Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!

Amit Hetawal

Ranch Hand
+ Follow
since Apr 12, 2008
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Amit Hetawal

Hello ALL,
I am trying to deploy an EAR which contains 3 WAR projects in it.
When i do create new project for the EAR i have used the version 5.0.
Although i see the deployment.xml in RAD and i can change the policy to :WAR ClassLoader POlicy to : Application.

When i try to deploy the EAR right from my RAD, the server doesnt take up the class loader change, and I see all the different exceptions occurring because of this.
Also, when i check the policy on the Admin console for this ear it is set correctly at Application level, but somehow this change doesnt show up.
Another thing when i export the same ear and log in to admin console to deploy it, everything works fine from admin console and my app comes up fine.

Can someone please help me, how to do it directly from RAD 7.5.3, its pain to everytime make a change export and deploy, manually.
Please advise
11 years ago
yes, i was thinking on the same lines.
Let me try to get those cookies and place in my every request to the servlet.

Will try and post my findings.
Thanks for your help Ulf.
12 years ago

What does it mean to "have my servlet SSO protected"

It meant, when i try to hit my servlet with a get request, i am first shown a SSO page to login my credentials and then only the get request passes through
to hit my servlet. This SSO policy is enabled on our App servers, where the rootcontext "/XXX" is SSO protected.
So if i servlet is "" i will be shown a SSO first

So when i change my rootContext to "/YYYY" i can hit my servlet without any SSO.

So my actual scenario is,
I login to server1 with SSO protection, access the Applet hosted inside JSP there, and this applet tries to make connections to my servlet on server2, which is SSO protected too, since till now my java-plugin used to take care of all the cookie handling and i can access my servlet with SSO authentication again, since at server1 i was already authenticated and java-plugin carries this info for server2 SSO agent.

But with HTTPClient, i am not able to send this authentication info across to it just restricts me at the SSO of server2.

Hope this conveys my scenario


12 years ago
hi Ulf,
So i got the basic communication between my applet to servlet using HTTPClient, below is my applet side code :

The above code works perfectly if i dont have my servlet SSO protected.
But when i enable SSO protection this communication just fails with Invalid Stream Header error.

Am still not sure how to handle the browser proxy configuration or cookies to make my request pass through the SSO agent.

Any advise ?

12 years ago
Hello Ulf,
Thank you for the reply.
Yes i totally agree with you on the fact of where the actual problem can be.
but just so that if i can prove its not the HttpUrlConnection, which is causing this problem. How can i implement the same
functionality with use of HTTpClient.
Right now my code looks like :

Here the SSO cookie is manage by the java-plugin, am just not sure how do i get the SSO authetication with the use of

Any pointers on this, will be very helpful.
12 years ago
Hello All,
Please shed some light on my query regarding the use HttpClient in Applets.

Currently we are using Suns' HttpUrlConnection for connecting to our servlet which is behind the Single sign on. So in a sense, our every request from applet,
contains the cookie, for the SSO agent to be authenticated and passed to the servlet. My understanding is, that this cookie maintenance is performed by the java-plugin on the user machine with every request to the servlet and the HttpURLConnection combination.
But every now and then we receive the Invalid Stream header exception, on client machines, which is very random, and we think its coming from the SSO agent authenticating the request. This was not even caused with the long user inactivity, it happens even when user hits the servlet even for first time, and the SSO session is just created.

I was reading about HttpUrlConnection api, and the general opinion is, it is sometimes buggy with the browser api calls.
So, i wanted to know does moving on to HttpClient, mitigates this problem, or will we be facing the same random invalid stream headers.
If i want to do a POC using HttpClient, i was wondering how to do i maintain the SSO cookie, on my every request to servlet. Since in case of the HttpUrlConnection it was automatically taken care of by the java-plugin.

Please advise,

Thank you

12 years ago
Hello All,
Sorry for the cross-post.
I tired getting the advise on forum but with no success. Can someone here please help with this or direct me to right direction.
I am trying to use the pack200 compressed jars for my Object/Applet tag, but not sure how to go about using it.
I have followed the instructions for jarsigned pack200 jars.

But now how do i use them in my Object tag, what should i name the files in my cache_archive parameter :

something like :

or :
<PARAM NAME = CACHE_ARCHIVE VALUE = "final.jar.pack.gz" />

renaming : final.jar.pack.gz --> final.jar ??

I tried both the above options but none of them works.
network: Wrote URL to File C:\Documents and Settings\I025204\Application Data\Sun\Java\Deployment\cache\6.0\60\366763c-2a096009-temp ZIP file must have at least one entry
at Source)
at Source)
at Source)
at Source)
at com.sun.deploy.cache.Cache$ Source)
at Method)
at com.sun.deploy.cache.Cache.downloadResourceToCache(Unknown Source)
at com.sun.deploy.cache.DeployFileOutputStream.close(Unknown Source)
at$HttpInputStream.close(Unknown Source)
at Source)
at sun.plugin.PluginURLJarFileCallBack.downloadJAR(Unknown Source)
at sun.plugin.PluginURLJarFileCallBack.access$000(Unknown Source)
at sun.plugin.PluginURLJarFileCallBack$ Source)
at Method)
at sun.plugin.PluginURLJarFileCallBack.retrieve(Unknown Source)
at Source)
at Source)

Do i need to add something more .
I am only allowed to use the below:as its the corporate policy for now.
Java Plug-in 1.6.0_05
Using JRE version 1.6.0_05 Java HotSpot(TM) Client VM

Can someone please help me how to get the pack200 work in the Object tag ?

Please advise.
12 years ago

Nope. For the server it appears to be the request originating from same and only one client.

Am confused how does the server know it is same client, we dont send any kind of id for that client at such.

Hello All,
I wanted to know what will be the servlet container behavior, when the client has the cookies disabled and it tries to open the same website in a different browser window.

So here is my scenario.
Client sends first request to the servlet, since no cookies set, the container will fallback to Url rewriting and from then on the session is maintained between the client and the server.
But now suppose the client opens a new browser window and tries to access the same link, but without sessionid appended to link, so in this case conatiner will see it as a new client and create a different session for it ?

The point i am getting at is, we say the session objects are not thread safe, because the client can open a new browser window but still it will be in the same session, but i think if the cookies are disabled , then the session objects for that client will be thread safe. is that correct or i am missing anything ?

Please advise.
In my JSP i tried :




Output : */*

Dont know what it means ?
I tried testing it, but all the headers had single values.
According to my understanding, i think the getHeader() will return the full string of header values i.e
if header :
"Test" = "value1,value2"

getHeader("Test") will give "value1,value2"

But if we have header as
"Test" = "value1"
"Test" = "value2"

getHeader("Test" will give "value1" ie the first value of the header.

Please correct me if i am wrong.

I was confused seeing the below question. (Enthuware mock test)

According to my understanding request.getHeader() returns the first value of header if it contains multiple values.
So why not the answer be Option C,

Can someone help me what does the request.getHeader() will actually returns.

Thank you, it took me a while to clear my understanding on this ..
Hello All,
Can someone help me with the answer for this question.

According to me, shouldn't the answer be Option D, since there is not <http-method> defined, all the methods will be inaccessible,
so the user should not be prompted for any of the Http methods ?

Please advise.

Please advise on below question

Answers : A, C

I wonder why D is not a correct answer. And also is WEB-INF case-sensitive ?