Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Web Start/JNLP in a Single-Sign On environment

Reply
Thread Tools

Web Start/JNLP in a Single-Sign On environment

 
 
Steve A
Guest
Posts: n/a
 
      01-03-2007
Hello,

I'm deploying a Swing application using Web Start in a single-sign on
environment. (In my particular case I'm using JOSSO and Tomcat). When a
user is authenticated a SSO session ID cookie is created. Therefore I
can protect the URL to the JSP that generates the JNLP file. The
problem I'm having is that when javaws attempts to download the
application jar files, it fails because the web server redirects the
HTTP GET to a login page. The reason is that I'm not using basic
authentication and so the security agent on the web server is expecting
to find the SSO session ID cookie with the HTTP request. Javaws doesn't
have this cookie so the HTTP GET returns the HTML of the login page,
not the JAR file itself and the application fails to launch.

I've searched through Sun's forums on the topic and found only
solutions using basic authentication. Another approach is to put the
JAR files in a non-secure location so that no authentication is
required to download them.

I don't have the option of using different implementations of javaws.
The application must be launched by clicking a link in a browser. There
is no offline allowed and I don't include the href attribute in the
JNLP file.

Has anyone deployed a web start app in a SSO environment and if so,
how? Or is it not possible?

Thank you,
Steve A.

 
Reply With Quote
 
 
 
 
arajput arajput is offline
Junior Member
Join Date: Feb 2012
Posts: 1
 
      02-13-2012
Hi, Were you able to find a solution to this, sorry this is an old post but just wondering if you recall anything. Thanks Ashish

Quote:
Originally Posted by Steve A View Post
Hello,

I'm deploying a Swing application using Web Start in a single-sign on
environment. (In my particular case I'm using JOSSO and Tomcat). When a
user is authenticated a SSO session ID cookie is created. Therefore I
can protect the URL to the JSP that generates the JNLP file. The
problem I'm having is that when javaws attempts to download the
application jar files, it fails because the web server redirects the
HTTP GET to a login page. The reason is that I'm not using basic
authentication and so the security agent on the web server is expecting
to find the SSO session ID cookie with the HTTP request. Javaws doesn't
have this cookie so the HTTP GET returns the HTML of the login page,
not the JAR file itself and the application fails to launch.

I've searched through Sun's forums on the topic and found only
solutions using basic authentication. Another approach is to put the
JAR files in a non-secure location so that no authentication is
required to download them.

I don't have the option of using different implementations of javaws.
The application must be launched by clicking a link in a browser. There
is no offline allowed and I don't include the href attribute in the
JNLP file.

Has anyone deployed a web start app in a SSO environment and if so,
how? Or is it not possible?

Thank you,
Steve A.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
70-284 Lab Environment, Need Virtual Environment brooklynbridge508@hotmail.com MCSA 4 05-02-2007 09:49 AM
Setting an environment variable from another environment variable marcwentink@hotmail.com Java 5 04-04-2007 10:39 PM
Redirecting a web page in a web farm environment robin9876@hotmail.com ASP .Net 0 03-10-2006 03:51 PM
Re: Printing local in a client-server web environment Nicholas Paldino [.NET/C# MVP] ASP .Net 7 06-09-2004 12:23 PM
Scope of a Public Module in a Web Environment Ashish Shridharan ASP .Net 2 10-24-2003 11:57 PM



Advertisments