How to achieve login in java consuming a web service?

Question

I have a project in java which utilize j_security_check and ldap for authentication. Now my employer want to change it to an authentication using a webservice provided . What they gave me is actually a link as shown below " http://11.111.111.111/ADManager/ADlogin.asmx " I am a total newbie to java and webservice.All I know is if we provide some data to a webservice it will give a response. my doubts are

1. Is it possible to create a login consuming that link they provided?
2. Should I ask them for more info?
3. Is it posible to replace the j_security_check and ldap already configured in my java project?

PS : The one who assigned me this task doesn't seems to have much knowledge either.

Answer 1

The short answer is you can.

You need to do the following:

Each web resource is protected by a (servlet) filter. This filter checks each incoming request and validates the token which needs to be on the http header. If the token is valid then the request is served. If the token is invalid the filter is going to send back http 401 unauthorized. Then redirect to the loin page.

Login with rest service:

1) Create a custom login page with username/password field.

2) Create a rest web service, receives username/password. It will check the credentials against an external access management infrastructure like OpenAM .

3) First, call auth(username, password) rest api to get the auth token. If the given credentials are okay then just send back the auth cookie to the client with HTTP 200 response code.

4) Then, you can call protected rest apis. You need to send auth cookie with your request each time.

5) Servlet filter (or something similar) checks each incoming request and validates the token. If the token is valid then the request goes forward to the rest method, if not you need to generate an http 401/403 response.

I suggest you not to write your own authentication layer, please use an existing one, for example OpenAM.

This forum topic explain everything you.