We have a situation where we seeing some double request for authentication from
WebLogic. Once on login and (sometimes) later when a link back to the web application
is selected by the user.

Here is the scenario: We are on WebLogic 7 SP5 and plan to migrate to WebLogic
8 in the next few months and use IE6 as the only browser. The web application
uses basic security using a specific LDAP group which forces the user to log in
and be authenticated prior to getting to the web application.

The web application has a page which contains a javascript function that opens
a modal window (uses window.showModalDialog) on another page. The modal page
has a URL link (yes, having a anchor on a modal window is allowed - bizarre, but
allowed (e.g., something like

abc

When the user selects the link for the first time, the there are two different
behaviors depending upon the setup:

- if the user has no other browser windows open, the link opens a new window on
top of the modal window (odd, but true) without any problems.

- if the user had a browser window open previously, then the user is given another
login prompt when they select the link on the modal page (e.g., the user initially
has a browser open on cnn.com and then opens another browser from the start menu,
connects to the web application logs-in, navigates to the first page, opens up
the modal window and selects the link on the modal window - the user is give a
second authentication prompt)

if we change the 'window.showModalDialog' to 'window.open', we get none of this
re-authentication behavior.

We would rather not have the second WebLogic authentication and still maintain
our modal windows. Does anyone have any ideas about why this behavior might be
occurring? Any ideas on how to solve this and continue using modal windows?


Thank you,

James