0

I inherited some Java code that does Single Server Sign for the BMC Remedy AR System. The code works by pulling the Kerberos ticket from the headers and then validates it by making calls to domain controllers.

The Remedy server makes a call to a method:

public UserCredentials getAuthenticatedCredentials(HttpServletRequest request,HttpServletResponse response) throws IOException

Within that method the Authorization header is extracted. For both IE and Chrome this works correctly.

The next step is to get the users timezone using a custom JSP page which is called via the following:

        RequestDispatcher reqDisp = request.getRequestDispatcher(Login.CUSTOM_TIMEZONE_URL);
        if (reqDisp != null) {
            try {
                reqDisp.forward(request, response);
            } catch (Exception e) {
                System.out.println("Error");
                e.printStackTrace();
            }
        }

This is working correctly in IE8 and IE11 but not in Chrome. For IE the header still contains the Authorization values after the time zone call so I can perform the Kerberos check but for Chrome the Authorization headers are missing.

(I can post the complete headers if that would help)

Thank you

Frankie
  • 1
  • 4
  • ¿Are you using a Java Applet? I am not sure if I understand you – pedrofb Jun 09 '16 at 09:47
  • Yes. The Remedy application is a Java applet running in Tomcat. The plugin (Java code) was written to perform Kerberos authentication. During that process a call is made to a JSP page to the users time zone and in chrome when that call returns I know longer have the Authorization header information but in IE it is not an issue. – Frankie Jun 09 '16 at 12:17
  • If the page has an applet it wont' work in chrome. See details in response – pedrofb Jun 09 '16 at 12:43
  • Ok, my answer finally was not related to the real problem and I have deleted it. I suggest you to detail the questión so people can help – pedrofb Jun 09 '16 at 19:53
  • I updated my original post to hopefully clarify the issue. – Frankie Jun 10 '16 at 14:15

0 Answers0