Can I somehow interact with Internet Explorer with/from a J2SE application.
I am looking for a way to open a URL from my Java application, and then enter a username and password in the login form on that URL.
What about Java Native Interface?
If it can not be done with a J2SE application, What about a J2SE Applet ?
I am trying to develop a Single Sign-On mechanism/procedure using Java.
I am trying to develop a Single Sign-On mechanism/procedure using Java.
If you mean single-sign on from the operating system login going forward, I would write it in C or C++. Using Java native interfaces just would not be the right technology for the job.
If you mean single-sign on to enterprise resources via the web (e.g., log on to Windows, then log-on in web interface to external resources), then you can easily do this in Java.
To redirect to a given URL, you have two options:
> In applets, AppletContext.showDocument(url)
> In Servlet/JSP, HttpServletResponse.sendRedirect(url)
- Saish
My Single Sign-On is not an Enterprise Single Sign-On. It does not use the Windows Login.
My Single Sign-On solution consist of two parts. The SSO database/server where the credentials is stored, and a Java SSO Client which is runned on the users computer. The Client establish connection with the server and supplies the master password. He is then able to choose which service(A web page) to log in to.
The Client is then supposed to get the credentials from the database/server, and authenticate the user to the web server which holds the service, all on the user behalf.
It is not enough to redirect to an URL from the Client.. It must also input the username/password values to the Web Browser (Cut and paste is not a good solution)...It is possible to have the Client to POST the username/password and then receive the authenticated web site.. But it can not show this in a web browser because it can not forward the session the Client has established with the Web server..
So this is my dilemma. It must be in Java. Because my Database/server part is in Java. It resides on a mobile phone.
I actually worked on something similar for a former dot-bomb. The issue you will run into is that there is no common standard for logons. Some forms will use 'user' others 'userid' others 'email', likewise for 'password', 'pw', 'pwd', etc. So, you will have to maintain a database of the various sites' login form submission values. We have not even started to touch the ease and frequency with which sites can change the URL used for authentication. So, it becomes a 'n' problem. The more sites you support, the more useful your service will be. However, the more sites you support, the higher your maintenance costs will be.
The one interesting workaround we did think of was to register at every site we supported (at the time, nearly everything was free, so this was relatively viable). We would then have a nightly batch process that would attempt to authenticate to each site automatically. Any HTTP response other than 200 would be deemed a failure, and someone would have to look into it the next morning.
So, on a technical level, the solution is really simple. On a practical level, you will be very busy.
- Saish
