United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-5017051 : Applet will not reauthenticate user when returning from another applet

Details
Type:
Bug
Submit Date:
2004-03-19
Status:
Resolved
Updated Date:
2005-10-21
Project Name:
JDK
Resolved Date:
2005-07-26
Component:
core-libs
OS:
windows_2000
Sub-Component:
java.net
CPU:
x86
Priority:
P3
Resolution:
Fixed
Affected Versions:
1.4.2_03
Fixed Versions:
1.4.2_10 (b01)

Related Reports
Backport:
Backport:
Relates:

Sub Tasks

Description
After upgrading from 1.3.0 to 1.4.1_01 and 1.4.2_03, when the user leaves a complex applet and returns, the user is not able to authenticate when trying to reaccess the applet. Upon attempting to return to the applet, the user is presented with a dialog box entitled Password Needed - Networking. With 1.3.0, the user simply entered username and password and was allowed back into the applet. With both 1.4.1_01 and 1.4.2_03, the user is not authenticated and the dialog box returns, no matter what the user selects. The only thing the user can do at this point is to quit the applet.

                                    

Comments
EVALUATION

The bug is only reproduced on customer's production server, and the testcase url is not valid anymore (due to security, the customer closed it). I have contacted tech support engineer to ask customer to reopen that url and test it using Tiger release. Hope we will get more info soon.

###@###.### 2004-03-31

Here are the more info we get after customer test it using our Tiger beta release, I did reproduce it here in off swan machine:

1. JRE authentication prompt appears after the 20 minutes timeout.

2. The credentials entered in the dialog does not get authenticated
against siteminder immediately. The JRE prompt appears again.

3. Closed the dialog by activating the X button on the top of the dialog.

4. Performed an activity in the applet to invoke server services again.
JRE prompt appeared.

5. Entered the credentials and this time got authenticated against
siteminder and the applet continued to perform as expected.

As you can see, the authentication fails on the first try and after that it works fine.

The same behavior is observed while switching between two aetna applications on the same shared IE.

Here are the new url for jre 1.4.2_04 and 1.5

https://qaxwww20.aetna.com/etums2/gui/eTUMS_1.4.2_04.html

https://qaxwww20.aetna.com/etums2/gui/eTUMS_1.5.0.html

###@###.### 2004-04-26

It looks like their server configuration has been changed, I can't access the above site from our off-swan lab machine anymore, need more info from customer or support engineer but no contactor has been reached.

###@###.### 2004-06-22

I was able to reproduce this bug from my site with 1.4.2_05 JRE in IE 6.1

###@###.### 2004-07-16

I tried this with 1.5 beta 2 JRE and the bug happens even with this version.
                                     
2004-07-16
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
1.4.2_07
dragon
mustang


                                     
2004-10-01



Hardware and Software, Engineered to Work Together