We all know that openId has become such a popular method for user authentication, that's why i was thinking if Openfire chat server can use it as well. I know that openId communicate using http protocol while Openfire on XMPP , but i wanted to know If some how Openfire authorization module can be customized to use one of the openID java libraries for authentication (for a web browser based chat client). If possible how much effort it will take for someone experienced(not very experienced) with network programming in java?
P.S. I have also posted this in openfire community.
If you do not want to fully customize openfire,
One way is to create account using openfire user service plugin and make your own authentication and message sending plugin. Openfire supports custom plugins
Fully customize openfire authentication module is second option, but I do not recommend it as it will be trouble in updating openfire.
It will likely take 3 - 4 weeks to develop such thing based on plugin.
Related
I am currently building an android application for my final year degree project but at the moment I have very basic login functionality.
At the moment it is just a username and password stored in a MySQL server, the program fires off a request which runs some PHP to check to see if the username exists in the table and the password is correct. This won't be anywhere near secure enough, I just wanted a placeholder while I got on with other parts of the app.
I've been looking at existing frameworks which can provide secure authentication/authorization as well as session management so the user doesn't have to constantly log on whenever they re-open the app. Apache Shiro (https://shiro.apache.org/) sounds like a potential solution but I've had a good search on Google but haven't found any examples in which it is used for Android projects.
Does anyone know if it is possible to use it for Android Apps? Or if there are any decent alternatives?
Thanks,
Mike
A security service is deployed in a "remote" machine (the server). Your Android app (the client), when a user tries to login, sends a POST to a "/login" endpoint exposed by the server. If successful it will reply with a cookie that the client will use in the further request to identify its session. It is not difficult with a maven project Spring and Shiro libraries, but you need to implement at least a simple WebApp (expose /login, use shiro to verify the credential) deployed in a separate server. If you are ready to write two java app Shiro is a good choice.
Scenario:
I want to add messaging feature to an eclipse plugin and a web application. Clients are eclipse users, and web application users. Whenever a client posts a message to the server with a specific topic, the web application users browsing that topic should immediately be aware of the incoming message.
What are the current java technologies that handle this scenario? I am searching a clean API, solution.
PS. The system has already spring dependencies, the server is Tomcat 7
You can use XMPP via Smack on the Eclipse client and use an existing web based chat client, or browser friendly XMPP client library for your web interface.
Since you are posting to a topic, I would suggest using either the multi user chat or pubsub extensions of XMPP.
You might want to have a look at the Eclipse Communication Framework: http://www.eclipse.org/ecf/
We would like to implement following logon mechanism to authenticate users against AD between Java and .NET applications hosted in different application containers.
Our server setup is
One linux web server with Tomcat on it - this is where our java apps resides
One windows web server with IIS on it - this is where the legacy .net apps resides. [authentication can be done via windows integrated authentication - we don't want to change this - unless no other way]
One domain controller - win 2008
Our aim is to implement authentication mechanism where any user can login through a form via AD [Active Directory] credentials to our login page which is hosted either on .NET or Java. After authentication is completed successfully,user should browse pages without
his/her credentials being asked again.
Reason we need it is we have couple .Net apps which design to use integrated authentication with IIS - and we are designing new Java interfaces where we would like to centralize authentication with a login form where user can login agains AD and switch between .NET and Java apps where the authentication is still valid until it expires or etc.
I heard about SPNEGO project but not sure what kind of setup we need to implement above scenario.
It would be nice if we need no modification to .NET site setup since we don't want to maintain those apps anymore. All helps are welcome and greatly appreciated.
Thanks in advance,
ED
I have developed my web application by using Java EE framework EJB 3, at front using JSF.
Now I plan to add chat tool to my web application. All online users can chat with each other.
Can you please guide me which tool I should use to Integrate it with Java EE to develop my chat application? I also appreciate if you provide code or any link.
1- You have to install a pre developed Chat server. There is many available solutions I advice you to choose Ejabberd ( http://www.ejabberd.im/ ). It's a chat server implemented using Erlang and is considered as a highly scalable server. It's the same as facebook chat server, note that facebook used at the beginning only one server to handle all its chat traffic all over the world.
2- You have to integrate a js chat client that will communicate with the chat server. There is also a cool open source solution for that called ijab ( http://code.google.com/p/ijab/ ). You have just to configure it to connect with your server.
3- To add friends and manage interactions between users, you can use a java jabber library and there are many. This library will be used to connect to ejabberd server. You can choose one of the java clients but there are many.
You'll encounter many problems in the configuration of chat so don't under estimate it
Link: Building a centralized connection-oriented Java Chat Server. This tutorial also provides a good overview on socket/network programming.
I'm looking for an example of a java desktop application that consumes a Two-way SSL secured web service. Any tutorials or examples would be great, especially if they are based on the Eclipse IDE.
Thanks.
First, if you're not familiar with SSL, (self-signed) certificates, keytool, key store, trust store, in one word PKI, I'd suggest to start with The Fifteen Minute Guide to Mutual Authentication and Java Secure HTTP Client Key Management. These resources are just awesome and should help you to get started and to understand what you'll need on the server side and the client side (and why).
Then, I suggest to check Mutual Authentication for Web Services: A Live Example.
And for the JBoss specific setup, check out the SSLSetup page of the JBoss wiki (more precisely the Authentication scenario #4).
I'm not sure what you're looking for, an actual applications that communicates via SSL to a web service provider? SOAPui is right up your alley then - except it's a general-purpose web-service tester and not some domain-specific application.
And it's not eclipse based, although there is a SOAPui Eclipse plugin.