I need help understanding where this is falling apart. Apache HTTP Server & Tomcat 4.1.24 on HP-UX.
Previously, we created pdf's, placed them on the web server, and redirected the browser to https://example.com/user/some.pdf so that Apache would serve them up over SSL. Now, however, I'm trying to avoid jumping through so many hoops, and am using iText to generate the PDF and attempting to send it directly to the browser. So the Struts webapp does its thing, then forwards to /pdf with some information in the session. That means Tomcat is serving the PDF, with this code in a Servlet: ByteArrayOutputStream baosPDF = null; baosPDF = generatePDFDocumentBytes( ... ); ServletOutputStream sos; sos = resp.getOutputStream(); baosPDF.writeTo( sos ); It works fine, but I get a browser (IE6) prompt saying "This page contains both secure and nonsecure items. " Because I'm forwarding, the URL in the browser is still https://, but I don't think the pdf data is being encrypted. Can someone help me sort this out? Do I need to use different code to write the pdf out to the browser? I think Apache is handling the encryption during the normal request/response cycles, but because I'm taking over the output stream, am I avoiding Apache on this last response when the pdf goes out? Thanks, -- Wendy Smoak Application Systems Analyst, Sr. ASU IA Information Resources Management --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
