Can a Java Applet use the browser's NTLM authorization header?
I have a Java Applet which needs to post some stuff to the web. The code, the author of which has long since disappeared, is currently using raw Java.net.Sockets to communicate with the server.
On the server side, the client requests are authenticated with NTLM or Kerberos. For requests comi开发者_如何学编程ng from the browser itself, each HTTP header gets an added Authorization header.
Can a browser hosted java applet access the Authorization info from the browser? Or can the java applet use the browser's web stack instead (such as Flash and Silverlight), and have necessary authroization headers added by the browser itself?
Probably not, that sounds like it would be a security problem (i.e. you do not want any random java applet in the browser to reuse your authentication towards your online bank for instance).
精彩评论