People still use Applets? !!!
On Fri, Jun 28, 2013 at 1:29 PM, Pradeep Fernando <[email protected]> wrote: > Hi All, > > regarding the https://wso2.org/jira/browse/CARBON-14144 > > Currently we cant embed any applets within our JSP pages. The root cause > being session check during applet class file, load requests in the carbon > server and applet loaders using different sessionID. > > Starting from tomcat 7 container implementation they don't allow applet > code to use same browser session. [1] [2] > Starting with tomcat 7, user has to explicitly pass in sessionID to the > applet code in order to authenticate the request. > > however we can get this to work by making .class files and .jar files as > non-secured content in the > > CarbonSecuredContext#allowNonsecuredContent() method. > > have to evaluate whether this will introduce any security vulnerabilties. > One other option is to make NonsecuredContent configurable.. > > > [1] > http://mail-archives.apache.org/mod_mbox/tomcat-users/201107.mbox/%[email protected]%3E > [2] https://groups.google.com/forum/#!topic/eid-applet/zAnrlfzm-1k > > thanks, > --Pradeep > -- *Afkham Azeez* Director of Architecture; WSO2, Inc.; http://wso2.com Member; Apache Software Foundation; http://www.apache.org/ * <http://www.apache.org/>** email: **[email protected]* <[email protected]>* cell: +94 77 3320919 blog: **http://blog.afkham.org* <http://blog.afkham.org>* twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> * linked-in: **http://lk.linkedin.com/in/afkhamazeez* * * *Lean . Enterprise . Middleware*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
