Is this the same case with WebStart? Because int he past I've had to resort to dynamically create the jnlp file with appropriate cookie properties passed along.
/Casper On 1 Okt., 06:08, Joshua Marinacci <jos...@marinacci.org> wrote: > I'm not sure if the applet uses the same http cache as the browser. > However, applets can talk to the page they are in with javascript. > This means you should be able to grab a copy of the cookie while you > are in the browser and save it for later use if the user restarts the > app from the desktop shortcut without the browser. > > - Josh > > On Sep 30, 2009, at 7:23 PM, Alan Kent wrote: > > > > > Joshua Marinacci wrote: > >> ...This means you can use any authentication scheme you want > >> using one of the many Java authentication libs out there... > > >> ...However, in > >> the case of authentication, this is a matter of the sockets/http > >> requests going from your applet to your server side app (servlet or > >> some such). Thus it's completely under your control and doesn't > >> involve the webbrowser at all... > > > Approaches like CAS and SAML for web single sign on uses cookies as > > part > > of the SSO approach. IE of course can hook into the desktop OS and do > > its magic SPNEGO stuff (Kerberos to Active Directory via HTTP > > headrers) > > to avoid the user having to type in anything. Its how to achieve > > these > > sorts of integration that is the challenge. > > > You mention tearing out the applet loses the connection with the web > > browser, so means web SSO would be lost. I understand the technical > > reasons for this, but for web SSO authentication schemes it means > > tearing the app out of the page is not useful. It has to run within > > the > > web browser page. Pity, since it feels clunky. > > > Note: I have been told Flash can get cookies from the web browser > > (when > > run within a browser of course) - I assume applets can do the same as > > well (somehow - even if its some JavaScript in the web page pushing > > the > > cookies into the applet). > > > Are there Java libraries that hook directly into the Windows OS (when > > run under Windows of course) so a JavaFX application can use the > > user's > > desktop authentication to get a Kerberos ticket from Active Directory? > > Then the user can tear out a JavaFX app onto the desktop and still get > > SSO (just not a web based SSO). If not, consider it a feature request > > for the enterprise space using JavaFX for enterprise apps. > > > Alan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to javaposse@googlegroups.com To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/javaposse?hl=en -~----------~----~----~----~------~----~------~--~---
