applet的Java Web服务调用
[英]java web service calls by applet
问题描述
I have an applet loaded by browser. 
我的浏览器加载了一个applet。
This applet makes web service calls to server. 此小程序对服务器进行Web服务调用。
If I sign the applet and download it via https by the server, if then I make a web service call, would it be possible to reuse the existing ssl session or will the https would have to be reestablished? 如果我签署了applet并由服务器通过https下载,然后进行了Web服务调用,是否可以重用现有的ssl会话,还是必须重新建立https?
I think that the https (ie ssl handshake) would have to be reestablished since the initial connection was made by browser. 我认为自浏览器进行初始连接以来,必须重新建立https(即ssl握手)。 Is this the case? 是这样吗
If yes, then is there a way to avoid reauthentication when the user starts using the applet? 如果是,那么当用户开始使用小程序时,是否有一种方法可以避免重新认证? Ie reuse the previous ssl connection, or is it impossible? 即重用以前的SSL连接,还是不可能? BTW the web service stack is axis2. 顺便说一句,Web服务堆栈是axis2。
Thanks 谢谢
1 个解决方案
解决方案1
2 已采纳 2011-01-19 14:52:26
https and authentification are different things. https和身份验证是不同的东西。 Of course they are working together when you authentificate with user/password over https. 当然,当您通过https与用户/密码进行身份验证时,它们将一起工作。
https can be used for authentification when client authentification is enabled. 启用客户端身份验证后,https可以用于身份验证。 So the client must send a valid (signed) certificate to the server. 因此,客户端必须将有效(签名)证书发送到服务器。 But i supose you have a user/password over https authentifation method. 但我认为您在https身份验证方法上有一个用户名/密码。
Once the browser has logged in, normally the server creates and holds a session and the browser receives a session cookie. 浏览器登录后,通常服务器将创建并保存一个会话,浏览器将接收一个会话cookie。 That cookie will be send on consecutive requests after login (still encrypted by https). 该Cookie将在登录后根据连续的请求发送(仍由https加密)。
If you pass the session cookie to the applet the applet can reuse the session. 如果将会话cookie传递给小程序,则小程序可以重用该会话。
Update 更新资料
Impossible to explain you this in detail. 不可能详细解释给您。 You should search and read for Java Applet communication . 您应该搜索并阅读Java Applet通信 。
You can call methods of the applet from javascript and access the web page/browser state from the applet (Applet.getAppletContext()).
您可以从javascript调用applet的方法,并从applet(Applet.getAppletContext())访问网页/浏览器状态。 You may call the applet with a parameter that contains the session id.
您可以使用包含会话ID的参数来调用该applet。
The session cookie name may be JSESSIONID when the web server is a servlet container. 当Web服务器是servlet容器时,会话cookie名称可以是JSESSIONID。
If your web server is a servlet container then you can pass the session id in diferent ways: as cookie in the request header or coded into the URL (URL rewriting). 如果您的Web服务器是servlet容器,则可以通过不同的方式传递会话ID:作为请求标头中的cookie或编码为URL(URL重写)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.