FileNet P8 Platform, Version 5.2.1            

Support for Java applets

A Java applet is a utility that conforms to the interfaces defined in the java.applet package and is designed to run as an embedded part of another application, typically a Web browser. An applet is opened in a separate window, and can execute independently from the parent application that opened it. Applets are typically created to host graphically complex interactive user interfaces that would be difficult to implement in a browser.

In the common case where an authenticated client running in a browser takes some action that causes an applet to be opened, the applet might be able to inherit the parent's credentials. If the applet communicates via HTTP to servlets in the same Java EE Web container that the parent browser was communicating with, then authentication credentials that are stored in HTTP headers received by the parent should be accessible to the applet, and the applet should not require further authentication.

If, however, the applet uses other APIs to connect to the server, or if the applet communicates with different servers than the parent application, propagating the caller's identity might require custom development, or a second authentication might be required for the applet.

The reverse proxy server acts as an intermediary between the browser-based client and the HTTP server. It appears to the browser that the reverse proxy is the server. The browser does not know that the reverse proxy is actually translating the requests and forwarding them on to another server, and then translating the responses that are sent back.

To make it appear that the reverse proxy is the actual server, the reverse proxy must translate the responses from the server so that any references to the target server are converted to references to the reverse proxy server. This primarily affects embedded URL's. Web pages often contain many links to other pages hosted in the same Web site. The reverse proxy must translate these references so that they appear to reference the same resource, when in fact they are hosted on the reverse proxy server rather than the target server.

Reverse proxy servers are designed to handle traffic from browser-based clients, and typically translate any references that appear in HTML data correctly. There are a number of special considerations that come into play when applet traffic is sent through a reverse proxy server:

Handling Cookies
Cookies are data sent between a client and a server via HTTP headers. In a reverse proxy scenario, the reverse proxy can interject its own cookies into the data sent to the server, as well as adding to and translating the set of cookies that are returned from the server to the client. The applet must not cache cookies in memory; it must obtain them from the HTTP connection every time it needs to access them so that it can obtain the latest set of translated cookies sent by the reverse proxy.
Handling Redirects
If a reverse proxy detects stale or invalid authentication tokens in the cookies sent from a client, it can use an HTTP re-direct to cause the client to refresh its cookies. The applet must handle HTTP re-directs properly.
Translating URL's embedded in XML or other non-HTML data
Applets typically send non-HTML data back and forth with the server. If the data returned from the server contains embedded URL's, the reverse proxy server must translate these. Causing this to happen might require changes in the proxy server, to have it translate data in fields which it would not normally examine.


Last updated: March 2016
p8psn010.htm

© Copyright IBM Corporation 2016.