Java - Authenticate user using web application's security framework without Http requests_问答_开发者

Java - Authenticate user using web application's security framework without Http requests

开发者 https://www.devze.com 2022-12-17 23:01 出处：网络

So I have a Tomcat server within a Java web application, authentication is done using Tomcat\'s usernames and passwords specified in the tomcat-users.xml file, and form based authentication (posting t

So I have a Tomcat server within a Java web application, authentication is done using Tomcat's usernames and passwords specified in the tomcat-users.xml file, and form based authentication (posting to j_security_check). I have now also registered a remote object (using Java RMI) that I want to access from outside of the web context, from an eclipse plugin.

My intention is to obtain the remote object which has a method

public AnotherRemoteClsWithRestrictedMethods login(user, pass);

and then the implementation uses the web application's security framework to verify the user and password combination. If valid, would then return another object with restricted methods.

How would I go about obtaining / querying the web application's security details?

Note: I do not have an HttpRequest object, should I call another URL to verfi开发者_如何学运维y the user? Any other ways?

Thanks in advance.

j_security_check is a HTTP based authentication. You'll really need to fire a HTTP request. You can use java.net.URLConnection for this, or the more convenienced Apache Commons HttpClient.