How to protect an URL on a server which contains jnlp and jar files

search cancel

How to protect an URL on a server which contains jnlp and jar files

book

Article ID: 53791

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description

There are currently two ways to access the jnlp file:

Using web browser; which launches the JVM to download the JAR files
Using DOS or bash command by a script

In the first method, the authentication via form or basic schema auth works; but once the JVM is launched the download of the JAR files does not
work.

In the second method, the authentication is not made since the jnlp file is called by a script.

Solution

Java Web Start is not able to accept cookies. So any application that is accessed by Java Web Start must be running on an agent that does NOT have "RequireCookies" parameter set to YES.

Another option is to make the Java Web Start able to work with cookies. Then there is no need to turn off "RequireCookies" parameter on the web agents which are accessed by Java Web Start.

Sun provides documentation regarding cookie support for Java Web Start; for example:
http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/cookie_support.html

Another solution would be to use SiteMinder Secure Proxy Server with cookieless sessions.

Environment

Release:
Component: SMAPC

Feedback

thumb_up Yes

thumb_down No