My problem is that I have a .NET application with a Java applet embedded in it. The Java applet sends an HTTP request to the server for a file like downloadfile.aspx. I believe, but cannot confirm, that the applet is including (at least) two cookies in the HTTP request: the ASPNET_SessionID and a "Login" cookie that matches the application's forms authentication.
<forms name="Login" loginUrl="Interactive/boun
The problem is that some -- a small percentage of my users -- are using this applet to get a .NET web form like downloadfile.aspx, but the server response is the bounceToLogin.html page defined in the <forms> tag instead. Does anybody have some ideas how to ensure that the connection is authenticated?
P.S. I thought I had solved over here: http://www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_22822036.html
but it's popped up again.
// in the Java applet
Url u = new URL(myurl);
HttpURLConnection conn = (HttpURLConnection)u.openConnection();
conn.setRequestProperty("Cookie", "ASP.NET_SessionId=" + sessionID);
conn.setRequestProperty("Cookie", "Login=" + loginID);
// sessionID and loginID are defined in download.aspx, the page that
// contains the applet.
// in download.aspx:
sessionString = HttpContext.Current.Session.SessionID
// and then
<applet ...><PARAM NAME="sessionID" VALUE="<%# sessionString %>"></applet>
// also in download.aspx:
<param name="loginID" value="<%# Request.Cookies["Login"].Value %>">
sessionID = and passed as to the applet as a parameter