Send userId at java web start from web page

Question

I'm developing a JSF2 site where the users may start a java application through java web start. The app parses mp3 metadata and sends back a xml file with the parsed information.

I need some way of identifying the user for each file that is sent to the server and I have not been able to figure out how to do this.

In other words the goal is to be able to set the userId in the xml file before the user sends it to the server. In order to do that, I need to somehow have that Id available in the java web start application.

My question is: how do i get the id? Given that the ultimate goal is to parse user mp3 files and get metadata back to the server; any idea of how to do that in a better way is very welcome. Maybe my described way of doing it isn't the best.

How about a login in your application through a service on the web site ? You could get a user or id that way. — James P., Oct 13 '12 at 23:16
the aspect of geting the username into the jws-app i have attempted to answer here: http://stackoverflow.com/questions/12861447/dynamically-create-response-in-jsf/12863398#12863398 I can try to clarify if u have further questions. — Aksel Willgert, Oct 14 '12 at 12:34

score 0 · Answer 1 · answered Oct 14 '12 at 12:14

A web start app acting as a client can identify itself to a server the same way that any other client can - simply have the user log in at the beginning of a session. But since a desktop client has access to the local file system, user information can be stored locally. This means that data such as a userID and configuration preferences can be stored on the local hard drive. Since we want our desktop clients to work across platforms and since the developer cannot know exactly which directory this application is launching from, we have the preferences API to provide a layer of abstraction above the local file system.

If the user will primarily be using the same computer each time they run this application, this is most convenient way to store configuration info and user preferences. Here's an example:

/**
 *
 * Loads the user preferences from local storage using the Preferences API.
 * The actual location of this file is platform and computer user-login
 * dependant, but from the perspective of the preferences API, it is stored in 
 * a node referenced by the package this class resides in.
 */
private void loadPrefernces() {
    try {
        prefs = Preferences.userNodeForPackage(this.getClass());
    }
    catch(SecurityException stop) {
        JOptionPane.showMessageDialog(null, "The security settings on this computer are preventing the application\n"
                + "from loading and saving certain user preference data that the program needs to function.\n"
                + "Please have your network administrator adjust the security settings to allow a Java desktop\n"
                + "application to save user preferences. The exception the program encountered is below:\n"
                + stop.toString(),
                "Security Error", JOptionPane.ERROR_MESSAGE);
    }
    catch(Exception some) {
        System.out.println("Other Preference Exception:");
        System.out.println(some);
    }
    //extract information from the prefs object:
    String username = prefs.get("user","default-newUser");
    String userID = prefs.get("id", "0"); //a 0 ID means that the information was not found on the local computer.
}

//Use this method to store username and ID on the local computer.
public void saveUserPrefs() {
    prefs.put("user", user.getUsername() );
    prefs.put("id", "" + user.getID());
}

Of course, the above code does not help us if this is the first time the user is running the application on the computer or if the user was not assigned an ID. We therefore need to build some login functionality. The JNLP application can communicate with the web server the same way that a browser would do so. I found the httpClient libraries to be very helpful for implementing this. If the user's browser is behind a proxy, this may require some additional code to allow you java application to talk communicate back to the server.

Thanks for your answer! However, I'd like to avoid having the user enter login information in the app and instead get that from the site where he has already logged on. It would make for better usability as I find it more elegant to have the userId automatically set when the user starts the web start app. My current solution is to have the user entering his username (which is added to the xml file with metadata) before sending the xml file to the site, but that is exactly what I'd like to avoid. — nivis, Oct 14 '12 at 14:13
Using my approach, the user needs to enter this information only the first time he or she uses your site on a particular computer. But I have another idea...see below. — Thorn, Oct 14 '12 at 14:29

score 0 · Accepted Answer · edited May 23 '17 at 12:18

We want to somehow transfer the login identity from the web browser to another application (like your JNLP program) This is a bit of an unconventional hack, but I think it should work:

When the user logs into the web app, store the user ID and the request IP address in a table. This could be a database table or a local file.
When the java app launches, it sends a getID request to a Servlet.
The servlet looks up the IP address of the request and responds with the ID. The servlet could just send the ID back - no need to wrap it in XML or HTML.

I think this should work as long as you don't have two different users trying to log in at around the same time from the same IP address. If two people on the same network are using this service, they may be using computers with private IPs that share the same public IP. We would need to store something else about the local computer to differentiate the two users. Java can easily read the computer name, for instance. If you can get your browser to also read something like that, then this could go in the table along with the IP address to solve the duplicate IP problem. Some ideas are mentioned in this stack overflow question

Thank you so much for taking your time getting into this. I'll see about trying your solution; it should work. For the time being, I let the user enter his username before sending the xml to the server. That way I can look him up in the database. Still, I think it's weird that it's so hard to find any information about this. I mean; isn't normally JWS used from web sites, which in turn often use some kind of authentication? Given that, shouldn't there be some kind of mechanism in the framework to send info from the site at JWS startup? — nivis, Oct 15 '12 at 17:02
JWS is a client side technology that we can use INSTEAD of a web site application. I used it to build a scheduling app for schools because I hate working in JavaScript and it allows me build a complex UI using OOP techniques. Signed Java apps can also communicate with the local printer, the local file system and network - it can feel like a native app with desktop shortcuts and file associations. My app is here: http://proctinator.com/ — Thorn, Oct 16 '12 at 00:12

Send userId at java web start from web page

2 Answers2

Linked