Internet Explorer doesn't forward to result page

823 views

Skip to first unread message

yoer...@gmail.com

unread,

Jan 27, 2014, 8:05:32 AM1/27/14

to eid-a...@googlegroups.com

Hi,

I implemented the eID Applet on a Tomcat server. It worked on my computer on every browser, but 2 weeks ago an issue came up with IE versions 10 and before (I don't know if it worked on those before):

When going to the Identification Servlet, the applet is loaded, the data is read from the card, but after that you get forwarded to the Authentication Servlet (instead of the result page), where you have to fill in your PIN. Doing this works, but after loading the data you again get forwarded to the Authentication Servlet. The TargetPage parameter is set correctly.

I was still working with the 1.1.0.RC2 applet, so I upgraded to 1.1.3. After this, everything worked on all browsers and browser versions.

BUT suddenly, today the same issue happens again, even in IE 11 (not Chrome or FF). The weird thing is that it works on my computer, with java 7.51, but not on other computers having the same java and IE version, nor older java and IE versions.

Any idea where this issue comes from, and how I can fix it? It sounds like a certain setting or maybe cookie, but I don't understand how this can influence the forwarding... The java console output is below, I highlighted where the forwarding doesn't seem to happen. I also added the java console output on https://www.e-contract.be/eid-applet-test/identify.html to see the difference, but I don't see it.

Thanks so much!

The identification page:

var attributes = {

code :'be.fedict.eid.applet.Applet.class',

archive :'../eid-applet-package-1.1.3.jar',

width :600,

height :300

};

var parameters = {

TargetPage :'eID-result.jsp?src=0&app='+157+

'&page='+44+

'&prsnr='+43+

'&session='+1884096883254801+

'&cs=\''+'3E0DEB74D2568A9D668CEA27B4311CB54'+'\''+

'&url=\''+'urlremovedforquestion'+'\''+

'&lang=NL',

AppletService :'../identification-service;jsessionid=110E4709D8D845B0C3C9F75233A0D51E',

BackgroundColor : '#ffffff',

Language : 'NL',

HideDetailsButton : true

};

var version = '1.7';

deployJava.runApplet(attributes, parameters, version);

</script>

The java console output on the Tomcat server:

cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@e427ed

basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@1a07c1c

basic: Plugin2ClassLoader.addURL parent called for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

basic: Loading Java Applet ...

Java Plug-in 10.51.2.13

Using JRE version 1.7.0_51-b13 Java HotSpot(TM) Client VM

User home directory = C:\Documents and Settings\Administrator

----------------------------------------------------

c: clear console window

f: finalize objects on finalization queue

g: garbage collect

h: display this help message

l: dump classloader list

m: print memory usage

o: trigger logging

q: hide console

r: reload policy configuration

s: dump system and deployment properties

t: dump thread list

v: dump thread stack

x: clear classloader cache

0-5: set trace level to <n>

----------------------------------------------------

security: Blacklist revocation check is enabled

security: blacklist: created: NEED_LOAD, lastModified: 1385109814296

security: blacklist: hasBeenModifiedSince 1390816089442 (we have 1385109814296)

security: Trusted libraries list check is enabled

network: Cache entry found [url: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar, version: null] prevalidated=false/0

cache: Adding MemoryCache entry: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

cache: Resource https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar has expired.

network: Connecting https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar with proxy=DIRECT

network: Cache entry not found [url: file:/C:/Program%20Files/Java/jre7/lib/ext/sunec.jar, version: null]

network: Cache entry not found [url: file:/C:/Program%20Files/Java/jre7/lib/ext/sunjce_provider.jar, version: null]

network: Connecting http://urlremovedforquestion/ with proxy=DIRECT

security: Loading Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts

security: Loaded Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts

security: Loading SSL Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts

security: Loaded SSL Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Loading certificates from Internet Explorer ROOT certificate store

security: Loaded certificates from Internet Explorer ROOT certificate store

network: ResponseCode for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar : 304

network: Encoding for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar : null

network: Disconnect connection to https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

cache: Read manifest for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar: read=173 full=4375

cache: Loading full manifest for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jarcache: Reading Signers from 3847 https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar | C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\61\3953d8fd-3ea33bed.idx

cache: Done readSigners(https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar)

security: Trust for: https://eurlremovedforquestion/eID/eid-applet-package-1.1.3.jar has ended: Thu Jan 01 01:00:00 CET 1970

security: Missing Application-Library-Allowable-Codebase manifest attribute for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

security: Loading Deployment certificates from C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\trusted.certs

security: Loaded Deployment certificates from C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\trusted.certs

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Loading certificates from Deployment session certificate store

security: Loaded certificates from Deployment session certificate store

security: Loading certificates from Internet Explorer TrustedPublisher certificate store

security: Loaded certificates from Internet Explorer TrustedPublisher certificate store

security: Loading certificates from Internet Explorer DISALLOWED certificate store

security: Loaded certificates from Internet Explorer DISALLOWED certificate store

security: Validate the certificate chain using CertPath API

security: Loading certificates from Internet Explorer ROOT certificate store

security: Loaded certificates from Internet Explorer ROOT certificate store

security: Loading blacklisted.certs file: C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\blacklisted.certs

security: SHA-256Certificate finger print: 606E95A593A7AED8B137A356ED2D564817A1C18B97F4F59998DFD0F5963B0148

security: Checking if certificate is in Internet Explorer DISALLOWED certificate store

security: SHA-256Certificate finger print: E20D6C943171907272A27D3672C8EEFD5E422B5F370E45EB1F55B5B2368251EA

security: Checking if certificate is in Internet Explorer DISALLOWED certificate store

security: SHA-256Certificate finger print: D928361C3E79F0EF93953E066E54DC741E71A71200AAAA5418410FBEE474DADE

security: Checking if certificate is in Internet Explorer DISALLOWED certificate store

security: The OCSP support is enabled

security: The CRL support is enabled

security: Failing over to CRLs: Certificate does not specify OCSP responder

network: Cache entry found [url: http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl, version: null] prevalidated=false/0

cache: Adding MemoryCache entry: http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl

cache: Resource http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl has expired.

network: Connecting http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl with proxy=DIRECT

network: Connecting http://www.public-trust.com:80/ with proxy=DIRECT

network: ResponseCode for http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl : 304

network: Encoding for http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl : null

network: Disconnect connection to http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl

security: Failing over to CRLs: Certificate does not specify OCSP responder

network: Cache entry found [url: http://crl.e-trust.be/NCA.crl, version: null] prevalidated=false/0

cache: Adding MemoryCache entry: http://crl.e-trust.be/NCA.crl

Resource http://crl.e-trust.be/NCA.crl has future expires: Mon Feb 10 10:48:10 CET 2014 update check skipped.

security: Failing over to CRLs: Certificate does not specify OCSP responder

network: Cache entry found [url: http://crl.e-trust.be/NCA_WSOS.crl, version: null] prevalidated=false/0

cache: Adding MemoryCache entry: http://crl.e-trust.be/NCA_WSOS.crl

Resource http://crl.e-trust.be/NCA_WSOS.crl has future expires: Mon Jan 27 13:34:47 CET 2014 update check skipped.

security: Certificate validation succeeded using OCSP/CRL

security: Checking if certificate is in Internet Explorer TrustedPublisher certificate store

Missing Application-Name manifest attribute for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

basic: Dialog type is not candidate for embedding

security: User has granted the privileges to the code for this session only

security: Saving certificates in Deployment session certificate store

security: Saved certificates in Deployment session certificate store

security: Grant socket perm for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar : java.security.Permissions@1c52256 (

("java.net.SocketPermission" "urlremovedforquestion" "connect,accept,resolve")

)

security: Trust for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar has ended: Thu Jan 01 01:00:00 CET 1970

security: Missing Application-Library-Allowable-Codebase manifest attribute for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

security: Validate the certificate chain using CertPath API

basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms

security: Missing Application-Library-Allowable-Codebase manifest attribute for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

security: Validate the certificate chain using CertPath API

security: SSV validation:

running: 1.7.0_51

requested: null

range: null

javaVersionParam: null

Rule Set version: null

network: Created version ID: 1.7.0.51

security: continue with running version

network: Created version ID: 1.7.0.51

network: Created version ID: 1.7

network: Created version ID: 2.2.51

security: --- parseCommandLine converted :

into:

[]

basic: Applet loaded.

basic: Applet resized and added to parent container

basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 10667915 us, pluginInit dt 57253496 us, TotalTime: 67921411 us

basic: Applet initialized

basic: Starting applet

basic: completed perf rollup

basic: Applet made visible

basic: Applet started

basic: Told clients applet is started

Released under GNU LGPL version 3.0 license.

More info: http://code.google.com/p/eid-applet/

checking applet privileges...

security manager permission check for java 1.6...

checking web application trust...

running privileged code...

eID browser applet version: 1.1.3

Java version: 1.7.0_51

Java vendor: Oracle Corporation

OS: Windows XP

OS version: 5.1

OS arch: x86

Web application URL: https://urlremovedforquestion/eID/FedDB/identification.jsp?app=157&page=44&session=49865455448501&prsnr=25&cs='360D504D0C45723BEDE115674F79661D3'&url='urlremovedforquestion'&lang=NL

Current time: Mon Jan 27 11:18:36 CET 2014

ERROR: no session cookie detected!

sending message: HelloMessage

current protocol state: null

protocol state transition: INIT

network: Connecting https://urlremovedforquestion/eID/identification-service;jsessionid=6CDE0452948A1FB1A59577D177A62B78 with proxy=DIRECT

network: Connecting http://urlremovedforquestion/ with proxy=DIRECT

SSL handshake finish cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

response message: IdentificationRequestMessage

current protocol state: INIT

protocol state transition: IDENTIFY

include address: true

include photo: true

include integrity data: false

include certificates: false

remove card: false

identity data usage: null

Detecteren van eID kaart...

Gelieve uw eID kaart in te steken...

Scanning card terminal: THRC Smart Card Reader 0

eID card detected in card terminal : THRC Smart Card Reader 0

Identiteitsgegevens aan het uitlezen...

Reading identity file...

selecting file

read binary

Size identity file: 159

Read address file...

selecting file

read binary

Size address file: 121

Read photo file...

selecting file

read binary

Identiteitsgegevens aan het zenden...

sending message: IdentityDataMessage

current protocol state: IDENTIFY

network: Connecting https://urlremovedforquestion/eID/identification-service;jsessionid=6CDE0452948A1FB1A59577D177A62B78 with proxy=DIRECT

network: Connecting http://urlremovedforquestion/ with proxy=DIRECT

SSL handshake finish cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

response message: FinishedMessage

current protocol state: IDENTIFY

removing protocol state

Gedaan.

Navigating to: https://urlremovedforquestion/eID/FedDB/eID-result.jsp?src=0&app=157&page=44&prsnr=25&session=49865455448501&cs='360D504D0C45723BEDE115674F79661D3'&url='urlremovedforquestion'&lang=NL

basic: Starting applet teardown

basic: Finished applet teardown

basic: PluginMain.unregisterApplet: 1 from mananger sun.plugin2.applet.Applet2Manager@1036271

basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@1a07c1c

basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@f3cd97

basic: Plugin2ClassLoader.addURL parent called for https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

security: Missing Application-Library-Allowable-Codebase manifest attribute for: https://urlremovedforquestion/eID/eid-applet-package-1.1.3.jar

security: Validate the certificate chain using CertPath API

security: SSV validation:

running: 1.7.0_51

requested: null

range: null

javaVersionParam: null

Rule Set version: null

network: Created version ID: 1.7.0.51

security: continue with running version

network: Created version ID: 1.7.0.51

network: Created version ID: 1.7

network: Created version ID: 2.2.51

security: --- parseCommandLine converted :

into:

[]

basic: Applet loaded.

basic: Applet resized and added to parent container

basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 10667915 us, pluginInit dt 65462130 us, TotalTime: 76130045 us

basic: Applet initialized

basic: Starting applet

basic: completed perf rollup

basic: Applet made visible

basic: Applet started

basic: Told clients applet is started

Released under GNU LGPL version 3.0 license.

More info: http://code.google.com/p/eid-applet/

checking applet privileges...

security manager permission check for java 1.6...

checking web application trust...

running privileged code...

eID browser applet version: 1.1.3

Java version: 1.7.0_51

Java vendor: Oracle Corporation

OS: Windows XP

OS version: 5.1

OS arch: x86

Web application URL: https://urlremovedforquestion/eID/FedDB/authentication.jsp?app=157&page=44&prsnr=25&checksum=null&session=49865455448501

Current time: Mon Jan 27 11:18:43 CET 2014

ERROR: no session cookie detected!

sending message: HelloMessage

current protocol state: null

protocol state transition: INIT

network: Connecting https://urlremovedforquestion/eID/applet-service-authn;jsessionid=5F4CE5D624525221BB69785874D6A025 with proxy=DIRECT

response message: AuthenticationRequestMessage

current protocol state: INIT

protocol state transition: AUTHENTICATE

include hostname: false

include inet address: false

remove card after authn: false

logoff: false

pre-logoff: false

TLS session Id channel binding: false

server certificate channel binding: false

include identity: true

include certificates: false

include address: true

include photo: true

include integrity data: false

require secure smart card reader: false

transaction message: null

Detecteren van eID kaart...

Gelieve uw eID kaart in te steken...

Scanning card terminal: THRC Smart Card Reader 0

eID card detected in card terminal : THRC Smart Card Reader 0

Authentiseren...

The java console on e-contract.be/eid-applet-test/identify.html:

cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@1ff8506

basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@dc51c8

basic: Plugin2ClassLoader.addURL parent called for https://www.e-contract.be/eid-applet-test/eid-applet-package-1.1.3.jar

Java Plug-in 10.51.2.13

Using JRE version 1.7.0_51-b13 Java HotSpot(TM) Client VM

User home directory = C:\Documents and Settings\Administrator

----------------------------------------------------

c: clear console window

f: finalize objects on finalization queue

g: garbage collect

h: display this help message

l: dump classloader list

m: print memory usage

o: trigger logging

q: hide console

r: reload policy configuration

s: dump system and deployment properties

t: dump thread list

v: dump thread stack

x: clear classloader cache

0-5: set trace level to <n>

----------------------------------------------------

network: Cache entry not found [url: https://www.e-contract.be/eid-applet-test/eid-applet-package-1.1.3.jar, version: null]

network: Connecting https://www.e-contract.be/eid-applet-test/eid-applet-package-1.1.3.jar with proxy=DIRECT

network: Cache entry not found [url: file:/C:/Program%20Files/Java/jre7/lib/ext/sunec.jar, version: null]

network: Cache entry not found [url: file:/C:/Program%20Files/Java/jre7/lib/ext/sunjce_provider.jar, version: null]

network: Connecting http://www.e-contract.be:443/ with proxy=DIRECT