[Last Call] Learn how to a build a cloud-first strategyRegister Now


communicating to browser thru java swing app

Posted on 2006-05-22
Medium Priority
Last Modified: 2010-03-31
we have a requirement where we need to display some PDF's to be viewed from java swing application.
we used applet servlet communicator to send an URL to browser so that the browser opens up and displays the PDF.
This works fine. but we have some issues.

a) on the server we need to determine that this URL came from "our" java swing application and not other third party code.
b) we even need to authenticate the user who has requested the URL on the server.

note: our server is clustered.

all suggestions appreciated

Thanks and regards

Question by:sharath_kulal
  • 3
  • 2
  • 2
LVL 86

Accepted Solution

CEHJ earned 225 total points
ID: 16736873
a) get the Swing client to send something in the URL query string that can be checked at the servlet
b) this is best done by the servlet container

Assisted Solution

gireeshkumar earned 150 total points
ID: 16740342
- Have a servlet on the server to read the send the pdf file to browser
- From the java swing application generate a "key" and pass it along with the URL for pdf file. This URL should point to ur servlet, for serving pdf
- The servlet can verify the key and confirm that the URL originated from ur swing component
- The same servlet can authenticate user and send serve the pdf file to browser


Author Comment

ID: 16743034
yeah i agree with both of you.

as CEHJ suggested to send something(key as gireesh calls it) to server so that we could check that it came from our app.
but if someone copy's this URL and tries it on his/her browser it shouldn't work. how do we acheive this?

and we even need to authenticate user, so would it be a good idea to send the password encrypted in the URL?

what i am thinking is:

1) since java swing has already authenticated the user, send userId to server from swing app.

2) server checks if this user has proper authorizations and if available generates a sessionId and hold this sessionId in the application scope. send this sesionId to swing app, else throw AuthorizationException.

3) swing app opens the browser with this sessionId as key and the key of module to be displayed as PDF.

4) server checks:
 if (sesionId exits in application scope) {
     a) create a new session and place the sessionId in this session.
     b) remove the sessionId from application.
     c) display the PDF.
     note: we are placing the sessionId in a new session so that if user refreshes the browser it can still display the PDF.
 }else (sesionId exits in session scope) {
     display the PDF.
 }else {
     //Either session is invalid or URL is copied and opened from different instance of browser.
     display error message.

Let me know if this is a good idea.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 16749035
Looks good. One nice to have feature is to have a timeout for the sessionid being stored in application scope. If the browser to server communication fails by any chance, the session ids in application scope might get start piling up.
LVL 86

Expert Comment

ID: 16749055
The most secure option will be to authenticate over https, also saving you from doing your own encryption

Author Comment

ID: 16751370
thanks for your inputs
LVL 86

Expert Comment

ID: 16751379

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:
Suggested Courses
Course of the Month18 days, 10 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question