Giter Club home page Giter Club logo

Comments (6)

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
Are you sure that there exists an HTTP session cookie right before the eID 
Applet runs?

Original comment by [email protected] on 19 Apr 2010 at 10:07

from eid-applet.

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
Here is a execution sample:

1) Right before the eID Applet runs, firefox shows session cookie with the 
session id
: 1E7D19D5057C1A353E8936DB3718A8FA

2) when I run the applet, i get that log on the server side :
---------------
DEBUG 16:05:08,485 be.fedict.eid.applet.service.AppletServiceServlet - doPost
DEBUG 16:05:08,485 be.fedict.eid.applet.service.impl.HttpServletProtocolContext 
-
current protocol state: null s, session:1B0FB2036FE29CB50F9C22B64E5CB70E,
creationTime:1271772308485, lastAccessTime:1271772308485
DEBUG 16:05:08,485 be.fedict.eid.applet.service.impl.HttpServletProtocolContext 
-
protocol state transition: INIT, session:1B0FB2036FE29CB50F9C22B64E5CB70E,
creationTime:1271772308485, lastAccessTime:1271772308485
DEBUG 16:05:08,485 
be.fedict.eid.applet.service.impl.handler.HelloMessageHandler -
hello message received
DEBUG 16:05:08,501 be.fedict.eid.applet.service.impl.HttpServletProtocolContext 
-
current protocol state: INIT s, session:1B0FB2036FE29CB50F9C22B64E5CB70E,
creationTime:1271772308485, lastAccessTime:1271772308485
DEBUG 16:05:08,501 be.fedict.eid.applet.service.impl.HttpServletProtocolContext 
-
protocol state transition: IDENTIFY, session:1B0FB2036FE29CB50F9C22B64E5CB70E,
creationTime:1271772308485, lastAccessTime:1271772308485
DEBUG 16:05:08,501
be.fedict.eid.applet.service.impl.CleanSessionProtocolStateListener - cleaning 
up the
identity session attributes...
--------------------

So the session ID has changed but firefox still display the old session id in 
http
session cookie...


3) Next, if click "yes" on the privacy popup, the server log is : 
--------------------
DEBUG 16:05:28,625 be.fedict.eid.applet.service.AppletServiceServlet - doPost
DEBUG 16:05:28,625 be.fedict.eid.applet.service.impl.HttpServletProtocolContext 
-
current protocol state: null s, session:40CE272FF239AA0D7CD982927E9DE5A8,
creationTime:1271772328625, lastAccessTime:1271772328625
16:05:28 org.apache.catalina.core.StandardWrapperValve invoke
GRAVE: "Servlet.service()" pour la servlet AppletServiceServlet a généré une 
exception
java.lang.RuntimeException: expected a protocol start message
--------------------

A new session ID is created again. Firefox still display the initial session id.


I'm not sure if the http session cookie displayed in firefox is properly 
refreshed
but it seems that a new session id is created each time the applet communicates 
with
the server.


Here is the applet log (note that the server asks for a new session cookie): 

--------------------
Niveau de traçage fixé à 5 : tous ... terminés.
basic: Starting applet teardown
basic: Finished applet teardown
basic: Récepteur de progression ajouté :
sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@15718f2
basic: Applet chargé.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 
128350 us,
pluginInit dt 24251225 us, TotalTime: 24379575 us
basic: Applet initialized
basic: Récepteur de progression supprimé :
sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@15718f2
basic: Applet made visible
basic: Starting applet
basic: Applet started
basic: Told clients applet is started
network: Connexion de https://10.32.128.216:8443/mywebapp/applet-service avec
proxy=DIRECT
network: Connexion de http://10.32.128.216:8443/ avec proxy=DIRECT
network: Serveur https://10.32.128.216:8443/mywebapp/applet-service demandant de
définir un cookie avec "JSESSIONID=1B0FB2036FE29CB50F9C22B64E5CB70E; 
Path=/mywebapp;
Secure"
network: Connexion de https://10.32.128.216:8443/mywebapp/applet-service avec
proxy=DIRECT
network: Connexion de http://10.32.128.216:8443/ avec proxy=DIRECT 
--------------------


thx

Original comment by [email protected] on 20 Apr 2010 at 2:39

from eid-applet.

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
Normally the Java plugin runtime received the session cookie from the web 
browser and uses this session cookie when the eID Applet communicates with the 
server. Apparently you're mixing http with https, which probably causes some 
session cookie issues (Secure session cookie).

Original comment by [email protected] on 21 Jun 2010 at 3:33

  • Changed state: WontFix

from eid-applet.

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
Hi,

This is not related to a http/https mixing.

Since the revision 322 
"eid-applet-core/src/main/java/be/fedict/eid/applet/Controller.java" the applet 
displays the message "Error: No session cookie detected!" before the error 
occurs and I was able to reproduce the issue by disabling cookies in Firefox 
3.6.6.

If cookies are necessary to allow the use of the eID applet I suggest to return 
an error code directly like "SESSION_COOKIE_ERROR" instead of starting to 
exchange data with the server and then return a generic error. Thus, we can 
display a user friendly message asking to enable cookies to use the eID applet.

Original comment by [email protected] on 14 Jul 2010 at 3:49

from eid-applet.

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
The problem with turning the session cookie detection into an error code is 
that we cannot differentiate between a server setting the session cookie to 
HttpOnly, or a web browser having disabled the usage of session cookie. So for 
the moment we can only give some warning in the detail messages.

Original comment by [email protected] on 19 Jul 2010 at 12:39

from eid-applet.

GoogleCodeExporter avatar GoogleCodeExporter commented on July 17, 2024 
Hello, and thanks for providing this open source.

Same error here however: expected a protocol start message

Only in Firefox, not in iE.

Is there a fix yet for this?

Original comment by [email protected] on 14 Oct 2010 at 3:53

from eid-applet.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.