Reputation: 952
Secured communication between two tomcat webapps?
I have deployed two webapps A & B in same tomcat 7. Application A invokes servlet B which is deployed in webapp B, also servlet B is also accessible using servlet B url.
Now i want to restrict invocation of servlet B in a way that only webapp A can invoke this servlet B and webapp B/servlet B should not be accessible from outside.
Any ideas?
Upvotes: 1
Views: 239
Answers (1)
Reputation: 2073
There are at least two approaches you could take. Modify the web.xml within webapp B such that the authentication roles for the servlet are only found by someone who logs into webapp A.
That idea will work, if you've secured your server with specific login and roles. If you have it wide open for everyone, then you have to move on to idea two.
You can do all sorts of cool things if you are willing to write your own filter. Do a google search on "how to write tomcat filters" and poke around. Remember that filters get access to a URL before the servlet is invoked. You can decide what to do with the incoming request.
Upvotes: 1
Related Questions
- Servlet communication between web-apps
- Two-way SSL communication with Tomcat
- Cross context communication between two web application deployed on same tomcat server
- Spring MVC - 2 different web applications that are trying to interact with each other (security)
- Communication between two web application in same server
- Secure web apps in tomcat
- Tomcat inter webapp http communication
- shared security between websphere and tomcat
- Webapps communication
- Tomcat: How to share data between two applications?