tags:

views:

235

answers:

1
Q: 

Can a Java Applet use the browser's NTLM authorization header?

I have a Java Applet which needs to post some stuff to the web. The code, the author of which has long since disappeared, is currently using raw Java.net.Sockets to communicate with the server.

On the server side, the client requests are authenticated with NTLM or Kerberos. For requests coming from the browser itself, each HTTP header gets an added Authorization header.

Can a browser hosted java applet access the Authorization info from the browser? Or can the java applet use the browser's web stack instead (such as Flash and Silverlight), and have necessary authroization headers added by the browser itself?

A: 

Probably not, that sounds like it would be a security problem (i.e. you do not want any random java applet in the browser to reuse your authentication towards your online bank for instance).

hlovdal  2010-01-27 15:48:23
But Java does have a HttpURLConnection class, which seems to reuse the browsers credentials. Can this then be used to upload files?I'm finding most docs out there extremely shady on the subject.
Benson  2010-01-27 15:50:13

related questions

Make Browser Window Blink in Task Bar
Large File Download
Browser's Default CSS
Disable browser 'Save Password' functionality
What's the simplest way to decremement a date in Javascript by 1 day?
Browser scrollbar
Limitations of screen readers.
Version detection with Silverlight
Best way to fix CSS/JS drop-down problem in IE7 when page includes Google Map
Recommendations for browser add-on tools to help with development
Hyperlinks displaced on IE7
Building Standalone Applications in JavaScript
HTML differences between browsers
Browser Sync accross many machines
Getting selected text in a browser, cross-platform.
How to get PNG transparency working in browsers that don't natively support it?
Best WYSIWYG CSS editor?
Javascript events
Preferred way to use favicons?
IE6: To support or not to support.
Getting the text from a drop-down box
Other browsers
Drag and Drop to a hosted Browser control
How can I tell if a web client is blocking ads?
How can I determine a web user's time zone?