java - Pass authentication info between web service and business layer (Spring, tomcat) -


i have spring web service , business layer deployed separately on 2 tomcat servers. (as explained in question spring ws separately deploy web service , bussiness layer).

business layer servlet container , web service communicate spring httpinvoker.

i use tomcat container based authentication springs preauthenticatedauthenticationprovider , j2eepreauthenticatedprocessingfilter. here not provide client application authentication token. (i mean not manually doing session handling. managed tomcat)

now want make sure requests business layers authenticated client. 1 thing found pass authentication object web service's security context securitycontextholder.getcontext().getauthentication() request parameter business layer. there not have way verify authentication object. idea on way achieve security in business layer?

the httpinvoker way of remoting uses http client, default wil use plain httpurlconnection jdk. way of connecting used determined imlementation of httpinvokerrequestexecutor default simplehttpinvokerrequestexecutor.

now switch use 1 of other implementations use apache commons httpclient under hood. use basic authentication (or digest) pass username/password service layer (instead of authentication object.

spring security supplies custom implementation you, thing need (client side) reconfigure httpinvokerproxyfactorybean.

<bean id="yourserviceproxy" class="org.springframework.remoting.httpinvoker.httpinvokerproxyfactorybean">     <property name="httpinvokerrequestexecutor" ref="requestexecutor" /> </bean>  <bean id="requestexecutor" class="org.springframework.security.remoting.httpinvoker.authenticationsimplehttpinvokerrequestexecutor"/>

see javadoc , spring security reference guide. class can found in spring-security-remoting dependency. next dependency need configure business layer use basic authentication.


Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

javascript - jQuery show full size image on click -

pretty self explanatory not workking . i want display full image when user click on image... yes know there tons of plugins but i want keep simple. any idea ? css : .full { display: none; width: 500px; height: 500px; margin-left: 100px; margin-top: -300px; position: fixed; background-color: #f00; z-index: 6; } .thumbnail { width: 50px; height: 50px; } html: <img class="thumbnail" src="http://4.bp.blogspot.com/-uhbdp2esxng/txneptvi92i/aaaaaaaaaky/upfqis7zto0/s1600/rihanna-wallpaper.jpg"> jquery: $(document).ready(function() { $('.thumbnail').on('click', function() { var img = $('<img />',{src:this.src,'class':'full'}); $('.full').html(img).show(); console.log('done!'); }); }); try looking how jquery works. $(document).ready(function() { $('.thumbnail').on('click', function(...
Read more