DEVHIDE
Login Or Sign up

Pass cookie from JNLP to JAVAWS to download protected resources

4.4k Views Asked by At

I have a setup where I obtain protected JNLP via browser, and JNLP saves the authentication cookie as a property. Then javaws is run with the jnlp file. The jnlp requires protected resources, so I need to pass the authentication cookie to the javaws process, so it can use it when downloading the resources... How can I pass the auth cookie to javaws process?

I've checked all parameters available to javaws and JNLP but I couldnt find how this can be done.

Is this even possible?

java cookies java-web-start jnlp java-ws
Original Q&A
2

There are 2 best solutions below

1
On BEST ANSWER

I think I found solution. Java Web Start uses the same cookie store as Internet Explorer - see comments in here to see how IE persistent cookies are harvested by JavaWebStart application.

To get this to work, I developed following:

  1. JNLP and jars are protected
  2. Access JNLP via IE - this will redirect you to login page where you log in and obtain authentication cookies

  3. In your Web server have a servlet that intercepts the authentication cookie, make it persistent and add it to response

    public class CookieServlet extends org.springframework.web.servlet.mvc.AbstractController {
...
    protected ModelAndView handleRequestInternal(final HttpServletRequest req,
                                         final HttpServletResponse resp) throws Exception {
        ....
        Cookie[] cookies = req.getCookies();
        String session = null;
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("AUTHSESSION")) {
                    session = cookie.getValue();
                    break;
                }
            }
        }


        if(null!=session) {
            Cookie cookie = new Cookie("AUTHSESSION", session);
            cookie.setMaxAge(<specify cookie age>);
            resp.addCookie(cookie);
        }
        ...
    }

  4. Now launch your jnlp via cmd.exe - you can access the resources without issues as it harvests cookies from IE cookie store

Note: if your authentication supports auth session token being passed as a parameter then you could also extend jnlp "jar" tag to include the AUTHSESSION value i.e.

<jar href="your_jar.jar?AUTHSESSION=<session value>"/>

For us this is not the case and the auth session must be provided as a cookie.

4
On

I think all you need is a dynamically created JNLP from your server which includes the cookie (or even better a ticket?) as <parameter>. This article helped me a lot http://wayback.archive.org/web/20160423141428/http://portal.krypthonas.de/2010/10/11/passing-dynamically-parameters-to-a-java-web-start-app-jnlp/

Related Questions in JAVA

Related Questions in COOKIES

Related Questions in JAVA-WEB-START

Related Questions in JNLP

Related Questions in JAVA-WS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.