I've been using Java 5 under OS X 10.4.5 to write applets that connect
back to a server via HTTP (specifically, using
javax.net.ssl.HttpsURLConnection) and interact with the server side of
my application. The server requires a password login, and sends back
a secure cookie with a timed credential in it, for the applet to use
for validation in further requests. This scheme works well under
Safari (2.x), but with Camino or Firefox, the secure session cookie is
not sent with the requests from Java.
Camino and Firefox use the Java Embedding Plugin
(http://sourceforge.net/projects/javaplugin/) to wrap Java for their
plug-in support. The problem with secure cookies is a known problem
(see http://sourceforge.net/forum/forum.php?
thread_id=1298604&forum_id=371125),
but the maintainer doesn't have enough information about where the
CookieHandler class is supposed to get its information:
``One or two others have asked about cookie support ... and it's
really from what they've told me that I've concluded that cookie
support doesn't work (or works only partially) with the JEP. But I
don't understand why, and I haven't yet had the chance to look into
the matter.
``Please point me at some documentation and sample code that shows how
the cookie support is _supposed_ to work.''
So -- anyone know where to find such documentation and sample code?
Cookie support in the plugin relies on some classes in Foundation --
namely, NSHTTPCookieStorage. FireFox (I assume) doesn't use that, so
any cookies you pick up along the way won't be found in WebKit/
Foundation's cookie database. The Java plugin assumes it will be
running in some WebKit-based browser, and doesn't know about any
other cookie storage.
I'm not sure how you'd go about fixing this, or if it's even possible
for the JEP to fix it. The cookie handler object is created in
MacOSXPlatformService, and there's no way to override what that class
does. I suppose JEP could be really sneaky and implement its own
version of com.sun.deploy.net.cookie.MacOSXCookieHandler and ensure
that it gets loaded first. It needs to implement the
com.sun.deploy.net.cookie.CookieHandler interface, which basically
has a getCookieInfo and a setCookieInfo method.
A better solution would be for the plugin to detect it is inside
FireFox, and set up the underlying service implementations to use
FireFox's libraries. File a bug for that, and we can talk about it.
But for now, I think you could try the above suggestion.
Scott
------------------
Scott Kovatch
Apple Computer
Java Runtime Classes
Cleveland Hts, OH
email@hidden
I am Scott Kovatch, and I approved this message.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
