Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-25 Thread Remy Maucherat
Costin Manolache wrote: Remy Maucherat wrote: IE is still (unfortunately) the browser used by a lot of people, and if there is a way to work around IE brokeness - I think it's a good idea to do it. Complaining to M$ doesn't work - people will just end up buying IIS instead :-) Seriously, not

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-24 Thread Costin Manolache
Remy Maucherat wrote: Keith Wannamaker wrote: If no one else is concerned that Tomcat 5.5 doesn't work by default Any other nonsensical statement to make ? The only thing that does not work is opening third party documents from the website, due to IE's broken handling of this. How about a)

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-21 Thread Keith Wannamaker
No one has commented so I withdraw my (valid) veto and I'll roll back 5.0 per Remy's wish. I'm disappointed because I remember when Tomcat was an open-source project. Keith My veto of this change still stands, and it would be your responsibility of finding a fix more compatible with IE. If no

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
Keith Wannamaker wrote: I read: // FIXME: Disabled for Mozilla FORM support over SSL // (improper caching issue) Indeed (I now remember the issue), there would be serious issues should this not be the default. The issue here is, apparently, that Mozilla has a caching bug

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Keith Wannamaker
Remy, I have to -1 your change in AuthenticatorBase 1.13. You broke a larger case than you fixed -- Mozilla may work now but IE doesn't. See bugs 34083, 27122, 28662, 29336, 29975, and 30618 for the IE problem. Mozilla should be fixed in a way compatible with IE. By uncommenting !isSecure,

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
Keith Wannamaker wrote: If no one else is concerned that Tomcat 5.5 doesn't work by default Any other nonsensical statement to make ? The only thing that does not work is opening third party documents from the website, due to IE's broken handling of this. How about a) going whining at M$

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
[EMAIL PROTECTED] wrote: //this is the standard way to disable caching Note that I don't want to only disable proxy caching, but also any client caching by default (this can be disabled easily if you feel it is not needed - for example, put the auth configuration in /META-INF/context.xml) for

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
[EMAIL PROTECTED] wrote: keith 2005/04/19 07:06:24 Modified:catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java Log: [34083, 27122, 28662, 29336, 29975, and 30618] - invert so that securePagesWithPragma secures the pages with Pragma

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Keith Wannamaker
Remy Maucherat wrote: Thanks. If you can find precisely what the issue with Mozilla was, and certify the behavior is now correct in Firefox (= no stupid caching with SSL), then you can indeed uncomment the isSecure here: // FIXME: Disabled for Mozilla FORM support over SSL

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
Keith Wannamaker wrote: My veto of this change still stands, and it would be your responsibility of finding a fix more compatible with IE. If no one else besides me thinks IE compatibility is important, head of tree is fine and I will withdraw my veto. All right, I was wrong to offer a

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
[EMAIL PROTECTED] wrote: keith 2005/04/18 13:20:46 Modified:catalina/src/share/org/apache/catalina/authenticator Tag: TOMCAT_5_0 AuthenticatorBase.java Log: [34083 et al] For webapps with security constraints, we default to sending headers to disable

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Keith Wannamaker
If no one else weighs in on the root issue in a day or so, and you disagree with this change, I'll be happy to roll it back and/or backport 5.5 head of tree in its place. Keith Remy Maucherat wrote: [EMAIL PROTECTED] wrote: keith 2005/04/18 13:20:46 Modified:

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-19 Thread Remy Maucherat
Keith Wannamaker wrote: If no one else weighs in on the root issue in a day or so, and you disagree with this change, I'll be happy to roll it back and/or backport 5.5 head of tree in its place. You can of course backport the changes from head, which add configurability without changing the

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Remy Maucherat
[EMAIL PROTECTED] wrote: keith 2005/04/18 13:21:57 Modified:catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java Log: [34083 et al] For webapps with security constraints, we default to sending headers to disable caching. This is

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Keith Wannamaker
I'd like to omit pragma header by default. What specific client requires it? The community has identified a specific, widespread failure with the former code-- it did not work out of the box with IE under SSL.So, if we want to keep the pragma header the default, what are the reasons?

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Remy Maucherat
Keith Wannamaker wrote: I'd like to omit pragma header by default. What specific client requires it? The community has identified a specific, widespread failure with the former code-- it did not work out of the box with IE under SSL.So, if we want to keep the pragma header the default,

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Keith Wannamaker
Pragma has never been sent out on a secure connection until recently (rev 1.13) This is brand new behavior and it causes problems with IE under SSL. At the time you even said you'd be willing to roll it back. I'd be happy to leave cache-control to no-cache, it is the Pragma that is killing

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Remy Maucherat
Keith Wannamaker wrote: Pragma has never been sent out on a secure connection until recently (rev 1.13) This is brand new behavior and it causes problems with IE under SSL. At the time you even said you'd be willing to roll it back. Coincidentally, it was sufficiently long ago that I actually

Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator AuthenticatorBase.java

2005-04-18 Thread Keith Wannamaker
I read: // FIXME: Disabled for Mozilla FORM support over SSL // (improper caching issue) Indeed (I now remember the issue), there would be serious issues should this not be the default. The issue here is, apparently, that Mozilla has a caching bug we are working around,