堆栈内存溢出
  简体   繁体   English

非Java Web应用程序以针对Java servlet进行身份验证

[英]Non-Java web application to authenticate against a Java servlet

 原文  2009-09-28 01:28:14       java/ javascript/ security/ java-ee/ dojo

问题描述

We have a Java EE web application deployed to JBoss . 我们已经将Java EE Web应用程序部署到JBoss This web application is used for authentication purposes. 该Web应用程序用于身份验证。

Now we would like to have other web applications that are not written in Java to communicate and authenticate against this web application. 现在,我们希望拥有其他不是用Java编写的Web应用程序来针对该Web应用程序进行通信和身份验证。 The reason we want to do this is: Suppose we have a small web application that does a simple task for the user. 我们这样做的原因是:假设我们有一个小型Web应用程序,它可以为用户完成简单的任务。 This web application could be implemented purely with the plain HTML stack plus a little bit of JavaScript, hence we would like to not introduce the complexity of Java EE into it. 该Web应用程序可以完全用纯HTML堆栈和少量JavaScript来实现,因此我们不想在其中引入Java EE的复杂性。

Is there a good way of doing this both secured and efficiently? 是否有一种既安全又有效的方法呢?

More information: 更多信息:

The web application used for authentication is a huge Java EE program with other functionalities. 用于身份验证的Web应用程序是具有其他功能的巨大Java EE程序。 We'd like to slowly get rid of it, and part of this process involves moving some of its functionalities outside the stack. 我们希望慢慢摆脱它,并且此过程的一部分涉及将其某些功能移出堆栈。

At this phase, we are leaving the authentication module as is, and start with other parts of the program (hence why we don't want to bundle these small web applications with the main program and uses Java EE). 在此阶段,我们将保留身份验证模块,并从程序的其他部分开始(因此,为什么我们不想将这些小型Web应用程序与主程序捆绑在一起并使用Java EE)。

2 个解决方案

解决方案1
 1  2009-09-28 01:33:19

You can put static HTML and JavaScript code inside a Java EE web application. 您可以将静态HTML和JavaScript代码放入Java EE Web应用程序中。 Why not just put it there since you have the application anyway (and need it for authentication I assume) and then add appropriate mappings to your web.xml so you can only access those pages if you're logged in. 为什么不把它放在那里,因为无论如何您都拥有该应用程序(我认为它需要进行身份验证),然后将适当的映射添加到您的web.xml这样您只有登录后才能访问那些页面。

It's a little difficult to answer, because I'm not sure exactly what these other pages will be doing, how they will relate to the Java web application and so on. 回答起来有点困难,因为我不确定这些其他页面将要做什么,它们将如何与Java Web应用程序关联等等。

解决方案2
 0  2009-11-16 08:35:17

If all you need is authentication, here's a small and lightweight open source library, http://spnego.sourceforge.net , that is installed as a servlet filter. 如果您只需要身份验证,这里是一个小型轻量级的开源库http://spnego.sourceforge.net ,它作为servlet过滤器安装。

They also have examples on how to use a SOAP client with a protected web service. 他们还提供了有关如何将SOAP客户端与受保护的Web服务一起使用的示例。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在非Servlet 3.0 /非Java EE 6中激活jax-rs ContextResolver和应用程序 - How to activate jax-rs ContextResolver and Application in non-servlet 3.0/non-Java EE 6 使用 maven 但非 Java 应用程序的吊臂 - Using a jib for maven but non-Java application Linux上的Java:最大化非​​Java GUI应用程序 - Java on Linux: maximize a non-Java GUI application 如何在 Windows(非 Java)应用程序中使用 Java 时区 ID? - How to use Java timezone id in a Windows (non-Java) application? 非Java EE 5 servlet和Java EE 5 servlet容器之间有什么区别? - what are differences between the non-Java EE 5 servlet and Java EE 5 servlet containers? 什么是非Java代码? - What is Non-Java code? 使用Java打开外部非Java文件 - Opening an external, non-java file with Java 在 Java 中获取非 Java Windows 的标题 - Get titles of Non-Java Windows in Java 包结构中的非java文件 - non-java files in package structure 从WAR加载非Java资源 - Load non-Java resource from WAR
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM