java plugin and brser certificates
We have a java applet that communicates with a spring application running on tomcat and using spring's http invoker.
we want to secure the applet using ssl with client authentication, we have a jsp page for login, after successful login the applet loads.
the jsp page is secured with ssl, when the applet loads the http invoker inside the applet is doing a second handshake apparently not related to the browser handshake, OK, I don't mind that, but I want the java plugin to use browser certificates and client certificates but its not, I have to load the client certificate to the java plugin also using the java ControlPanel, and if my server's certificate is self signed then I have to load the server certificate also to the java ControlPanel and to the nrowser.
another thing is when the applet starts loading the java plugin pops a dialog asking for the client keystore password, I would like to avoid that.
so to conclude: I would like the java plugin to use the browser's trusted certificates and client certificates, and to avoid the keystore password dialog that pops up.
have googled for it for two days and can't find any clue of how to accomplish that.
I will appreciate any help. �
I'm using jdk 1.6.0 u23 and firefox 3.6.13