You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Raju Lokhande <RL...@ne.health.net> on 2002/08/19 19:01:03 UTC
Design question
Greetings everybody,
I am doing some research on possibility of using Tomcat to do a project. General requirements as follows
1. A user will login to the web application and upload a file to a remote server. He or she can only access his or her WIN2K/NT domain to upload this file.
2. User will download a file or a number of files from the remote server - again from his or her domain.
I was told that I can do this job using Java Servlet and IBM Websphere or BEA Weblogic.
I am not sure if this is possible in Tomcat. Has anybody done similar work using Tomcat. Can you share your experiences please?
Thanks
Raju Lokhande
*************************************************************************
This message, together with any attachments, is intended only
for the use of the individual or entity to which it is addressed. It
may contain information that is confidential and prohibited from
disclosure. If you are not the intended recipient, you are
hereby notified that any dissemination or copying of this
message or any attachment is strictly prohibited. If you have
received this message in error, please notify the original sender
immediately by telephone or by return e-mail and delete this
message along with any attachments, from your computer.
Thank you.
*************************************************************************
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
CGIs
Posted by RocĂo Ninahuanca Flores <rn...@atos-ods.com.pe>.
Hello,
I have an aplication in CERN server, and I want to run CGIs in Tomcat, can i
do this?, my cgis were generated by C.
Can I do it?, I don't want to install Apache, I just want Tomcat.
It's because i have a part of an aplication in CGIs and I want to have
another part in JSPs, can I do it?.
Thanks.
-----Mensaje original-----
De: Raju Lokhande [mailto:RLokhande@ne.health.net]
Enviado el: Lunes, 19 de Agosto de 2002 12:01 p.m.
Para: <Tomcat Users List
Asunto: Design question
Greetings everybody,
I am doing some research on possibility of using Tomcat to do a project.
General requirements as follows
1. A user will login to the web application and upload a file to a remote
server. He or she can only access his or her WIN2K/NT domain to upload this
file.
2. User will download a file or a number of files from the remote server -
again from his or her domain.
I was told that I can do this job using Java Servlet and IBM Websphere or
BEA Weblogic.
I am not sure if this is possible in Tomcat. Has anybody done similar work
using Tomcat. Can you share your experiences please?
Thanks
Raju Lokhande
*************************************************************************
This message, together with any attachments, is intended only
for the use of the individual or entity to which it is addressed. It
may contain information that is confidential and prohibited from
disclosure. If you are not the intended recipient, you are
hereby notified that any dissemination or copying of this
message or any attachment is strictly prohibited. If you have
received this message in error, please notify the original sender
immediately by telephone or by return e-mail and delete this
message along with any attachments, from your computer.
Thank you.
*************************************************************************
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Design question
Posted by Mike Jackson <mj...@cdi-hq.com>.
The token is the validation. It's a way of passing around that the user has
been validated. Consider it to be a relay race, there's a baton that you're
passing around. If you have the baton than you're a valid runner in the
race.
A security "token" is like the baton, if your user can present the token,
and it's valid then they're ok to deal with.
This of course has some issues, but it's one way of doing it.
--mikej
-=-----
mike jackson
mjackson@cdi-hq.com
> -----Original Message-----
> From: Louis Voo [mailto:louis@allsofts.com]
> Sent: Monday, August 19, 2002 10:26 AM
> To: Tomcat Users List
> Subject: Re: Design question
>
>
> Can you tell me after validate how you redirect to another site?
>
> Louis
> ----- Original Message -----
> From: "Mike Jackson" <mj...@cdi-hq.com>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Monday, August 19, 2002 6:17 PM
> Subject: RE: Design question
>
>
> > An encrypted token is one way of doing it. We have a system where one
> > system
> > validates the user and then it redirects the user to another
> site passing
> an
> > encrypted token (containing amoungst other things a timestamp to allow
> only
> > a short "window" of opportunity for the token to be used) as a
> parameter.
> >
> > --mikej
> > -=-----
> > mike jackson
> > mjackson@cdi-hq.com
> >
> > > -----Original Message-----
> > > From: Jacob Hookom [mailto:hookomjj@uwec.edu]
> > > Sent: Monday, August 19, 2002 10:09 AM
> > > To: 'Tomcat Users List'
> > > Subject: RE: Design question
> > >
> > >
> > > I'm trying to accomplish the same thing--
> > >
> > > How do you authenticate on Server A, then have that principal
> carry over
> > > to Servers B and C for download authorization?
> > >
> > > Thanks!
> > > -Jacob
> > >
> > > | -----Original Message-----
> > > | From: Luminous Heart [mailto:luminousheart@yahoo.com]
> > > | Sent: Monday, August 19, 2002 12:06 PM
> > > | To: Tomcat Users List
> > > | Subject: Re: Design question
> > > |
> > > | Yes Raju,
> > > | It should be doable. You can download TC latest and
> > > | hack some code. If you want to use some readily
> > > | availabe to help in the process, take a look at the
> > > | Tag libs available on Jakarta. Also there are a few
> > > | File Upload beans floating around the net, go to
> > > | google and type JSP File Upload Bean and see what you
> > > | will get.
> > > |
> > > | I have a couple of applications where a user will
> > > | upload files to a remote server after authenticating.
> > > |
> > > | regards.
> > > |
> > > | --- Raju Lokhande <RL...@ne.health.net> wrote:
> > > | > Greetings everybody,
> > > | > I am doing some research on possibility of using
> > > | > Tomcat to do a project. General requirements as
> > > | > follows
> > > | > 1. A user will login to the web application and
> > > | > upload a file to a remote server. He or she can only
> > > | > access his or her WIN2K/NT domain to upload this
> > > | > file.
> > > | > 2. User will download a file or a number of files
> > > | > from the remote server - again from his or her
> > > | > domain.
> > > | > I was told that I can do this job using Java Servlet
> > > | > and IBM Websphere or BEA Weblogic.
> > > | > I am not sure if this is possible in Tomcat. Has
> > > | > anybody done similar work using Tomcat. Can you
> > > | > share your experiences please?
> > > | > Thanks
> > > | > Raju Lokhande
> > > | >
> > > | >
> > > | >
> > > | >
> > > |
> > >
> ************************************************************************
> > > *
> > > | > This message, together with any attachments, is
> > > | > intended only
> > > | > for the use of the individual or entity to which it
> > > | > is addressed. It
> > > | > may contain information that is confidential and
> > > | > prohibited from
> > > | > disclosure. If you are not the intended recipient,
> > > | > you are
> > > | > hereby notified that any dissemination or copying of
> > > | > this
> > > | > message or any attachment is strictly prohibited. If
> > > | > you have
> > > | > received this message in error, please notify the
> > > | > original sender
> > > | > immediately by telephone or by return e-mail and
> > > | > delete this
> > > | > message along with any attachments, from your
> > > | > computer.
> > > | > Thank you.
> > > | >
> > > |
> > >
> ************************************************************************
> > > *
> > > | >
> > > | >
> > > | > --
> > > | > To unsubscribe, e-mail:
> > > | > <ma...@jakarta.apache.org>
> > > | > For additional commands, e-mail:
> > > | > <ma...@jakarta.apache.org>
> > > | >
> > > |
> > > |
> > > | __________________________________________________
> > > | Do You Yahoo!?
> > > | HotJobs - Search Thousands of New Jobs
> > > | http://www.hotjobs.com
> > > |
> > > | --
> > > | To unsubscribe, e-mail: <mailto:tomcat-user-
> > > | unsubscribe@jakarta.apache.org>
> > > | For additional commands, e-mail: <mailto:tomcat-user-
> > > | help@jakarta.apache.org>
> > > |
> > > | ---
> > > | Incoming mail is certified Virus Free.
> > > | Checked by AVG anti-virus system (http://www.grisoft.com).
> > > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> > > |
> > >
> > > ---
> > > Outgoing mail is certified Virus Free.
> > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Design question
Posted by Louis Voo <lo...@allsofts.com>.
Can you tell me after validate how you redirect to another site?
Louis
----- Original Message -----
From: "Mike Jackson" <mj...@cdi-hq.com>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Monday, August 19, 2002 6:17 PM
Subject: RE: Design question
> An encrypted token is one way of doing it. We have a system where one
> system
> validates the user and then it redirects the user to another site passing
an
> encrypted token (containing amoungst other things a timestamp to allow
only
> a short "window" of opportunity for the token to be used) as a parameter.
>
> --mikej
> -=-----
> mike jackson
> mjackson@cdi-hq.com
>
> > -----Original Message-----
> > From: Jacob Hookom [mailto:hookomjj@uwec.edu]
> > Sent: Monday, August 19, 2002 10:09 AM
> > To: 'Tomcat Users List'
> > Subject: RE: Design question
> >
> >
> > I'm trying to accomplish the same thing--
> >
> > How do you authenticate on Server A, then have that principal carry over
> > to Servers B and C for download authorization?
> >
> > Thanks!
> > -Jacob
> >
> > | -----Original Message-----
> > | From: Luminous Heart [mailto:luminousheart@yahoo.com]
> > | Sent: Monday, August 19, 2002 12:06 PM
> > | To: Tomcat Users List
> > | Subject: Re: Design question
> > |
> > | Yes Raju,
> > | It should be doable. You can download TC latest and
> > | hack some code. If you want to use some readily
> > | availabe to help in the process, take a look at the
> > | Tag libs available on Jakarta. Also there are a few
> > | File Upload beans floating around the net, go to
> > | google and type JSP File Upload Bean and see what you
> > | will get.
> > |
> > | I have a couple of applications where a user will
> > | upload files to a remote server after authenticating.
> > |
> > | regards.
> > |
> > | --- Raju Lokhande <RL...@ne.health.net> wrote:
> > | > Greetings everybody,
> > | > I am doing some research on possibility of using
> > | > Tomcat to do a project. General requirements as
> > | > follows
> > | > 1. A user will login to the web application and
> > | > upload a file to a remote server. He or she can only
> > | > access his or her WIN2K/NT domain to upload this
> > | > file.
> > | > 2. User will download a file or a number of files
> > | > from the remote server - again from his or her
> > | > domain.
> > | > I was told that I can do this job using Java Servlet
> > | > and IBM Websphere or BEA Weblogic.
> > | > I am not sure if this is possible in Tomcat. Has
> > | > anybody done similar work using Tomcat. Can you
> > | > share your experiences please?
> > | > Thanks
> > | > Raju Lokhande
> > | >
> > | >
> > | >
> > | >
> > |
> > ************************************************************************
> > *
> > | > This message, together with any attachments, is
> > | > intended only
> > | > for the use of the individual or entity to which it
> > | > is addressed. It
> > | > may contain information that is confidential and
> > | > prohibited from
> > | > disclosure. If you are not the intended recipient,
> > | > you are
> > | > hereby notified that any dissemination or copying of
> > | > this
> > | > message or any attachment is strictly prohibited. If
> > | > you have
> > | > received this message in error, please notify the
> > | > original sender
> > | > immediately by telephone or by return e-mail and
> > | > delete this
> > | > message along with any attachments, from your
> > | > computer.
> > | > Thank you.
> > | >
> > |
> > ************************************************************************
> > *
> > | >
> > | >
> > | > --
> > | > To unsubscribe, e-mail:
> > | > <ma...@jakarta.apache.org>
> > | > For additional commands, e-mail:
> > | > <ma...@jakarta.apache.org>
> > | >
> > |
> > |
> > | __________________________________________________
> > | Do You Yahoo!?
> > | HotJobs - Search Thousands of New Jobs
> > | http://www.hotjobs.com
> > |
> > | --
> > | To unsubscribe, e-mail: <mailto:tomcat-user-
> > | unsubscribe@jakarta.apache.org>
> > | For additional commands, e-mail: <mailto:tomcat-user-
> > | help@jakarta.apache.org>
> > |
> > | ---
> > | Incoming mail is certified Virus Free.
> > | Checked by AVG anti-virus system (http://www.grisoft.com).
> > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> > |
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Design question
Posted by Mike Jackson <mj...@cdi-hq.com>.
What I've found is that it's best to have a one time use token. It makes it
pretty hard to hack since I save the token (and check for reuse). But that
means you have some additional overhead on the "main" system 'cause you'll
need to generate a new token for each request that's serviced by the other
systems. In my world that's not an issue 'cause I only have one other
machine and 'cause I don't have to generate the token, only decrypt and
valid it. That and each request is a single transaction.
But you may have issues with printing, if you only allow the token to be
used once then when they (the users) hit print in their web browser it will
want to re-download the images and sometimes the page. For me that's not an
issue 'cause the design document specifies one and only one access per
token, but you may have issues there. If your application is anything like
mine then that really could be an issue (mine it's the pictures that are
important, not the text on the page), so make sure that everyone signs off
of on the design document prior to implementation.
If your application is all java based (mine isn't) then you could pass
around
a serialized java object, assuming it's not to big. It'd probably be easier
to use a nice short token however.
--mikej
-=-----
mike jackson
mjackson@cdi-hq.com
> -----Original Message-----
> From: Jacob Hookom [mailto:hookomjj@uwec.edu]
> Sent: Monday, August 19, 2002 10:45 AM
> To: 'Tomcat Users List'
> Subject: RE: Design question
>
>
> That's exactly what I was thinking, for every page request, set a really
> simple 'digested' token of the user's id and the id of the resource the
> link allows. The receiving servlet on another server peels apart the
> token based on the hour time span the token was valid.
>
> But cool, other people are doing the same thing :-) I just don't want
> people to start calling up requests to the second server just by walking
> through id's.
>
> -Jacob
>
> | -----Original Message-----
> | From: Mike Jackson [mailto:mjackson@cdi-hq.com]
> | Sent: Monday, August 19, 2002 12:17 PM
> | To: Tomcat Users List
> | Subject: RE: Design question
> |
> | An encrypted token is one way of doing it. We have a system where one
> | system
> | validates the user and then it redirects the user to another site
> passing
> | an
> | encrypted token (containing amoungst other things a timestamp to allow
> | only
> | a short "window" of opportunity for the token to be used) as a
> parameter.
> |
> | --mikej
> | -=-----
> | mike jackson
> | mjackson@cdi-hq.com
> |
> | > -----Original Message-----
> | > From: Jacob Hookom [mailto:hookomjj@uwec.edu]
> | > Sent: Monday, August 19, 2002 10:09 AM
> | > To: 'Tomcat Users List'
> | > Subject: RE: Design question
> | >
> | >
> | > I'm trying to accomplish the same thing--
> | >
> | > How do you authenticate on Server A, then have that principal carry
> over
> | > to Servers B and C for download authorization?
> | >
> | > Thanks!
> | > -Jacob
> | >
> | > | -----Original Message-----
> | > | From: Luminous Heart [mailto:luminousheart@yahoo.com]
> | > | Sent: Monday, August 19, 2002 12:06 PM
> | > | To: Tomcat Users List
> | > | Subject: Re: Design question
> | > |
> | > | Yes Raju,
> | > | It should be doable. You can download TC latest and
> | > | hack some code. If you want to use some readily
> | > | availabe to help in the process, take a look at the
> | > | Tag libs available on Jakarta. Also there are a few
> | > | File Upload beans floating around the net, go to
> | > | google and type JSP File Upload Bean and see what you
> | > | will get.
> | > |
> | > | I have a couple of applications where a user will
> | > | upload files to a remote server after authenticating.
> | > |
> | > | regards.
> | > |
> | > | --- Raju Lokhande <RL...@ne.health.net> wrote:
> | > | > Greetings everybody,
> | > | > I am doing some research on possibility of using
> | > | > Tomcat to do a project. General requirements as
> | > | > follows
> | > | > 1. A user will login to the web application and
> | > | > upload a file to a remote server. He or she can only
> | > | > access his or her WIN2K/NT domain to upload this
> | > | > file.
> | > | > 2. User will download a file or a number of files
> | > | > from the remote server - again from his or her
> | > | > domain.
> | > | > I was told that I can do this job using Java Servlet
> | > | > and IBM Websphere or BEA Weblogic.
> | > | > I am not sure if this is possible in Tomcat. Has
> | > | > anybody done similar work using Tomcat. Can you
> | > | > share your experiences please?
> | > | > Thanks
> | > | > Raju Lokhande
> | > | >
> | > | >
> | > | >
> | > | >
> | > |
> | >
> ************************************************************************
> | > *
> | > | > This message, together with any attachments, is
> | > | > intended only
> | > | > for the use of the individual or entity to which it
> | > | > is addressed. It
> | > | > may contain information that is confidential and
> | > | > prohibited from
> | > | > disclosure. If you are not the intended recipient,
> | > | > you are
> | > | > hereby notified that any dissemination or copying of
> | > | > this
> | > | > message or any attachment is strictly prohibited. If
> | > | > you have
> | > | > received this message in error, please notify the
> | > | > original sender
> | > | > immediately by telephone or by return e-mail and
> | > | > delete this
> | > | > message along with any attachments, from your
> | > | > computer.
> | > | > Thank you.
> | > | >
> | > |
> | >
> ************************************************************************
> | > *
> | > | >
> | > | >
> | > | > --
> | > | > To unsubscribe, e-mail:
> | > | > <ma...@jakarta.apache.org>
> | > | > For additional commands, e-mail:
> | > | > <ma...@jakarta.apache.org>
> | > | >
> | > |
> | > |
> | > | __________________________________________________
> | > | Do You Yahoo!?
> | > | HotJobs - Search Thousands of New Jobs
> | > | http://www.hotjobs.com
> | > |
> | > | --
> | > | To unsubscribe, e-mail: <mailto:tomcat-user-
> | > | unsubscribe@jakarta.apache.org>
> | > | For additional commands, e-mail: <mailto:tomcat-user-
> | > | help@jakarta.apache.org>
> | > |
> | > | ---
> | > | Incoming mail is certified Virus Free.
> | > | Checked by AVG anti-virus system (http://www.grisoft.com).
> | > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> | > |
> | >
> | > ---
> | > Outgoing mail is certified Virus Free.
> | > Checked by AVG anti-virus system (http://www.grisoft.com).
> | > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> | >
> | >
> | >
> | > --
> | > To unsubscribe, e-mail:
> | <ma...@jakarta.apache.org>
> | For additional commands, e-mail:
> | <ma...@jakarta.apache.org>
> |
> |
> |
> |
> | --
> | To unsubscribe, e-mail: <mailto:tomcat-user-
> | unsubscribe@jakarta.apache.org>
> | For additional commands, e-mail: <mailto:tomcat-user-
> | help@jakarta.apache.org>
> |
> | ---
> | Incoming mail is certified Virus Free.
> | Checked by AVG anti-virus system (http://www.grisoft.com).
> | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> |
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Design question
Posted by Jacob Hookom <ho...@uwec.edu>.
That's exactly what I was thinking, for every page request, set a really
simple 'digested' token of the user's id and the id of the resource the
link allows. The receiving servlet on another server peels apart the
token based on the hour time span the token was valid.
But cool, other people are doing the same thing :-) I just don't want
people to start calling up requests to the second server just by walking
through id's.
-Jacob
| -----Original Message-----
| From: Mike Jackson [mailto:mjackson@cdi-hq.com]
| Sent: Monday, August 19, 2002 12:17 PM
| To: Tomcat Users List
| Subject: RE: Design question
|
| An encrypted token is one way of doing it. We have a system where one
| system
| validates the user and then it redirects the user to another site
passing
| an
| encrypted token (containing amoungst other things a timestamp to allow
| only
| a short "window" of opportunity for the token to be used) as a
parameter.
|
| --mikej
| -=-----
| mike jackson
| mjackson@cdi-hq.com
|
| > -----Original Message-----
| > From: Jacob Hookom [mailto:hookomjj@uwec.edu]
| > Sent: Monday, August 19, 2002 10:09 AM
| > To: 'Tomcat Users List'
| > Subject: RE: Design question
| >
| >
| > I'm trying to accomplish the same thing--
| >
| > How do you authenticate on Server A, then have that principal carry
over
| > to Servers B and C for download authorization?
| >
| > Thanks!
| > -Jacob
| >
| > | -----Original Message-----
| > | From: Luminous Heart [mailto:luminousheart@yahoo.com]
| > | Sent: Monday, August 19, 2002 12:06 PM
| > | To: Tomcat Users List
| > | Subject: Re: Design question
| > |
| > | Yes Raju,
| > | It should be doable. You can download TC latest and
| > | hack some code. If you want to use some readily
| > | availabe to help in the process, take a look at the
| > | Tag libs available on Jakarta. Also there are a few
| > | File Upload beans floating around the net, go to
| > | google and type JSP File Upload Bean and see what you
| > | will get.
| > |
| > | I have a couple of applications where a user will
| > | upload files to a remote server after authenticating.
| > |
| > | regards.
| > |
| > | --- Raju Lokhande <RL...@ne.health.net> wrote:
| > | > Greetings everybody,
| > | > I am doing some research on possibility of using
| > | > Tomcat to do a project. General requirements as
| > | > follows
| > | > 1. A user will login to the web application and
| > | > upload a file to a remote server. He or she can only
| > | > access his or her WIN2K/NT domain to upload this
| > | > file.
| > | > 2. User will download a file or a number of files
| > | > from the remote server - again from his or her
| > | > domain.
| > | > I was told that I can do this job using Java Servlet
| > | > and IBM Websphere or BEA Weblogic.
| > | > I am not sure if this is possible in Tomcat. Has
| > | > anybody done similar work using Tomcat. Can you
| > | > share your experiences please?
| > | > Thanks
| > | > Raju Lokhande
| > | >
| > | >
| > | >
| > | >
| > |
| >
************************************************************************
| > *
| > | > This message, together with any attachments, is
| > | > intended only
| > | > for the use of the individual or entity to which it
| > | > is addressed. It
| > | > may contain information that is confidential and
| > | > prohibited from
| > | > disclosure. If you are not the intended recipient,
| > | > you are
| > | > hereby notified that any dissemination or copying of
| > | > this
| > | > message or any attachment is strictly prohibited. If
| > | > you have
| > | > received this message in error, please notify the
| > | > original sender
| > | > immediately by telephone or by return e-mail and
| > | > delete this
| > | > message along with any attachments, from your
| > | > computer.
| > | > Thank you.
| > | >
| > |
| >
************************************************************************
| > *
| > | >
| > | >
| > | > --
| > | > To unsubscribe, e-mail:
| > | > <ma...@jakarta.apache.org>
| > | > For additional commands, e-mail:
| > | > <ma...@jakarta.apache.org>
| > | >
| > |
| > |
| > | __________________________________________________
| > | Do You Yahoo!?
| > | HotJobs - Search Thousands of New Jobs
| > | http://www.hotjobs.com
| > |
| > | --
| > | To unsubscribe, e-mail: <mailto:tomcat-user-
| > | unsubscribe@jakarta.apache.org>
| > | For additional commands, e-mail: <mailto:tomcat-user-
| > | help@jakarta.apache.org>
| > |
| > | ---
| > | Incoming mail is certified Virus Free.
| > | Checked by AVG anti-virus system (http://www.grisoft.com).
| > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
| > |
| >
| > ---
| > Outgoing mail is certified Virus Free.
| > Checked by AVG anti-virus system (http://www.grisoft.com).
| > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
| >
| >
| >
| > --
| > To unsubscribe, e-mail:
| <ma...@jakarta.apache.org>
| For additional commands, e-mail:
| <ma...@jakarta.apache.org>
|
|
|
|
| --
| To unsubscribe, e-mail: <mailto:tomcat-user-
| unsubscribe@jakarta.apache.org>
| For additional commands, e-mail: <mailto:tomcat-user-
| help@jakarta.apache.org>
|
| ---
| Incoming mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
|
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Design question
Posted by Mike Jackson <mj...@cdi-hq.com>.
An encrypted token is one way of doing it. We have a system where one
system
validates the user and then it redirects the user to another site passing an
encrypted token (containing amoungst other things a timestamp to allow only
a short "window" of opportunity for the token to be used) as a parameter.
--mikej
-=-----
mike jackson
mjackson@cdi-hq.com
> -----Original Message-----
> From: Jacob Hookom [mailto:hookomjj@uwec.edu]
> Sent: Monday, August 19, 2002 10:09 AM
> To: 'Tomcat Users List'
> Subject: RE: Design question
>
>
> I'm trying to accomplish the same thing--
>
> How do you authenticate on Server A, then have that principal carry over
> to Servers B and C for download authorization?
>
> Thanks!
> -Jacob
>
> | -----Original Message-----
> | From: Luminous Heart [mailto:luminousheart@yahoo.com]
> | Sent: Monday, August 19, 2002 12:06 PM
> | To: Tomcat Users List
> | Subject: Re: Design question
> |
> | Yes Raju,
> | It should be doable. You can download TC latest and
> | hack some code. If you want to use some readily
> | availabe to help in the process, take a look at the
> | Tag libs available on Jakarta. Also there are a few
> | File Upload beans floating around the net, go to
> | google and type JSP File Upload Bean and see what you
> | will get.
> |
> | I have a couple of applications where a user will
> | upload files to a remote server after authenticating.
> |
> | regards.
> |
> | --- Raju Lokhande <RL...@ne.health.net> wrote:
> | > Greetings everybody,
> | > I am doing some research on possibility of using
> | > Tomcat to do a project. General requirements as
> | > follows
> | > 1. A user will login to the web application and
> | > upload a file to a remote server. He or she can only
> | > access his or her WIN2K/NT domain to upload this
> | > file.
> | > 2. User will download a file or a number of files
> | > from the remote server - again from his or her
> | > domain.
> | > I was told that I can do this job using Java Servlet
> | > and IBM Websphere or BEA Weblogic.
> | > I am not sure if this is possible in Tomcat. Has
> | > anybody done similar work using Tomcat. Can you
> | > share your experiences please?
> | > Thanks
> | > Raju Lokhande
> | >
> | >
> | >
> | >
> |
> ************************************************************************
> *
> | > This message, together with any attachments, is
> | > intended only
> | > for the use of the individual or entity to which it
> | > is addressed. It
> | > may contain information that is confidential and
> | > prohibited from
> | > disclosure. If you are not the intended recipient,
> | > you are
> | > hereby notified that any dissemination or copying of
> | > this
> | > message or any attachment is strictly prohibited. If
> | > you have
> | > received this message in error, please notify the
> | > original sender
> | > immediately by telephone or by return e-mail and
> | > delete this
> | > message along with any attachments, from your
> | > computer.
> | > Thank you.
> | >
> |
> ************************************************************************
> *
> | >
> | >
> | > --
> | > To unsubscribe, e-mail:
> | > <ma...@jakarta.apache.org>
> | > For additional commands, e-mail:
> | > <ma...@jakarta.apache.org>
> | >
> |
> |
> | __________________________________________________
> | Do You Yahoo!?
> | HotJobs - Search Thousands of New Jobs
> | http://www.hotjobs.com
> |
> | --
> | To unsubscribe, e-mail: <mailto:tomcat-user-
> | unsubscribe@jakarta.apache.org>
> | For additional commands, e-mail: <mailto:tomcat-user-
> | help@jakarta.apache.org>
> |
> | ---
> | Incoming mail is certified Virus Free.
> | Checked by AVG anti-virus system (http://www.grisoft.com).
> | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> |
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Design question
Posted by Jacob Hookom <ho...@uwec.edu>.
I'm trying to accomplish the same thing--
How do you authenticate on Server A, then have that principal carry over
to Servers B and C for download authorization?
Thanks!
-Jacob
| -----Original Message-----
| From: Luminous Heart [mailto:luminousheart@yahoo.com]
| Sent: Monday, August 19, 2002 12:06 PM
| To: Tomcat Users List
| Subject: Re: Design question
|
| Yes Raju,
| It should be doable. You can download TC latest and
| hack some code. If you want to use some readily
| availabe to help in the process, take a look at the
| Tag libs available on Jakarta. Also there are a few
| File Upload beans floating around the net, go to
| google and type JSP File Upload Bean and see what you
| will get.
|
| I have a couple of applications where a user will
| upload files to a remote server after authenticating.
|
| regards.
|
| --- Raju Lokhande <RL...@ne.health.net> wrote:
| > Greetings everybody,
| > I am doing some research on possibility of using
| > Tomcat to do a project. General requirements as
| > follows
| > 1. A user will login to the web application and
| > upload a file to a remote server. He or she can only
| > access his or her WIN2K/NT domain to upload this
| > file.
| > 2. User will download a file or a number of files
| > from the remote server - again from his or her
| > domain.
| > I was told that I can do this job using Java Servlet
| > and IBM Websphere or BEA Weblogic.
| > I am not sure if this is possible in Tomcat. Has
| > anybody done similar work using Tomcat. Can you
| > share your experiences please?
| > Thanks
| > Raju Lokhande
| >
| >
| >
| >
|
************************************************************************
*
| > This message, together with any attachments, is
| > intended only
| > for the use of the individual or entity to which it
| > is addressed. It
| > may contain information that is confidential and
| > prohibited from
| > disclosure. If you are not the intended recipient,
| > you are
| > hereby notified that any dissemination or copying of
| > this
| > message or any attachment is strictly prohibited. If
| > you have
| > received this message in error, please notify the
| > original sender
| > immediately by telephone or by return e-mail and
| > delete this
| > message along with any attachments, from your
| > computer.
| > Thank you.
| >
|
************************************************************************
*
| >
| >
| > --
| > To unsubscribe, e-mail:
| > <ma...@jakarta.apache.org>
| > For additional commands, e-mail:
| > <ma...@jakarta.apache.org>
| >
|
|
| __________________________________________________
| Do You Yahoo!?
| HotJobs - Search Thousands of New Jobs
| http://www.hotjobs.com
|
| --
| To unsubscribe, e-mail: <mailto:tomcat-user-
| unsubscribe@jakarta.apache.org>
| For additional commands, e-mail: <mailto:tomcat-user-
| help@jakarta.apache.org>
|
| ---
| Incoming mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
|
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Design question
Posted by Luminous Heart <lu...@yahoo.com>.
Yes Raju,
It should be doable. You can download TC latest and
hack some code. If you want to use some readily
availabe to help in the process, take a look at the
Tag libs available on Jakarta. Also there are a few
File Upload beans floating around the net, go to
google and type JSP File Upload Bean and see what you
will get.
I have a couple of applications where a user will
upload files to a remote server after authenticating.
regards.
--- Raju Lokhande <RL...@ne.health.net> wrote:
> Greetings everybody,
> I am doing some research on possibility of using
> Tomcat to do a project. General requirements as
> follows
> 1. A user will login to the web application and
> upload a file to a remote server. He or she can only
> access his or her WIN2K/NT domain to upload this
> file.
> 2. User will download a file or a number of files
> from the remote server - again from his or her
> domain.
> I was told that I can do this job using Java Servlet
> and IBM Websphere or BEA Weblogic.
> I am not sure if this is possible in Tomcat. Has
> anybody done similar work using Tomcat. Can you
> share your experiences please?
> Thanks
> Raju Lokhande
>
>
>
>
*************************************************************************
> This message, together with any attachments, is
> intended only
> for the use of the individual or entity to which it
> is addressed. It
> may contain information that is confidential and
> prohibited from
> disclosure. If you are not the intended recipient,
> you are
> hereby notified that any dissemination or copying of
> this
> message or any attachment is strictly prohibited. If
> you have
> received this message in error, please notify the
> original sender
> immediately by telephone or by return e-mail and
> delete this
> message along with any attachments, from your
> computer.
> Thank you.
>
*************************************************************************
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>