开发者

Java - Authenticate user using web application's security framework without Http requests

So I have a Tomcat server within a Java web application, authentication is done using Tomcat's usernames and passwords specified in the tomcat-users.xml file, and form based authentication (posting to j_security_check). I have now also registered a remote object (using Java RMI) that I want to access from outside of the web context, from an eclipse plugin.

My intention is to obtain the remote object which has a method

public AnotherRemoteClsWithRestrictedMethods login(user, pass);

and then the implementation uses the web application's security framework to verify the user and password combination. If valid, would then return another object with restricted methods.

How would I go about obtaining / querying the web application's security details?

Note: I do not have an HttpRequest object, should I call another URL to verfi开发者_如何学运维y the user? Any other ways?

Thanks in advance.


j_security_check is a HTTP based authentication. You'll really need to fire a HTTP request. You can use java.net.URLConnection for this, or the more convenienced Apache Commons HttpClient.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜