I'm using the Java Preferences API to store and retrieve small pieces of information in a swing/java application.
Now i have setup Java Web start to launch the application from my web page, and I get a security exception. In order to get rid of this exception, I'd have to prompt the user for permissions. And I refuse to do that because my application does nothing else that would require the user's permission.
That's why I need an alternative solution for storing a few key values from one execution to another. Some sort of cookie or whatever. Do you know any please ?
You may want to look into using PersistenceService, a feature of Java Web Start that "provides methods for storing data locally on the client system, even for applications that are running in the restricted execution environment." Related examples may be found here and here.
Related
I want to use firebase with Java web application using the full potential of java web like faces, Servlets
so lets say I want to register a user and the faclet will create an object of entered data and sends it to a servlet that will run some validation, then how can I add him to firebase from the servlet (Of course using JavaScript but how)?
You seem confused about the difference between Java and JavaScript. If you build a web app using Java on the server, you have two types of code that can run:
You have the Java code of your servlet, which run on the server.
You have JavaScript code, which runs in the user's browser.
If you need to access Firebase products from the servlet, you do so using the Firebase Admin SDK for Java. The documentation contains a section on creating a user from there.
If you need to access Firebase products from the browser, you do so using the Firebase Web SDK. The documentation for that also contains a section on creating a user.
There is no single right-or-wrong way to create a user. You will have to make up your mind where you want user creation to happen.
That said, since you're new to this, I recommend foregoing the Java server for a moment and first get started with just client-side Firebase. For a quick start, I recommend taking the Firebase codelab for web developers.
We have a java desktop application and we are planning to launch that java desktop application using JWS and that is working absolutely fine.
The issue is -- we ask some user related information from user on web page and launch java desktop application using JWS. Now we would like to have that information provided by user on web page in our java application. Please suggest how we can access those information in java code ? We have find two approaches --
Can java code read that information from cookies ? I have not find any help how to read cookies using core java code ? again what if cookies are not enable on user's desktop ?
Can we pass information using JNLP file ? Can we write all information in JNLP file ? can pass as an argument to the java code ? does the length of the argument matter here ? can we get information from JNLP by some other way ?
Please suggest if you know another approach better then these above two approaches?
We can rule out approach 1.
Approach 2 is fine if the information is minimal. In one of our projects, we dynamically generated the jnlp file, based on information received from the web interface, which resulted in the java application being customized for the user.
You could also have the application communicate with the backend (say over http) and pull more information as required.
Hi I am c++ developer and my knowledge to web technologies is minimum. Right now i am trying to design a web application which the development team can use to connect to specific customer and collect any crash dumps or log files.
With my research i realized it could be the following way.
1) develop an agent with build it http server and listing for request in specific port and install it in a machine with internet access and public ip address in all customer sites environment.
2) The agent is capable of collecting the required information from the customer environment based on the request it receives.
3) Develop an application with browser interface, and installed it centrally on the development data center. This application must have capability to connect to a specific customer environment and send http request over the internet to listening agent in that customer site and collect crash dump or logs or some statistics on the customer environment based on the request.
I am not sure this is the right way of doing, but I am sure there is a better way to do it.
Any help or pointers on what is the right approach and what kind of infrastructure is require to implement this kind of a service is highly appreciated.
Regards,
Prakash R
The approach looks serviceable, except you don't need to develop any applications to do that, as existing applications fit the bill nicely:
Use a web server of your choice. Apache is well known and open source (free). You might wish to configure security.
Assuming you're running under unix, you could use a link to include the log directory in the file system the apache serves.
Use your browser. (You obviously have one already). If you have many sites, you could use bookmarks, on a link list in your intranet, or ...
I need to implement single sign-on in my java web application which can achieve the following features:
All the computer joined in my domain smb.local , after user login in the computer, and type http://localhost:8080, my application know to use the current logined user to login into my web application.
So what protocal should I implement ? Or any reference ?
Thanks very much !
If you want to "automatically" extract the user's Windows credentials, one option (maybe the only one?) is NTLM. Once you've actually got the credentials, you'll need to check them against the authoritative source - Active Directory exposes details as LDAP, so most security frameworks would be able to cope with this.
I've done such a thing a few years ago with Spring Security, including deriving privileges based on Windows group membership, and it worked very well.
Recently I worked with CAS from Jasig, you can also check OpenSSO or Josso to have a SSO. From there, you'll find the documentation of each project and how to integrate it in your application.
For the automatic connection "as long as your logged on the computer", I'm not sure that's even possible. If it is you'll certainly need a specific browser (and some plugins for this browser).
Is the authentication centralized anywhere (LDAP, for example)?
I am designing an enterprise security server for our company - we own many different applications, most written in java and a few written in PHP. I could provide a remote API that would give each application access to the server. I could also create 'agents' that each application could include that would do all the work for them, but allow my server control over their sessions and thus their authentications/authorizations. Issue is I would probably be better to write the agent in java because 80% or more of our apps are in java.
If I wrote the agent in java does anyone know if there was a way this program could access the php session? If not does anyone have a suggestion regarding a better way to go about doing this?
The session data is stored as a (php) serialized array in a temporary folder. The locations for these are set in the php.ini file.
But you can change both the format of the data and the place it is stored (e.g. to a database or shared memory or somewhere else) by writing your own handler.
A quick google suggests that several people have written [de]serializers in Java for PHP data. e.g. http://hurring.com/scott/code/java/serialize/
If you have problems with the built-in PHP serialize function - have a google for WDDX (which IIRC comes as standard) and serializes data into XML.
You might want to think about how you keep the session data appearing to be active to PHP if you want the agent to continue independently of the web session.
C.
You can hook into PHP's session handling using session_set_save_handler() (an example for a simple but complete custom handler is included in the manual). You should be able to synchronize PHP's session management with a central Java server that way.
Your PHP application would receive a session ID through a cookie ($_COOKIE["SESSION_ID"] or whatever).
Your custom session_save_handler would, instead of maintaining a session store of its own, pass that session ID to your central Java-based security server, and get all the session data in return. Writing into a session from PHP would be routed the same way.
You could of course also go the other way, and poll PHP's internal session data from the outside, but wouldn't quite understand what exactly for. If that is the case, can you go into more detail there?