I have created web application which has all servlet secured and i am using basic http authentication. so when ever i execute any servlet first it will ask me user name and password and then it will allow me execute that servlet. now one of the jsp page is loading applet in same context and this applet is calling servlet. This call again ask for that password though i have sucessfully login. So i think when call that servlet using urlconnection i have to provide some username and password
Put username and password in session as soon as user login into the application.Pass username and password from session to applet using applet parameter. Applet internally passes username and password to Servlet while calling it.
My blood is tested +ve for Java.
Joined: May 23, 2005
thx chetan for reply,
I am not using programatic security, I am using container managed security for authentication.
There's nothing JBoss-specific about this. It's just that the browser and the JVM use different network code, so both need to send the username/password independently of each other. You can use Chetans suggestion of encoding the username and password as applet parameters in the web page (although that's a security risk).
If you're using a [Http]URLConnection in the applet, the following code adds the authentication header to the connection: