Return-Path: Delivered-To: apmail-jakarta-tomcat-dev-archive@apache.org Received: (qmail 21814 invoked from network); 27 Feb 2002 09:57:40 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 27 Feb 2002 09:57:40 -0000 Received: (qmail 11092 invoked by uid 97); 27 Feb 2002 09:57:45 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-dev@jakarta.apache.org Received: (qmail 10995 invoked by uid 97); 27 Feb 2002 09:57:44 -0000 Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Developers List" Reply-To: "Tomcat Developers List" Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 10981 invoked from network); 27 Feb 2002 09:57:44 -0000 Message-ID: <53BA867E8830D411B61D0090279C1BB02607AE@althes01.althes.fr> From: Vincent Royer To: "'tomcat-dev@jakarta.apache.org'" Subject: Apache+SSL+mod_jk cache control headers issue Date: Wed, 27 Feb 2002 11:12:51 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hi, I can't download pdf,doc,xls ... file with IE through an HTTPS+BasicAuth connexion.=20 IE----SSL+Basic Auth------>Apache+mod_jk------------ajp13-------->tomcat4.0.2 I got an error as described in http://support.microsoft.com/default.aspx?scid=3Dkb;EN-US;q196505.=20 This is due to HTTP cache control headers returned by tomcat. When a page is downloaded with an authentication, the HTTP server set cache control headers (Pragma, Cache-Control, Expires) to avoid proxies to cache the page.In such case, this gives something like that : HTTP/1.1 200 OK Content-Type: application/pdf Content-Length: 111219 Date: Tue, 26 Feb 2002 16:20:32 GMT Pragma: No-cache Server: Apache Tomcat/4.0.2 (HTTP/1.1 Connector) Cache-Control: no-cache Last-Modified: Tue, 26 Feb 2002 16:13:27 GMT ETag: "111219-1014740007000" Expires: Thu, 01 Jan 1970 00:00:00 GMT When the page is downloaded through an HTTPS connexions, those cache control headers are not more needed because the document is encrypted ! Through the mod_jk connector (even with JkExtractSSL directive), tomcat always set cache control headers when Authentication is done.=20 I have done some tests with Apache. Cache control headers are not set when using SSL and Authentication and I have no problem with IE to download .pdf, .doc etc ... So, there might be something to correct in the Ajp13 connector... Bye, Vincent Royer Directeur Technique ALTHES "L'expertise s=E9curit=E9" 53 rue Albert Samain 59650 Villeneuve d'Ascq tel: 33 (0) 3.20.33.84.40 fax: 33 (0) 3.20.33.84.31 http://www.althes.fr *---------------------------------------------------------------* * Cet e-mail et toutes les pi=E8ces jointes sont destin=E9s aux * * seules personnes auxquelles ils sont sp=E9cifiquement adress=E9s * * et n'engagent que le signataire de ces documents et non la * * structure dont il d=E9pend. * * Leur existence et leur contenu ont un caract=E8re confidentiel. * * Toute utilisation ou diffusion non autoris=E9e est interdite. * * Si vous avez re=E7u cet e-mail ou si vous d=E9tenez sans en =EAtre * * le destinataire, nous vous demandons de bien vouloir nous en * * informer imm=E9diatement. * * Cette note assure que ce message a =E9t=E9 contr=F4l=E9 et ne * * comprenait aucun virus connu =E0 ce jour, n=E9anmoins tout * * message =E9lectronique est susceptible d'alt=E9ration. * * Nous d=E9clinons toute responsabilit=E9 au titre de ce message * * s'il a =E9t=E9 alt=E9r=E9, d=E9form=E9 ou falsifi=E9. = * *---------------------------------------------------------------* =20 -- To unsubscribe, e-mail: For additional commands, e-mail: