gets called when you perform a http post request on the address the servlet is listening on. Then, all you have to do it put some code in to read the request to get the data out of the message body. Basically you read your request object that gets passed in, and you write to your response object to send the response back to the client. There are plenty of guides out there. I followed something like this to get started:
http://www.coreservlets.com/Apache-Tomcat-Tutorial/tomcat-7-with-eclipse.html
Hope that helps :)
~ Dan
Tomcat is an Servlet container + webserver. If you plan to move to tomcat then you are implicitly moving to http. And yes, if you want a secure communication .. you can create a soap based webservice(apache axis) and host it on https.
I'm not sure how mutch additional security tomcat is able to provide for your application. Two tings come to mind:
Enforcing authentication and some access rules. This is not too hart to implement and heavily depends on the rule quality. However it may help f you use it. It's often replaced by own imlpementations. However, to get securty you need encryption i.e. https. Or it's possible to steel the session and gain the rights bound to it.
Request to file mapping. This in fact somewhat more complicated. You shouldn't code this on your own. It's more complicated than it looks at first sight.
However, one of the biggest security wholes ever is directly executing code you got from somewhere. For example SQL statements. Ok it's secure as long as your databse rights are set perfectly...
Developing a securly encrypted protocol is not simple either.
However, the major win on switching to tomcat (or whatever) might be scaleability for free. And I think implementing servlets is much simpler than programming against sockets. And there are many great to tools fo working with http(s) though ven it might be more complicated than yours, it's pretty simple to deal with.
Unfortunately I can't answer our question. I don't know what's the best solution is. But I think there's at least some potential for wins.
I am trying to develop a Proxy Server (TCP) in Android for YouTubeApp. I am going to use ProxyDroid (the phone is rooted), so that request/response goes through my Proxy Server. As its Android, I am using Java. But there are couple of challenges:
The request from the YouTubeApp has to be parsed. Is there is any existing library for parsing HTTP requests (in Java and can be used with Android)? Can anyone even suggest some snippets of code for this purpose? Or, do I have to do the parsing myself?
When requesting a remote site; e.g. www.google.com, do I have to use URL and openConnection()? Or, can sockets be used also? I am trying to find a way so that I can use sockets and get response from any site?
Hope to hear from u guys soon.
I'd like to ask if my solution is OK or if there is a better way to do this.
I have an Android client and a Tomcat server. I send a few words (as a POST saved in JSON) to server and server sends me back a JSON with an article containing those words.
Suppose it's a public app, so a lot of people may send a 'request' for an article.
I'm not sure if I'm doing this right, or if there's another and proper way to do this.
Thanks
Since you android client appears to be "Getting" an article you might consider using a GET request as opposed to a POST request, however the differences are trivial. Otherwise your solution sounds perfectly fine. Look into "REST" and "SOAP" as different options for writing web service APIs.