Log in using Java where server's authentication could be sso or web applcation container's basic

Posted by Ed on Stack Overflow See other posts from Stack Overflow or by Ed
Published on 2010-03-08T08:41:12Z Indexed on 2010/03/08 23:51 UTC
Read the original article Hit count: 581

Hi,

I have a situation where ideally I want to be able to log-in to a secure area using a Java application.

I would like to make an HTTP request and check the response to see if I need to do some kind of authenication before I can actually get the response expected, instead of effectively some login page. The complication is that the server that responds will not always be the same - the user of the Java app specifies the URL - and the server may be using some kind of single sign on authentication or the web container's.

I don't know the field names for the username and password fields or the action of the form, is there a simple way to obtain this kind of information from the URL?

I see the URLConnection object has methods getPermission() which has a method getActions() but are not suitable, anything that might be?

I guess example things I am looking to determine:

  • Does the response require authentication?
  • If so; what type / which servlet? e.g. j_security_check, josso single sign on, ...
  • And then some way of authenticating the client
  • And finally managing the state of the authenticated user for other requests

Do I need to know the attributes of the login form before attemping to login? And then, is the onoly way of verifying permission to the requested resource to manually manage the cookies?

Thanks in advance.

© Stack Overflow or respective owner

Related posts about java

Related posts about sso