A DESCRIPTION OF THE REQUEST :
When a java applet connects to a https site using HttpsURLConnection,
and that site requires a client authentication certificate, each time that a new
Https connection is needed,  the java applet pops up the dialog:
"Client Authentication", "The web site you want to connect requests identification. Select the certificate to use when connecting."

Since there is no reliable way to reuse the Https connection, if a program needs
to connect  to a https site multiple times, this dialog will be presented to a user multiple times.  This is annoying to a user of the applet.

How offen the dialog pops up is dependent on the size of the downloaded files.  Larger files trigger the dialog more often.

JUSTIFICATION :
Having to choose the client certificate to use for the same site multiple time in a single instance of running a program is annoying.  This significantly detracts from the ease of use of the program.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The applet should ask for the client certificate once per domain per instance of the program.  I can think a a few ways that this could be done:

1.  Give a method to java.net.URL or some such to cache the client certificate.

2.  Add a preference the Java Control Panel that allows it to automatically select a certificate.

3.  Automatically cache the certificate used for a given domain for the time that java is running.

Each of these would reduce the number of times that the client  program brings up the certificate select dialog.  I would expect that there should be some way to see the certificate dialog only once per instance per domain.


ACTUAL -
With the test program, the client certificate dialog is brought up 10 times.

---------- BEGIN SOURCE ----------

import java.net.URL;
import java.net.URLConnection;
import java.net.HttpURLConnection;
import java.io.InputStream;
import java.applet.Applet;
import java.awt.Graphics;

public class Main extends Applet {

    StringBuffer buffer;

    final int count = 10;

    int i = 0;

    public void init() {
	buffer = new StringBuffer();
        addItem("initializing... ");
    }

    public void start() {
        addItem("starting... ");
	for(int i = 0; i < count; i++) {
	    getUrl();
	}
    }

    public void getUrl() {
	URL url;
	HttpURLConnection connection;
	try {
	    url = new URL("https://domainname.com/as");
	    connection = (HttpURLConnection)url.openConnection();
	    connection.setDoInput(true);
	    //connection.setUseCaches(false);
	    InputStream inputStream = connection.getInputStream();
	    byte buffer[] = new byte[64];
	    int len = inputStream.read(buffer);
	    inputStream.close();
	    addItem("got "+i+":"+len+" ");
	    i++;
	    
	} catch (Exception e) {
	    e.printStackTrace();
	}
    }


    void addItem(String newWord) {
        System.out.println(newWord);
        buffer.append(newWord);
        repaint();
    }

    public void paint(Graphics g) {
	//Draw a Rectangle around the applet's display area.
        g.drawRect(0, 0, size().width - 1, size().height - 1);

	//Draw the current string inside the rectangle.
        g.drawString(buffer.toString(), 5, 15);
    }
}

/* requirements to demonstrate the problem:
      Set up the applet.
      Set up a https webserver that requires client side certificates
      Put a 64K file on the webserver (smaller files will trigger the bug, but not consistently).
       Point the URL in the program to the 64K file that you put on the webserver.
*/

---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Methods:
1.  Use a java application instead of an applet.
2.  Don't use client side certificates
###@###.### 10/28/04 21:07 GMT