Link to home
Start Free TrialLog in
Avatar of Hope4U
Hope4U

asked on

How to get applcations to talk to each other over the Internet?

I am a newbie and I would like to know the best and yet easy way to get at least two automated applications (e.g. One is a client and the other a server) to be able to communicate with each other over the internet.  They must be able to:

(i) The client Login into the server, e.g. log in name and password to prove a valid application wants access to system.
(ii) Avoid the client having to log in over and over again for each exchange.  Whit html, I know you can use cookies.
(iii) Communicate information via XML messages or another means that is better.
(iv) Communicate in a secure fashion.

I can do the above with 'html' web pages and a web server, but I know that there must be a better way to achieve the above.

I would like a breakdown showing each area I would have to learn with a URL if possible to concise information.

Example:  If one of the areas required would be XML parsing, I would like one of the following:
(a) A link to a web-page or Tutorial showing an example, or
(b) Your own brief description as to what would be required so I can then easily research the area on the internet.


Thanks
Avatar of dpearson
dpearson


I can do the above with 'html' web pages and a web server, but I know that there must be a better way to achieve the above.

Why would you not want to use a web server?  It would handle 90% of this for you much more easily than if you try to build it yourself.

In particular the cookie support for requirement (ii) and the use of https for requirement (iv) will come for free with a web server and be hard to achieve if you built your own server.

Doug
This topic is very broad and I don't think you can find a "best and easy way," at least not in the way you are describing it. Is this supposed to be a class project of some sort, or are you just trying to learn for yourself?

to be able to communicate with each other over the internet.
What does this mean - are you looking for a web-based solution, in which a client using a web browser goes to www.yoursite.com and logs in? Or perhaps a Java applet (given that you cross-posted this in  the Java section)? Or you're just looking for TCP- or UDP-based (or some other protocol) self-standing application?

If it's a web-based solution, then you will probably want to stick to well defined platforms (like Apache, IIS, Tomcat, etc) on the server-end. As the previous poster said, those already fill a good amount of your requirements.
Avatar of Hope4U

ASKER

To All:
Would web services facilitate the above more easily than having to parse html pages?

To Gatorvip:  
The applications are my own custom developed ones - no IE or Firefox browser required for communication.  I am looking for my applications to be using TCP (since this is more reliable) to communicate with each other.
ASKER CERTIFIED SOLUTION
Avatar of gatorvip
gatorvip
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Hope4U

ASKER

If there is technology out there already to make the task easier, I have no objections.  Hence if there is a server that can be utilized (e.g. Tomcat) I have no problem with that.
OK then I think we've covered (ii), (iii) and (iv) from your original list.

For (i) you can either use an existing authentication library (which will be secure but may take significant work to learn) or you can role your own.  If you're building your own, the general approach is that the client should hash the password before sending it to the server.  The server then stores just the username+hash(password) and verifies that.

The reason to use this approach is so that the password is never sent directly over the internet - only hash(password) is sent.  It also has the advantage that if somebody breaks into your server they can only read the hash(password) in your database - which is less useful than the plaintext password which a given user may have used on multiple different sites.

Doug

P.S. For additional security you can also consider adding "salt" to the passwords - see more here: http://en.wikipedia.org/wiki/Salt_(cryptography) and http://crackstation.net/hashing-security.htm
Avatar of Hope4U

ASKER

Thanks guys for the advice.  Much appreciated since I now know which path I should go in.