I'm not sure if the applet uses the same http cache as the browser. However, applets can talk to the page they are in with javascript. This means you should be able to grab a copy of the cookie while you are in the browser and save it for later use if the user restarts the app from the desktop shortcut without the browser.
- Josh On Sep 30, 2009, at 7:23 PM, Alan Kent wrote: > > Joshua Marinacci wrote: >> ...This means you can use any authentication scheme you want >> using one of the many Java authentication libs out there... >> >> ...However, in >> the case of authentication, this is a matter of the sockets/http >> requests going from your applet to your server side app (servlet or >> some such). Thus it's completely under your control and doesn't >> involve the webbrowser at all... >> > > Approaches like CAS and SAML for web single sign on uses cookies as > part > of the SSO approach. IE of course can hook into the desktop OS and do > its magic SPNEGO stuff (Kerberos to Active Directory via HTTP > headrers) > to avoid the user having to type in anything. Its how to achieve > these > sorts of integration that is the challenge. > > You mention tearing out the applet loses the connection with the web > browser, so means web SSO would be lost. I understand the technical > reasons for this, but for web SSO authentication schemes it means > tearing the app out of the page is not useful. It has to run within > the > web browser page. Pity, since it feels clunky. > > Note: I have been told Flash can get cookies from the web browser > (when > run within a browser of course) - I assume applets can do the same as > well (somehow - even if its some JavaScript in the web page pushing > the > cookies into the applet). > > Are there Java libraries that hook directly into the Windows OS (when > run under Windows of course) so a JavaFX application can use the > user's > desktop authentication to get a Kerberos ticket from Active Directory? > Then the user can tear out a JavaFX app onto the desktop and still get > SSO (just not a web based SSO). If not, consider it a feature request > for the enterprise space using JavaFX for enterprise apps. > > Alan > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to javaposse@googlegroups.com To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/javaposse?hl=en -~----------~----~----~----~------~----~------~--~---
