Reputation: 61
I developed a Java Web Start app that lies on a web server based on HTTP security. Once I log in to the web-page for launching my Java Web Start application, the app is asking me again to authenticate, and even if I tick the "save this password to the password list" it is prompting again this authentication dialog.
If I am not wrong, this is because it's trying to access the other jars.
I was wondering if there is a way for defining or passing the authentication username and password automatically to get rid of this annoying "feature"
Thanks for your help
Upvotes: 3
Views: 9310
Reputation: 524
Probably because the User-Agent HTTP request header is not the same.
When you browse to your Web Start page, your browser sends a request to the HTTP server with User-Agent: whatever browser you are using
When the JRE requests the JARs to be downloaded from the HTTP server, it sends a request with User-Agent: whatever java version you are using
From the perspective of the HTTP server, these are 2 distinct clients and therefore you are prompted twice for credentials.
Upvotes: 2
Reputation: 205885
No. You must authenticate to the server to access the application, and you must authenticate to the client to allow <all-permissions/>
. Accepting the proffered certificate in the manner provided by your client's operating system should preclude repeated requests for credentials. For reference, this example is signed but requires no <security>
.
Upvotes: 2