Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: applets and authentification

Just an idea, I don't know if it would work:

- Put the applet jar/classes in a directory that is not protected by the
authentication.
- Include in the parameters to the applet the username/password used by
the user (easy to do with CGI, PHP, JSP, etc.)
- Have the applet, after loading, try to load a dummy page from the
directory protected by authentication using the
http://username:email@hidden/protecteddir/file.html format
for the URL. If the file loads ok, the applet runs. If it doesn't
load the
file, the applet refuses to run.

You're going to get plain-text passwords going over the wire in both
directions, but this could be alleviated by using a secure protocol
(e.g., https).

-- David

On Fri, 27 Feb 2004 17:24:55 -0500, "Scott Kovatch"
<email@hidden> said:
> On Feb 27, 2004, at 10:18 AM, email@hidden wrote:
>
> > My applets are on a web area requiring authentification (with MacOSX
> > Server). With most web browsers, identification is required once (by
> > the browser) for the access to the web page and twice (by the JVM) to
> > run every applet. This is of course driving users crazy.
> >
> > I tried the qa1265, but the applet parameter is not used by the JVM.
> > It can only be used by the applet once it has been loaded. But my
> > problem occurs before the applet is loaded. Is there a secret applet
> > parameter name for a cookie that would be used by the JVM ?
>
> This issue has nothing to do with cookies. If the applet is on a web
> page protected by HTML realm-based authentication, you will get
> multiple username and password dialogs. In a future release I hope to
> add access to WebKit's cache of usernames and passwords, but until then
> I can't think of any workarounds that would help you.
>
> Scott
>
> ------------------
> Scott Kovatch Apple Computer Java Runtime Classes Cleveland Hts, OH
> email@hidden
> _______________________________________________
> java-dev mailing list | email@hidden
> Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/java-
> dev Do not post admin requests to the list. They will be ignored.
_______________________________________________
java-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/java-dev
Do not post admin requests to the list. They will be ignored.

References: 
 >applets and authentification (From: email@hidden)
 >Re: applets and authentification (From: Scott Kovatch <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.