Java Plug-in supports HTTP, FTP, and GOPHER protocols, including built-in proxy
configuration support.
HTTPS
Introduction
HTTPS is supported in Java Plug-in through Java Secure Socket Extension (JSEE),
which provides a Java implementation of SSL and HTTPS for the Java platform.
Error handling support
When accessing an HTTPS server, errors may occur. Java Plug-in has hooked into
JSSE to provide the following types of error handling:
Hostname mismatch: If the HTTPS server host name does not match the
name on the server certificate, a warning dialog will appear.
Untrusted server certificate: If the server certificate can not be
verified during the SSL handshaking, a warning dialog will appear.
Untrusted client certificate: In case client authentication is required
by the server and the client certificate cannot be verified, a warning dialog
will be appear.
Server authentication: If the client accesses a protected directory
on the HTTPS server, the users will be prompted for a username and password.
Note: Only basic authentication is currently
supported.
Potential issues with HTTPS through JSSE
Although support of HTTPS through JSSE eliminates many browser-specific problems,
there are several issues that developers should be aware of:
Untrusted server certificate: When SSL handshaking takes place in
establishing an HTTPS connection, the server certificate is verified against
the root CA store in Java SE. However, Java SE supports fewer root CA certificates
than does the browser. As a result, you may have problems with untrusted server
certificates.
Client authentication: Java Plugin supports browser keystore in JRE 1.5 or later. With browser keystore client authentication of HTTPS server is performed differently for Internet Explorer and Mozilla family browsers. For Internet Explorer the certificate is not imported into the JRE keystore. For Mozilla family browsers, a JSS package should be installed to read the certificate from the Mozilla keystore. By default browser keystore support is turned on.
Level of error handling: Java Plug-in currently handles the types
of error listed in the previous section. However, if there are additional
types of error that Java Plug-in doesn't recognize, the Java applet code may
break.
Socks
Java Plug-in currently supports SOCKS version 4.
Note: For HTTP/HTTPS, a SOCKS proxy server may
be used with a web proxy server to add caching. The behavior, however, may differ
from that observed when running a similar configuration in a browser without
Java Plug-in.
NTLM Authentication
Java Plug-in supports NTLM authentication protocol for HTTP/HTTPS. When attempting
to access a server requiring NTLM authentication, the following dialog is displayed:
To authenticate enter User Name, Password and the Domain in the respective fields.