Java - Authenticate user using web application's security framework without Http requests
So I have a Tomcat server within a Java web application, authentication is done using Tomcat's usernames and passwords specified in the tomcat-users.xml file, and form based authentication (posting to j_security_check). I have now also registered a remote object (using Java RMI) that I want to access from outside of the web context, from an eclipse plugin.
My intention is to obtain the remote object which has a method
public AnotherRemoteClsWithRestrictedMethods login(user, pass);
and then the implementation uses the web application's security framework to verify the user and password combination. If valid, would then return another object with restricted methods.
How would I go about obtaining / querying the web application's security details?
Note: I do not have an HttpRequest
object, should I call another URL to verfi开发者_如何学运维y the user? Any other ways?
Thanks in advance.
j_security_check
is a HTTP based authentication. You'll really need to fire a HTTP request.
You can use java.net.URLConnection
for this, or the more convenienced Apache Commons HttpClient.
精彩评论