P4
FULL PRODUCT VERSION :
Java Plug-in 10.55.2.14
Using JRE version 1.7.0_55-b14 Java HotSpot(TM) Client VM
FULL OS VERSION :
Internet Explorer 9
Version: 9.0.8112.16421
Update Versions: 9.0.26 (KB2964358)
EXTRA RELEVANT SYSTEM CONFIGURATION :
Signed Web Applet
A DESCRIPTION OF THE PROBLEM :
Granting socket permission for a signed applet reset http session.
network: Connecting https://<<domain>>/<<context>>/ with cookie "SESSIONID=BrNGTsPZZZ4p70kyKXcdngnJnT1vqyrGfGz1vncCX7CYTdvRTw6f!-918223278!1039033178"
network: Server https://<<domain>>/<<context>>/ requesting to set-cookie with "SESSIONID=6CNlTsQCh8Tj3b2HFSdRfnGTqX5scTRp2cKQp2fhnBJ3f73DGqTL!-918223278!1039033178; path=/"
security: Grant socket perm for https://<<domain>>/<<context>>/applet.jar : java.security.Permissions@120be93 (
("java.net.SocketPermission" "<<domain>>" "connect,accept,resolve")
)
THE PROBLEM WAS REPRODUCIBLE WITH -Xint FLAG: Did not try
THE PROBLEM WAS REPRODUCIBLE WITH -server FLAG: Did not try
REGRESSION. Last worked in version 7u51
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Deploy web-application that redirect root context to authorization mechanism (SSO), and has servlets including an applet.
Authorize session with credentials.
Load signed applet.
Click a link that loads a servlet that requires authorization.
Receive an error response unauthorized.
REPRODUCIBILITY :
This bug can be reproduced always.
Java Plug-in 10.55.2.14
Using JRE version 1.7.0_55-b14 Java HotSpot(TM) Client VM
FULL OS VERSION :
Internet Explorer 9
Version: 9.0.8112.16421
Update Versions: 9.0.26 (KB2964358)
EXTRA RELEVANT SYSTEM CONFIGURATION :
Signed Web Applet
A DESCRIPTION OF THE PROBLEM :
Granting socket permission for a signed applet reset http session.
network: Connecting https://<<domain>>/<<context>>/ with cookie "SESSIONID=BrNGTsPZZZ4p70kyKXcdngnJnT1vqyrGfGz1vncCX7CYTdvRTw6f!-918223278!1039033178"
network: Server https://<<domain>>/<<context>>/ requesting to set-cookie with "SESSIONID=6CNlTsQCh8Tj3b2HFSdRfnGTqX5scTRp2cKQp2fhnBJ3f73DGqTL!-918223278!1039033178; path=/"
security: Grant socket perm for https://<<domain>>/<<context>>/applet.jar : java.security.Permissions@120be93 (
("java.net.SocketPermission" "<<domain>>" "connect,accept,resolve")
)
THE PROBLEM WAS REPRODUCIBLE WITH -Xint FLAG: Did not try
THE PROBLEM WAS REPRODUCIBLE WITH -server FLAG: Did not try
REGRESSION. Last worked in version 7u51
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Deploy web-application that redirect root context to authorization mechanism (SSO), and has servlets including an applet.
Authorize session with credentials.
Load signed applet.
Click a link that loads a servlet that requires authorization.
Receive an error response unauthorized.
REPRODUCIBILITY :
This bug can be reproduced always.