From tomcat-user-return-82245-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org Thu Oct 30 22:24:25 2003 Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 15280 invoked from network); 30 Oct 2003 22:24:25 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 30 Oct 2003 22:24:25 -0000 Received: (qmail 42545 invoked by uid 500); 30 Oct 2003 22:23:52 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 42510 invoked by uid 500); 30 Oct 2003 22:23:52 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 42497 invoked from network); 30 Oct 2003 22:23:51 -0000 Received: from unknown (HELO hotmail.com) (64.4.8.18) by daedalus.apache.org with SMTP; 30 Oct 2003 22:23:51 -0000 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 30 Oct 2003 14:23:58 -0800 Received: from 69.140.132.175 by law9-oe46.law9.hotmail.com with DAV; Thu, 30 Oct 2003 22:23:58 +0000 X-Originating-IP: [69.140.132.175] X-Originating-Email: [rom_construct@hotmail.com] From: "Rom Construct" To: Subject: Using SSL and Tomcat 4.1.27, IE6 reports servlet outputstream is not encrypted Date: Thu, 30 Oct 2003 17:25:01 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Message-ID: X-OriginalArrivalTime: 30 Oct 2003 22:23:58.0397 (UTC) FILETIME=[8326A6D0:01C39F34] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Hello, I have enabled SSL in Tomcat 4.1.27 and all of my static pages: html, xsd, etc. are encrypted fine. However, when I access an html page that was written directly to the servlet outputstream (rather than a redirect to a jsp or a static page), IE6 reports that the connection is not encrypted although I the protocol is still https. A section of my web.xml appears below: MainServlet /servlet Application /static-pages/* /servlet default_role CONFIDENTIAL To summarize: Using the https protocol, the login page and all pages under https://xxx:443/context/static-pages/* are reported as encrypted but the outputstream from the servlet under https://xxx:443/context/servlet?param=value is reported as unencrypted. In fact, each time I access a dynamic page, the encryption icon in IE6 flashes on, then off. I am starting to think that IE6 may be mis-reporting the encryption state of the dynamically generated pages. thank you, Nathan Freeling --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org