search

tkalactomo / jzebra

Automatically exported from code.google.com/p/jzebra
0 stars 0 forks source link

Applet fails to load via HTTPS (403 Forbidden in stack trace) #198

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Issue:
The issue I discovered by using the tracing level <5> in the Java Console was a 
403 Forbidden error when trying to access the JNLP file.

Cause:
This is due to the Java Framework not having access to the JNLP when behind a 
session-secured location.  This occurs with newer versions of QZ-PRINT due to 
the introduction of the JNLP deployment method.  The error occurs when the 
qz-print.jar applet attempts to read the JNLP file from the supplied jnlp_href 
URL.

Proposed Solutions:
There are several possible solutions to this.

- One solution is to host the JNLP and JAR files from an unrestricted (but 
still SSL secure) location.

- A second solution (if available in your environment) is to provide valid 
login credentials or session information in the JNLP file request.
i.e. jnlp_href = 'qz-print_jnlp.jnlp?sessionid=142d93b5c53a837d', 
      OR
i.e. jnlp_href = 
'qz-print_jnlp.jnlp?some=special&parameters=that&work=like&userid=javauser&passw
ord=javapassword', 

- Since the cookie request can be observed in the stack trace, there may be an 
alternate cookie setting that will fix this (please post to the project if you 
know more on this subject)

- Lastly, a third (possible) solution would require enhancement to the qz-print 
plugin to override the default internal download behavior of the JNLP file by 
providing a custom authentication method to JnlpFileHandler class.

References:
http://stackoverflow.com/questions/16313283/continue-browser-session-in-jnlp
https://forums.oracle.com/thread/1309502

http://docs.oracle.com/javase/tutorial/deployment/doingMoreWithRIA/accessingCook
ies.html

Original issue reported on code.google.com by tres.fin...@gmail.com on 11 Dec 2013 at 4:39

Attachments:

GoogleCodeExporter commented 9 years ago 
Turns out cookies were ok, but in addition, client cert authentication is being 
used... 

Is a plugin needed for Firefox?  Feedback appreciated. -Tres

http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guid
e/keystores.html

Original comment by tres.fin...@gmail.com on 11 Dec 2013 at 7:30

GoogleCodeExporter commented 9 years ago

Original comment by tres.fin...@gmail.com on 26 Aug 2014 at 12:31