DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8923>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8923 writing to response.getOutputStream() over SSL doesn't work ------- Additional Comments From [EMAIL PROTECTED] 2002-05-09 18:46 ------- I've done some more investigation... the problem only occurs when we run the server with a security constraint for the whole server. Here's the security constraint section from our web.xml: <security-constraint> <web-resource-collection> <web-resource-name> Troux Secure Area </web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>trouxuser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> When we run the server with this constraint, any Struts action which sets an unusual content type fails... the user is prompted to open or save the file, but then Internet Explorer says it can't download the file. I'll attach an example struts action that demonstrates this. When we comment out the security constraint, everything runs fine. Also, when we run a simple servlet that does exactly the same thing (without using Struts), it runs as expected if there's no security constraint, but if there is a security constraint, Internet Explorer opens the response (even though the response headers should tell it to send the file down to the user.) I'll also attach a servlet demonstrating this. I've tried using Coyote connectors -- didn't help. Where can we get Tomcat 4.1.0? I only see links to Tomcat 4.0.x from the Tomcat website. Thanks for your help, Dan Rodney -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
