>I can't download pdf,doc,xls ... file with IE through an >HTTPS+BasicAuth >connexion. >IE----SSL+Basic >Auth------>Apache+mod_jk------------ajp13-------->tomcat4.0.2 > >I got an error as described in >http://support.microsoft.com/default.aspx?scid=kb;EN-US;q196505.
There is real problem with IE in SSL mode, and particulary downloading pdf document where you have to play with headers between IE 4, IE 5 and IE 6. >This is due to HTTP cache control headers returned by tomcat. >When a page is >downloaded with an authentication, the HTTP server set cache >control headers >(Pragma, Cache-Control, Expires) to avoid proxies to cache the >page.In such >case, this gives something like that : > >HTTP/1.1 200 OK >Content-Type: application/pdf >Content-Length: 111219 >Date: Tue, 26 Feb 2002 16:20:32 GMT >Pragma: No-cache >Server: Apache Tomcat/4.0.2 (HTTP/1.1 Connector) >Cache-Control: no-cache >Last-Modified: Tue, 26 Feb 2002 16:13:27 GMT >ETag: "111219-1014740007000" >Expires: Thu, 01 Jan 1970 00:00:00 GMT > >When the page is downloaded through an HTTPS connexions, those >cache control >headers are not more needed because the document is encrypted >! Through the >mod_jk connector (even with JkExtractSSL directive), tomcat >always set cache >control headers when Authentication is done. > >I have done some tests with Apache. Cache control headers are >not set when >using SSL and Authentication and I have no problem with IE to >download .pdf, >.doc etc ... >So, there might be something to correct in the Ajp13 connector... Yes, we have to detect we're on a secure connection and remove the cache control headers. Seems to be implemented in Tomcat rather in mod_jk/ajp13 since the same behaviour is required in java http connector in secure mode. Could you try to use mod_jk from jakarta-tomcat-connectors against TC 3.3 and TC 4.0.2 ? -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
