Java Answers Forum - Server Authentication, Cookie and Servlet Program

Articles |
News |
Weblogs |
Books |
Forums

Artima Forums | Articles | Weblogs | Java Answers | News

Sponsored Link •

Java Answers Forum
Server Authentication, Cookie and Servlet Program

0 replies on 1 page.

Welcome Guest
Sign In

Back to Topic List

Reply to this Topic

Search Forum

Threaded View


Previous Topic		Next Topic

Flat View: This topic has 0 replies on 1 page

sakthivel

Posts: 7
Nickname: sakthivel
Registered: Oct, 2002

Server Authentication, Cookie and Servlet Program

Posted: Nov 6, 2002 7:14 AM

Dear All,
I have a problem in the authentication process of my Domino Server. (hope u should have heard about the said server...if not, it is okay. no probs...the said server is the product of IBM and it resembles the same as the WEBLOGIC, IIS, Java Web Server and etc.....fine....regarding the set-up's for launching the servlet program in the domino server....all are completely through...no problem over there...every thing is done, as per the guidence in the domino server administration help..........also i tested by calling that servlet program from my client machine's web browser....it is displaying the result, as per the expectation).

The following is the complete picture of my problem. I am having a simple java servlet program in my domino server. (regarding the set-up's for executing the servlet program in the domino server....all are completely through...no problem over there...every thing is done, as per the guidence in the domino administration help).

I want to contact my above said servlet program (in my domino server), from my simple java program (in my client machine). To contact the servlet program from my client machine, i am using the cookie present in the BROWSER (Internet Explorer), as the entry in to the domino server.
But still the servlet program is not getting executed. As far As the servlet execution from the browser using "http://192.168.10.12:8001/servlet/testing"), the servlet program is getting executed.

But If I get the same cookie (DomAuthSessID) from the browser, using the "alert(javascript:document.cookie)", in the address bar of the browser......and try to call the servlet from my java program, the servlet is not getting executed....could any one pl. advice me for the above problem.

Thanks and Regards
Sakthivel S.

Java program for ur reference:(client machine)
**********************************************
import java.io.*;
import java.net.*;

public class authen
{
public static void main(String args[]) throws Exception
{
try
{
HttpURLConnection urlconnection = null;
URL serverURL = new URL("http://192.168.10.55:8001/servlet/testing");
urlconnection= (HttpURLConnection)serverURL.openConnection();
urlconnection.setDoOutput(true);
urlconnection.setRequestMethod("POST");
urlconnection.setFollowRedirects(true);
urlconnection.setRequestProperty("Connection", "Keep-Alive");
urlconnection.setRequestProperty("DomAuthSessID","AAE228AB683355 46B277E9B375412A8A");
urlconnection.setDoOutput(true);
urlconnection.setDoInput( true);
urlconnection.setUseCaches(false);
urlconnection.setAllowUserInteraction( true);
urlconnection.connect();
}
catch (Exception e)
{
e.printStackTrace();
}
}
}

Hope, the way I have called my servlet program "testing" from my client machine is correct.

SERVLET PROGRAM (Which resides in the domino server)
***********************************************
import java.io.*;
import java.text.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class HelloWorldExample extends HttpServlet
{
public void doGet(HttpServletRequest request,HttpServletResponse response) throws IOException, ServletException
{
System.out.println("####");
System.out.println("### DOMINO AUTHENTICATION ####");
System.out.println("####");
}
public void doPost(HttpServletRequest httpservletrequest, HttpServletResponse httpservletresponse) throws ServletException, IOException
{
System.out.println("####");
System.out.println("### DOMINO AUTHENTICATION ####");
System.out.println("####");
}
}

In the servlet.properties file, i have documented as,
****************************************
# HelloWorldExample properties
servlet.testing.code=HelloWorldExample
servlets.startup=testing

P.S : The above said authentication work (in the web browser) is taken care by my perl program....which is working fine...

the perl program, which does the authentication work:
******************************************
package SSO::dologin;
#file SSO/dologin
#
#This file handles the login function.
#

use strict;
use Apache::Constants qw(:common);
use Apache::Constants qw(:methods);
use Apache::Constants qw(:response);

use SSO::LDAP;
use SSO::UserProfile;
use SSO::Server;
use SSO::Cookie;
use SSO::Cache;
use SSO::Hash;

sub handler {

#
#
# Get the Request Object
my $r = shift;

#Get the UserId and the Password from the Login form
my %inputvals=$r->content;
my $username=$inputvals{'username'};
my $password=$inputvals{'password'};

#if the User information not present send back the error message
if((not defined $username) || (not defined $password)) {
$r->log_reason("UserName/Password Not given ",$r->filename);
return FORBIDDEN;
}
# Construct the UserProfile
my $userprofile = SSO::UserProfile->new();
$userprofile->UserName($username);
$userprofile- >Password($password);

# Authenticate the User

my $ldapserver = SSO::Server->new();
my $ldapIP = $r->dir_config("LDAPServer");
my $ldapport = $r->dir_config("LDAPServerPort");

#If the ldap IP and Port are not given return error
if(not defined $ldapIP) {
$r->log_reason("Environment Variable LDAPServer is not Set",$r->filename);
return SERVER_ERROR;
}

$ldapserver->IP($ldapIP);
$ldapserver->Port($ldapport);
my $ldap=SSO::LDAP->new();
my $authstatus=$ldap->AuthenticateUser($ldapserver,$userprofile);
if(!$authstat us) {
$r->log_reason(" Unable to Authenticate UserName/Password",$r->filename);
return FORBIDDEN;
}

# Check the user status
if(!$userprofile->UserStatus) {
$r->log_reason(" User Status : Disabled ",$r->filename);
return FORBIDDEN;
}

# Generate Hash key (SessionId) for the User
my $theexpduration = $r->dir_config("SessionExpiryDur");

#If the expiry duration is not given return error
if(not defined $theexpduration) {
$r->log_reason("Environment Variable SessionExpiryDur is not Set",$r->filename);
return SERVER_ERROR;
}
$userprofile->SessionExpiryDur($theexpduration);

## NOTE : The User's login time and the expiry time, sessionid will be set by the Hash function
my $hash=SSO::Hash->new;
my $sessionid=$hash->generateSessionId($userprofile,$r);

#if the session is not present return error
if ((not defined $sessionid) || ($sessionid eq "")) {
$r->log_reason("SessionID not generated ",$r->filename);
return SERVER_ERROR;
}

# Check if multiple login allowed
my $multilogin = $r->dir_config("MultiLogin");
my $cache=SSO::Cache->new();
if((not defined $multilogin) || ($multilogin == 0 )) {
# If the user already present in cache remove him
$cache->removeUserByUserName($userprofile->UserName);
}

# Set the user profile in cache
$cache->addUser($userprofile);

# Set the SessionId in the Cookie
my $cook=SSO::Cookie->new();
$cook->setCookie_ErrHeader("SSOAuthSessionID",$ userprofile->SessionId,$r);

# Redirect to the Users Home Page
my $homepage = $r->dir_config("UsersHomePage");

my @form = ("/forms/","dologin","dologout","index.html");
foreach(@form){
if(($r->heade r_in('referer') =~/$_/i)) {
$homepage = $r->dir_config("UsersHomePage");
last if 1 ;
}
else {
$homepage = $r->header_in('referer');
}
}

if(not defined $homepage) {
$r->log_reason("Environment Variable UsersHomePage is not Set",$r->filename);
return SERVER_ERROR;
}

$r->headers_out->add(Location => $homepage);
$r->headers_out->add(referer=> $r->header_in('referer'));
$r->status(REDIRECT);
$r->send_http_header( );
return OK;
}

1;

Previous Topic

Next Topic


	Web Artima.com