JDK-4518282 : RFE: Avoid multiple proxy/server authentication
  • Type: Enhancement
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 1.3.0,1.3.1,1.3.1_03,1.4.0,1.4.1_02
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS:
    other,linux,windows_nt,windows_2000,windows_xp other,linux,windows_nt,windows_2000,windows_xp
  • CPU: x86
  • Submitted: 2001-10-23
  • Updated: 2002-12-10
  • Resolved: 2002-09-30
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other Other Other
1.4.0_03 03Fixed 1.4.1_02Fixed 1.4.2Fixed
Related Reports
Duplicate :  
JDK-4656979 - User must authenticate twice with java plug-in 1.4.0
Relates :  
JDK-4943729 - Login requires multiple proxy/server authentication
Description
When browse a page contains applet through a password protected proxy server, "Enter Network Password" dialog box appears twice.

The first time, proxy server challenge browser for username/password, this is desired behavior. However, if the requested page contains applet, subsequence download of applet classes caused "Enter Network Password" dialog box pop up from Java plugin side again. The second pop up can be avoided by abtaining Proxy-Authentication header from browser, and add this header for subsequence HTTP request.

###@###.### 2001-10-23


###@###.### 2002-04-15

Customer Problem Description;
-----------------------------

We have an applet deployed on a weblogic 6.1 server.  Our client is using the 1.3.1 plug in.  Our applet has many jar files.
For the most part everything works.  Since we have many different property files and support for 9 languages, we use the java.util.ResourceBundle class to manage loading these files.
The property files are located IN the jar files.  We only specify the language, so the names look like ... Emulator_de.properties, Emulator_en.properties, etc.

The resource bundle has a private method called calculateBundleNames.  This method defines the list of names the class will look for while trying to load the file.
This makes sense, since it is supposed to go from specific to general.
Problem:
Each time the resourcebundle tries to load a file that is not found in the jars ( Emulator_de_US.properties) it tries to go back to the server and look for the property file.
Now each time it wants to go past our proxy server and through the firewall, java asks for our name and password.
Our product works fine as long as we type in our name and password around 50 times.

Why can it not remember the username and password?  I believe this is because it is opening a new connection each time.

We would like some way of getting around this.

We would also like to reduce traffic.  If I have 20,000 people logging in each day, that are each making 50 unnecessary hits looking for classes ....
we are talking about 20,000 x 50 = 1,000,000 unnecessary requests to the server.

TESTCASEBEGIN
Create an applet with many properties files.
Make sure there is a proxy server / firewall in between the client and the server.
Try to use resource bundle to read the properties files from the jars.

This should prompt you for you name and password for each time it looks back at the server.




TESTCASEEND
Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: 1.4.0_03 1.4.1_02 mantis FIXED IN: 1.4.0_03 1.4.1_02 mantis INTEGRATED IN: 1.4.0_03 1.4.1_02 mantis mantis-b03
14-06-2004
EVALUATION After browser been challenged, browser adds Proxy-Authorization header for subsequence Http requests. But the value of the header is stored somewhere in browser side, there is not API for plugin to obtain the value right now. ###@###.### 2001-10-30 Could not reproduce what described by ###@###.###. On Java side, there is only one authentication request for all the calls back to server through the same firewall. ###@###.### 2002-04-16 It has been fixed for IE, a new REF will be open for Netscape. ###@###.### 2002-07-26 If users are still getting prompted for authentication twice in releases where this bug has been fixed, please make sure that the box for "Save this password in your password list" has been checked on the first login prompt, and also that the fully qualified hostname is being used in the URL. ###@###.### 2003-10-14
14-10-2003