Using Web Start for demos is nice, but I would like to see it take on real installation and update work.
We would like to use Web Start to install and update our full application for our registered users, and *only* our registered users. I've started to investigate two ways to do this: http authentication and cookie based authentication.
Http authentication is unacceptable because although the JWS client supports it, a username/password popup appears each and every time the application is started. JWS doesn't even save the username and password like most web browsers.
As I understand it, the JWS client supports cookies, but cookie based authentication schemes generally redirect you to a page with a login form before handing you the persistent cookie. I haven't done the experiment, but I wouldn't expect JWS to display a web page and handle a form submission.
Perhaps an initial http authentication to get the cookie with cookie authentication used thereafter, but I haven't figured out how to make Apache do it.
Is it unrealistic to try to control access to JWS files? Is anyone doing this? I've searched the web and have seen many pleas for help but no real answers.
-- Mark |
java.net RSS Feeds
