-
Bug
-
Resolution: Duplicate
-
P2
-
6u14
-
generic
-
windows_xp
** What type of OS are you running?
Windows/XP/Vista
** What version of OS are you running?
windows sp3
** Please describe your Environment:
** application, system setup and problem statement.
Problem description:
-------------------
When using JRE & Client Authentication the Client Authentication pop up is
raised for the client certificate very frequently.
The Client Authentication pop up will be shown when one of the following
happens, whichever is the first
a) SSLSessionCacheTimeout time has been reached
b) SSlSessionCache Limit has been reached
** When was the issue first noticed ( Date and Time )?
** When since that time have you seen the issue ?
Reported 13-JUN-2009 12:11:31 PST
Please see comments section of the report for pointer to test case and instructions on how to reproduce the problem.
What we are looking to find is if there is a way for customers to use client-side authentication with the JDK where there are multiple client certs in the wallet/keystore? If this configuration is used, then customers experience that the certification prompt from the JRE locks up when the SSL session times out and the client cert must be selected again to auth the user.
Timeline of events:
1) User connects to webserver/applet
2) User is prompted to select client-cert by JRE
3) User selects client-cert and accesses the applet
4) Timeout occurs after 60 sec (configured in ssl.conf of webserver for testing)
5) User is prompted again for client-cert by JRE
6) This time the user cannot select cert as the prompt hangs
7) Hang requires user to kill JRE from taskmanager thus losing all session work in applet.
Windows/XP/Vista
** What version of OS are you running?
windows sp3
** Please describe your Environment:
** application, system setup and problem statement.
Problem description:
-------------------
When using JRE & Client Authentication the Client Authentication pop up is
raised for the client certificate very frequently.
The Client Authentication pop up will be shown when one of the following
happens, whichever is the first
a) SSLSessionCacheTimeout time has been reached
b) SSlSessionCache Limit has been reached
** When was the issue first noticed ( Date and Time )?
** When since that time have you seen the issue ?
Reported 13-JUN-2009 12:11:31 PST
Please see comments section of the report for pointer to test case and instructions on how to reproduce the problem.
What we are looking to find is if there is a way for customers to use client-side authentication with the JDK where there are multiple client certs in the wallet/keystore? If this configuration is used, then customers experience that the certification prompt from the JRE locks up when the SSL session times out and the client cert must be selected again to auth the user.
Timeline of events:
1) User connects to webserver/applet
2) User is prompted to select client-cert by JRE
3) User selects client-cert and accesses the applet
4) Timeout occurs after 60 sec (configured in ssl.conf of webserver for testing)
5) User is prompted again for client-cert by JRE
6) This time the user cannot select cert as the prompt hangs
7) Hang requires user to kill JRE from taskmanager thus losing all session work in applet.
- relates to
-
JDK-6951688 Client certificate authentication prompt on every connection - Remove JFB checking
-
- Closed
-