WordPress already has an API built in via an XMLRPC server. Meaning, you can make an XMLRPC request from your java app and verify a username/password. Unfortunately, there’s no way to just authenticate through it as is.
That said, it’s very easy to roll your own. Just hook into xmlrpc_methods, a filter, and add yours. The array key you add with be the xmlrpc method you call from your app, and the value will be the function that gets called by the WordPress XMLRPC server.
<?php
add_filter('xmlrpc_methods', 'wpse39662_add_login_method' );
/**
* Filters the XMLRPC methods to allow just checking the login/pass of
* a given users
*/
function wpse39662_add_login_method( $methods )
{
$methods['wpse39662.login'] = 'wpse39662_check_login';
return $methods;
}
And the callback function, wpse39662_check_login, would get one argument passed to it, the array of things sent to the XMLRPC server.
<?php
function wpse39662_check_login( $args )
{
$username = $args[0];
$password = $args[1];
$user = wp_authenticate( $username, $password );
if( is_wp_error( $user ) )
{
return false;
}
return true;
}
Here’s all that as a plugin. With that installed and XMLRPC enabled on your WP site, you should be able to make requests with some XMLRPC client (I’m sure Java has one).
Here’s the code I used to test the above (Python XMLRPC client).
>>> import xmlrpclib as xmlrpc
>>> s = xmlrpc.ServerProxy('http://wordpress.dev/xmlrpc.php')
>>> s.wpse39662.login('admin', 'password')
True