Enable use of session cookies

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Use appendFile(url) from a webpage where url is protected by  some kind of 
authorization
2. The page that the applet is on can only be accessed when the user is logged 
in
3. call applet.print() from the javascript page

What is the expected output? What do you see instead?
I expect the applet to send get the file from the url and print it.
Instead, the applet does not send the session cookie form the current browser 
context, so the the serve redirects the request to the login page and printing 
fails.

What version of the product are you using? On what operating system?
1.2, OS-X, any browser

Please provide any additional information below.
I would think that when printing from a web application, it is pretty obvious 
that a lot of printing will be done from web pages that require the user to be 
authenticated. It should also be pretty obvious that the file to print will be 
downloaded form the server and that this file also requires the user to be 
authenticated. (After all - if I have downloaded the file separately, there is 
not need for this applet).
It is further pretty often the case that user authentication is done via 
session cookies. So that leads to the simple request that it should be possible 
to tell the applet what my session cookie's name is and to have the applet send 
it to the browser. But, there is nothing in the code that does that.

Original issue reported on code.google.com by thomas.b...@gmail.com on 22 Jan 2012 at 6:28

[GoogleCodeExporter]

Great suggestion.

Re-categorizing as "enhancement".

This will take some work/research. If you have a specific timeline you need 
this by, please email me. It appears Java has basic support for this built-in, 
however I haven't read the examples yet.

http://java.sun.com/products/plugin/1.2/docs/cookie.html

-Tres

Original comment by tres.fin...@gmail.com on 22 Jan 2012 at 3:45

• Changed state: Accepted
• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

Thank you for the quick reply.
I am integrating jZebra as we speak, the launch is supposed to be in a couple 
of months. I am trying to find a work around, but it would be great to have 
this feature soon.

Thanks,
Thomas

Original comment by thomas.b...@gmail.com on 23 Jan 2012 at 1:08

[GoogleCodeExporter]

It may not be feasible, depending on the security architecture of the browser.
If the session coookie is sent by the application as 'http-only', the java 
Applet may not have access to its value.
There is a workaround if you consider the global picture : the session 
identifier is usually known by your application (in PHP, you access it through 
the session_id() function), so you can change the url in your application 
accordingly.
For instance, in PHP, the code will look like :
$url='http://mysite.org/getzpl.php?'.session_name().'='.session_id();
echo 'document.jZebra.appendFile("'.$url.'");'."\n";

Original comment by jfsten...@gmail.com on 25 Jan 2012 at 10:58

[GoogleCodeExporter]

I began research on this... Here's what I've found: (quoted from sun's site)

This suggests that it should already work.  Please email me so I can better 
understand how you are using it.  It suggests Netscape (which would be Firefox 
now) wants the applet and the web page to be in the same location (which I find 
ugly).

-Tres

Currently, cookie support in Java Plug-in is triggered automatically when a 
HTTP connection needs to be made.

HTTPS support in Java Plug-in 1.2.2 provides bi-directional cookie support. 
HTTPS is entirely implemented using the browser's API and cookies are handled 
automatically by the browser.

To ensure cookie support in Java Plug-in will always work as expected, we 
recommend the following:

make sure the document base is part of the codebase of the applet
make sure cookie policy is set correctly
your web server should not set cookies in the HTTP connection from the applet

Original comment by tres.fin...@gmail.com on 1 Feb 2012 at 2:01

[GoogleCodeExporter]

Here is another useful post on the subject, which requires turning off 
"Http-Only" option in ASP.NET.  Not sure if it applies.

http://stackoverflow.com/questions/201699/sharing-asp-net-session-cookies-with-a
-java-applet

Original comment by tres.fin...@gmail.com on 1 Feb 2012 at 2:17

[GoogleCodeExporter]

@Thomas:  Since cookie support seems to be built-in to Java SE, the any cookie 
limitations introduced by Java are not jZebra bugs.  Closing as invalid based 
on my investigation.  If you find this to be incorrect, please reopen.

Original comment by tres.fin...@gmail.com on 16 Mar 2012 at 1:53

• Changed state: Invalid