I am using JBoss BASIC Authentication/Authorization (user.properties & roles.properties) for my web application. I have an applet that lives inside a jsp/ directory. In one of the web page, when I click at a button, it will launch the applet in a new window. I noticed that when loading the applet jar file:
1. I was prompted for usesname & password again
2. my HttpSession was invalidated
I moved the applet outside my web application into a publicly accessible web directory and again it asked me to authenticate (I don't understand why it needs to given that the applet is outside the webapp) and my session was invalidated. Has anybody come across that and have an explanation for it.
I am using IE 6.0.28 on Windows XP. I have also tested this in Netscape 7 and got the same result. Thanks.