Hi Gregor, First, thank you VERY much for taking the time to respond!
On 11/29/06, Gregor Schneider <[EMAIL PROTECTED]> wrote:
below is a Filter-Example which we've used to add an Expires-Header. It adds the current month + one month, so that the content should be cached in any way:
I'll compile this filter and try it out...then I'll see if I can customize it ;)
This is a snippedt from the web.xml (you'll have to add it into all your servlets that should use this filter: ... After compiling your Filter, just put it into the according WEB-INF/lib-directory.
Alrighty...I'll apply it to the pertinent servlets in this fashion. A question on this: Is there a way to apply this, blanket-fashion, to all servlets in one shot?
However, there's a pitfall: ... Please also have a look at my post in this mailing-list "Hint: Tomcat, Form-Login and HTTP 408-Error" Now coming to your question about 3rd party-apps not being launched by IE when running SSL (such as pdf's): There's a known bug of IE described in the MS Knowledge-base (too lazy too look up the URL for you), howver, there's a workaround: Usually, we send the headers "Connection: Keep-Alive" and "Keep-Alive: timeout=15,max=83 However, when it comes to third-party-components like PDF, we change this via a rule in Apache: We send the header "Connection:close", and it works perfectly. ... Header unset Pragma
Before posting, I had been curious about whether mod_headers would allow the Pragma and Cache-control headers to be overwritten/removed using unset. I found that I could append to headers using set, add new headers but not remove the ones I wanted to. I'll try all that you've suggested here, but have this question as a result of those earlier trials: Is this behaviour due to mod_headers only being able to unset headers that originate from apache itself, and the Pragma: no-cache headers that came from Tomcat would simply pass through (or be appended to), or is there another behaviour at foot here?
Coming to issue 2: Your config looks a bit awkward:
Agreed!
Usually, Apache in front, you must not configure Tomcat to run SSL. this is done by Apache. Apache connects to Tomcat via mod_jk. We have this config and do not experience any performance-issue (however, we're running on a "real OS" like Linux ;)
*chuckles*...fair enough ;). Yes, that was my understanding of how SSL should be set up, with Tomcat only using SSL if it existed across an untrusted network from the Apache front end. I definitely want to make sure that Tomcat is not using SSL, which would likely have been trivial if starting from scratch. Coming to an already running server, though, I was curious about what I should look for as far as different ways that Tomcat could bring SSL into the picture, so that I can eliminate them :) For example, would a <connector> with a redirectPort=443 do this? Can it only be set up to use SSL through services/connectors in server.xml? (i.e. Are there only specific places that I should look, or could it come in a variety of forms, from anywhere in the root and servlet configuration information?)
Hope that gives you a start
Very much so...and thanks again! --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
