0

I'm plan on deploy a Java application to Google AppEngine and use federated login (still experimental according to Google). The application is pretty simple Java EE application which expose RESTful interface for simple CRUD operations.

I then want to be able to authenticate to this application using Windows Client Application written in C#. I think the application should be able to open a window with a browser in ti which will present the login page of my web application and after successful authentication I should be able to get the login token or a cookie to use in the rest of my HTTP requests.

Is it possible to do such thing using federated login? I've found a post explain how to do it using google proprietary login.

Thank you, Ido.

Arjan Tijms
  • 37,782
  • 12
  • 108
  • 140
Ido Ran
  • 10,584
  • 17
  • 80
  • 143

1 Answers1

1

I've manage to make this work much easier then I thought it would be.

  1. When I send HTTP request to my web service I get 302 Found response with response header name Location which point to the login page.
  2. I use WebBrowser control, register to it Navigated even and navigate to the URL in the Location header.
  3. When the Navigated even fire I use the code from this answer to get the cookies container.
  4. I check each cookie until I find one with the name ACSID and store it.
  5. For every web request to my service I add cookie name ACSID with the value saved at step 4.

This is not the most secure way of doing this. I will add check for the domain of the cookie but this looks good.

Community
  • 1
  • 1
Ido Ran
  • 10,584
  • 17
  • 80
  • 143