基于表单的身份验证的 Java Applet 在 IE 上工作在 Chrome 上失败 [英] Java Applet with form based authentication works on IE fails on Chrome

问题描述

设置如下:打包 Java Applet 组件并使用基于表单的身份验证的 Web 应用程序(EAR 文件)部署到 WebSphere 8.工作站使用的是 Java 1.7.0_45.

The setup is as follows: Web Application (EAR file) packaging a Java Applet component and using form based authentication is deployed to WebSphere 8. Workstation is using Java 1.7.0_45.

在验证登录表单后从 IE11 连接时，WebSphere 返回一个包含 Applet 标记的 Html 页面.然后从 WebSphere 正确下载 Applet Jar 文件并启动 Applet.

When connecting from IE11 after authenticating the login form, WebSphere returns an Html page containing an Applet tag. The Applet Jar file is then downloaded correctly from WebSphere and the Applet is launched.

然而，当使用 Chrome 时，Applet Jar 文件的下载失败，就像身份验证令牌丢失一样.

When using Chrome however the download of the Applet Jar file fails as if the authentication token was lost.

以下是 Java 插件跟踪文件的摘录:

Here is an excerpt from the Java Plugin trace file:

IE11(好)

network: Connecting http://myserver:9088/MOBILE/jam.jar with proxy=DIRECT
network: Connecting http://myserver:9088/ with proxy=DIRECT
network: Connecting http://myserver:9088/MOBILE/jam.jar with cookie "LtpaToken2=..."
network: Downloading resource: http://myserver:9088/MOBILE/jam.jar
    Content-Length: 632,160
    Content-Encoding: null

铬(坏)

    network: Connecting http://myserver:9088/MOBILE/jam.jar with proxy=DIRECT
    network: Connecting http://myserver:9088/ with proxy=DIRECT
    network: Server http://myserver:9088/MOBILE/jam.jar requesting to set-cookie with "WASReqURL=http://myserver:9088/MOBILE/jam.jar; Path=/; HttpOnly"
    network: Cache entry not found [url: http://myserver:9088/MOBILE/adminLogin.html, version: null]
    network: Connecting http://myserver:9088/MOBILE/adminLogin.html with proxy=DIRECT
    network: Connecting http://myserver:9088/ with proxy=DIRECT
    network: Downloading resource: http://myserver:9088/MOBILE/adminLogin.html
        Content-Length: 1,187
        Content-Encoding: null
    java.io.IOException: Invalid jar file
        at com.sun.deploy.net.HttpDownloadHelper.download(Unknown Source)

注意 IE11 如何发送 LtpaToken2 令牌 cookie，而 Chrome 显示请求设置 cookie with"消息.

Note how IE11 sends the LtpaToken2 token cookie while Chrome displays the "requesting to set-cookie with" message.

欢迎提出任何建议.

推荐答案

实际上是相反的 ;-)

Actually it is the other way around ;-)

IE (bad)
Chrome (good)

由于 websphere 具有 HttpOnly 标志 默认激活(使用谷歌翻译，没有找到英文翻译)chrome 运行正常.IE 只是忽略该标志并仍然发送 cookie，从而违反规范.如果要允许 Java 小程序访问 cookie，则必须在 网络领域设置(全局)或在您的网络应用程序(本地).

Since websphere has the HttpOnly flag activated by default (use google translate, didn't find the english one) chrome behaves correctly. IE just ignores that flag and still sends the cookie and thus violating the spec. If you want to allow that java applet(s) should be allowed to access cookies you must disable the HttpOnly setting in your websphere settings (globally) or in your webapplication (locally).

这篇关于基于表单的身份验证的 Java Applet 在 IE 上工作在 Chrome 上失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！