Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Java jsp servlet based site and joomla based login

  • 08-11-2007 12:24pm
    #1
    Registered Users, Registered Users 2 Posts: 1,559 ✭✭✭


    Ok we've a new joomla based site which has a login page.
    When someone is logged in they will be transferred to a java servlet and Jsp based site which will open in a new window.

    So when someone logs in using the joomla site page which has a username and password space for logging in I need them to be transferred to the java servlet and jsp based site and logged into that java servlet and jsp based site.

    The jsp and java servlet page has a login page but the joomla based page will become the new login page.

    Is it possible to do this?


Comments

  • Registered Users, Registered Users 2 Posts: 11,989 ✭✭✭✭Giblet


    You'll have to add the relevant information to the session or the cookie when they log into the joomla site, then check that information on the JSP site.


  • Registered Users, Registered Users 2 Posts: 1,559 ✭✭✭quinnd6


    The 2 sites are on different servers at the moment.

    Would that make it difficult?


  • Registered Users, Registered Users 2 Posts: 11,989 ✭✭✭✭Giblet


    Cookies over domains is a bad idea and wouldn't work if third party cookies is disabled on the clients machine. Sessions data wouldn't track correctly unless you can set that up to handle it on both your servers (which means syncing them). You could try using an iframe and js.. *eek*

    If you can get both working on the same server under apache, it would work.


  • Registered Users, Registered Users 2 Posts: 1,045 ✭✭✭Bluefrog


    Off the top of my head this should be possible using XMLHTTP.

    Basically you would login on Joomla as normal. When Joomla authorises the user, those credential could be posted to the Java site via XMLHTTP for authorisaton there and that would give the browser any required cookie and session information necessary to proceed on the Java site.


  • Registered Users, Registered Users 2 Posts: 378 ✭✭sicruise


    Just set up a realm in tomcat and post the paramaters from your "joomla" form to j_security_check serving from tomcat...


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,045 ✭✭✭Bluefrog


    Is there any reason you can't simply change the action atribute in the Joomla login form to point to the authentication page on the java site? I had assumed before that you needed to be authorised on the Joomla site too but maybe this is not the case...


  • Registered Users, Registered Users 2 Posts: 1,559 ✭✭✭quinnd6


    There is an oracle database of passwords so Im not sure if I could use the tomcat security realm option.

    I read somewhere that xmlhttprequest isn't very secure and is unsafe.

    So whats the best most secure option?
    What would you suggest?

    cheers for answers so far aswell guys.


  • Registered Users, Registered Users 2 Posts: 378 ✭✭sicruise


    Install an ssl cert on your login server and that will secure your connection.

    You can use the oracle jdbc driver for tomcat realms.


  • Registered Users, Registered Users 2 Posts: 1,045 ✭✭✭Bluefrog


    well if you use an SSL cert on your java server then any traffic to it will be encrypted including XMLHTTP traffic.

    XMLHTTP no more or less secure than any server request from any other origin. You could also set up the script that receives the request to only accept it from your joomla server's IP if it's not on a shared host.


  • Registered Users, Registered Users 2 Posts: 378 ✭✭sicruise


    Why are you even thinking of using AJAX here? It is overkill and will rule out anyone with Javascript disabled...


  • Advertisement
Advertisement