I have a J2EE application with ssl / client-cert authentification. In the application, a jsp page contains an applet. This applet tries to call the Application Server (IBM WAS5) through servlets. This server requires client authentification.
My question:
Is there a way to grab my credential from the request (or other) after entering the application and somehow pass these credentials to the request https being done inside the applet? How would I do that?
The idea behind that, is that since I entered the application (client-cert), I should be able to not re-authentificate myself when trying to connect to my servlet inside the applet.
Thanks for any help on that.
Fab
PS: I am using HttpsURLConnection to to connect to my servlet with URL="https://server/servlet-requires-client-authentification"
It's probably possible to get the certificate to the applet (e.g. as an applet parameter), and have the HTTP connection send that somehow, but I think it would be painful to implement.
Instead, would it be feasible to send a particular "authentication token" as applet parameter (e.g. a hash of the username and IP address), and have the applet send that for validation with each request? [ June 01, 2007: Message edited by: Ulf Dittmer ]
0
