I have a setup where I obtain protected JNLP via browser, and JNLP saves the authentication cookie as a property. Then javaws is run with the jnlp file. The jnlp requires protected resources, so I need to pass the authentication cookie to the javaws process, so it can use it when downloading the resources... How can I pass the auth cookie to javaws process?
I've checked all parameters available to javaws and JNLP but I couldnt find how this can be done.
Is this even possible?
I think I found solution. Java Web Start uses the same cookie store as Internet Explorer - see comments in here to see how IE persistent cookies are harvested by JavaWebStart application.
To get this to work, I developed following:
In your Web server have a servlet that intercepts the authentication cookie, make it persistent and add it to response
public class CookieServlet extends org.springframework.web.servlet.mvc.AbstractController {
...
protected ModelAndView handleRequestInternal(final HttpServletRequest req,
final HttpServletResponse resp) throws Exception {
....
Cookie[] cookies = req.getCookies();
String session = null;
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("AUTHSESSION")) {
session = cookie.getValue();
break;
}
}
}
if(null!=session) {
Cookie cookie = new Cookie("AUTHSESSION", session);
cookie.setMaxAge(<specify cookie age>);
resp.addCookie(cookie);
}
...
}
Now launch your jnlp via cmd.exe - you can access the resources without issues as it harvests cookies from IE cookie store
Note: if your authentication supports auth session token being passed as a parameter then you could also extend jnlp "jar" tag to include the AUTHSESSION value i.e.
<jar href="your_jar.jar?AUTHSESSION=<session value>"/>
For us this is not the case and the auth session must be provided as a cookie.