1

I have Java application hosted on the same domain as Drupal website. This Java application gets client request form the browser (so I get access to all the cookies). Is it possible using cookies I get in Java application to check if client logged into Drupal from the same browser?

I thought about using xmlrpc from Java application to perform request to Drupal services module, but I couldn't find a way to get information about currently logged in user providing cookie data.

Any ideas?

Thanks a lot.

PS: I'm using freshly installed Drupal 7. If you have Drupal 6 example it will do the job. Thanks.

apaderno
  • 28,547
  • 16
  • 75
  • 90
Dima L.
  • 3,443
  • 33
  • 30

2 Answers2

0

Well, if you can get the SESSION id, you can hit the sessions table, and see if there is any row in the table that has the same sid (SESSION id = sid). If the uid isn't 0, the user is logged in, and you can then look up who they are from there.

mikesir87
  • 1,785
  • 1
  • 20
  • 25
  • Thanks for you answer! I was wondering if there is a way without the need to access DB directly. I would rather use some API because DB schema can change between upgrades... – Dima L. Feb 10 '11 at 19:29
  • @user610060 you wouldn't be able to do it without hitting the DB because Drupal manages all of the session data in the database, instead of files, etc. when the bootstrap starts up, it loads the user object based on the setting in the session table that's associated with the SESSION id. i don't expect the DB schema there to be updated while still in the same version, but that's still up to you... – mikesir87 Feb 10 '11 at 19:53
0

A little late with my answer, but I'd recommend writing a module for Drupal which plugs into its XML-RPC capabilities and does the work for you.

In other words, you would make an XML-RPC request from your Java application (http://ws.apache.org/xmlrpc/client.html) to a path on your Drupal site controlled by the module (say 'example.com/user/is-logged-in'). The Drupal module would 'control' that path, and receive all requests. From there it's a simple job for the Drupal module to make a query against the database to find out whether the session is associated with a logged in user (if associated user is 0, then the user is not logged in - otherwise the user is logged in). The Drupal module would then simply return true or false (if that's desirable, or a more detailed array of user details).

I'll soon be working on a similar case, and will probably go down that path. In my case, I've got a Drupal site which offers file downloads. The downloads needs to be done via a Java servlet, but only people who are logged in should be allowed to download. Thus, the servlet will contact the Drupal site to check if a user with the session id provided in the cookie is logged in and then determine whether download should commence or not.

In other words:

Java --> XML-RPC request --> Drupal Site --> XML-RPC response --> Java.

sbrattla
  • 5,274
  • 3
  • 39
  • 63