DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18657>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18657 Unusable with Java Web Start + Authenticating Proxies Summary: Unusable with Java Web Start + Authenticating Proxies Product: Axis Version: 1.1rc2 Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: Other Component: Basic Architecture AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] This problem prevents distributing any Java Web Start clients that rely on Axis (or the older Apache SOAP) to the general public, where we have no control over what kind of HTTP proxy is at the end-user's site. DESCRIPTION: When using an http proxy that requires username/password authentication Axis requires that the application supply such information. Java Web Start's philosophy is to handle all proxy management (and user prompting) itself and makes the proxy invisible when using an HttpURLConnection. Because of that philosophy, it does not provide a mechanism to obtain the username/password. Using Authenticator.requestPasswordAuthentication() would provide such information but result in double-prompting the user for username/password. I found a workaround to avoid the double-prompting, but the feature exploited will disappear in JDK 1.4.2 because Sun considers it a security flaw. If needed, there is additional detail in forum posting: "BUG: Axis + Java Web Start + Authenticating Proxies". Feel free to contact me if you need further explanations or sample code.
