Thank you very much for both of your replies. I am really appreciated for your help.
crmalibu:
etran has already something built to parse the HTTP Header, so I believe the only choice I have is to through HTTP authentication, not the form authentication.
sg707:
yes. sorry for the missing information.
etran and our internal application have 2 different databases maintaining the users’ information, so somehow we need to make them consistant in terms of user information.
According to etran, they just need the user name, not password, but they need more infor of the user in addition to the user name, so in both databases, the user information must be the same to be authenticated.
in detail:
i need to pass base 64 format to etran (I don’t know if I should encode it or it is going to be encoded automatically through HTTP protocol if it is set in HTTP header) like the following:
PFhNTD4NCiAgICA8VVNFUklEPlVzZXJJRDwvVVNFUklEPg0KICAgIDxFVFJBTl9BVVRIPg0KICAgICAgICA8WFNQX1JPTEU+VXNlclhTUFJvbGU8LhTUFJPTEU+DQogICAgICAgIDxYUlBfU2VjdXJpdHlfSUQ+U2VjdXJpdHlJRDE8L1hTUF9TZWN1cml0eV9JRD4NCiAgICAgICAgPFhTUF9TZWNlcml0eV9JRD5TZWNlcml0eUlEMjwvWFNQXlNlY3VyaXR5X0lEPg0KICAgICAgICAgICAgLi4uDQogICAgICAgIDxYUlBfU2VjdXJpdHlfSUQ+U2VjdXJpdHlJRG48L1hTUF9TZWNlcml0eV9JRD4NCiAgICAgICAgPFhTUF9SZWNpcGllbnQ+UmVjaXBUeXBlMS1SZWNpcENvZGUxPC9YUlBfUmVjaXBpZW50Pg0KICAgICAgICA8WFNQX1JlY2lwaWVudD5SZWNpcFR5cGUyLVJlY21wQ29kZTI8L1hTUF9SZWNpcGll
bnQ+DQogICAgICAgICAgICAuLiNCiAgICAgICAgPFhTUFSZWNpcGllbnQ+UmVjaXBUeXBlbi1SZWNpcENvZGVuPC9Yc3BfUmVjaXBpZW50Pg0KICAgICA8L0VUUkFOX0FVVEg+DQo8L1hNTD4=
I have used some online base 64 encode/decode tools, and I found that after decoding, the following XML format is presented. It will etran’s task to decode the base 64 string and parse the info.
<XML>
<USERID>UserID</USERID>
<ETRAN_AUTH>
<XSP_ROLE>UserXSPRole</XSPROLE>
<XRP_Security_ID>SecurityID1</XSP_Security_ID>
<XSP_Secerity_ID>SecerityID2</XSP^Security_ID>
…
<XRP_Security_ID>SecurityIDn</XSP_Secerity_ID>
<XSP_Recipient>RecipType1-RecipCode1</XRP_Recipient>
<XSP_Recipient>RecipType2-RecmpCode2</XSP_Recipient>
…
<XSP_Recipient>RecipTypen-RecipCoden</Xsp_Recipient>
</ETRAN_AUTH>
</XML>
to reverse engineer, maybe I need to encode user info into base 64 from xml string like above (by the way, UserXSPRole, SecurityID1…RecipType1-RecipCode1… are all business realted information).
Anyway, I think the first step is to figure out how to set up custom HTTP header and pass it to etran. Later I may need to figure out how to set up the base 64 string manually from xml format (not sure if I have a xml format string and set it to HTTP header, HTTP protocol is going to convert it to base 64 format).
I have done some research, and found out that I may need to go through the following approches:
-
I can set HTTP header through javascript using XMLHTTPRequest object, but I don’t know what to do afterwards. How to display the etran page through javascript and within the same request.
-
I may need to use cookies, but I actually don’t want to use cookies if I have other choices.
-
I can not set custom HTTP header inside a requst. I may need to set up a new http request from servlet, but I don’t know how.
I am stucked with all approaches mentioned above, and don’t even know if they are correct ways to go.
I hope I make myself clear, sorry if I make you confused.
do you have any idea?