tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antonio Fiol BonnĂ­n <fiol.bon...@terra.es>
Subject Re: bug in redirect to https
Date Thu, 26 Feb 2004 19:21:17 GMT
Could you please post your connector config?



Bernhard Wraase wrote:

> Hi,
>
> I found a bug in tomcat 5. I can reproduce it with tomcat 5.016, 5.018 
> and 5.019. Other versions of tomcat 5 I didn't test.
>
> Here is my testcase:
>
> create a folder under <tomcat5>/webapps (ie. sec-test)
> put a zip-file and/or a pdf-file in it (ie. a.pdf, b.zip)
> configure https with certificate and port in server.xml
> configure the redirect from http to https in server.xml
> configure the webapp
> start tomcat 5
>
> start IE 5.5 or 6.0
> try https://<servername>/sec-test/a.pdf
> try https://<servername>/sec-test/b.zip
>
> both works correctly
>
> Now the buggy behavior:
>
> add a web.xml with following part:
>      <security-constraint>
>       <web-resource-collection>
>         <web-resource-name>The Entire Web App</web-resource-name>
>         <url-pattern>/*</url-pattern>
>       </web-resource-collection>
>       <user-data-constraint>
>         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>       </user-data-constraint>
>     </security-constraint>
>
>
> Now it is not anymore possible to open or store neither the pdf-file 
> nor the zip-file with same url from above.
>
> "Internet Explorer cannot download a.pdf from localhost.
>  Internet Explorer was not able to open this Internet site. The 
> requested site is either unavailable or cannnot be found. Please try 
> again later."
>
> "Internet Explorer cannot download b.zip from localhost.
>  Internet Explorer was not able to open this Internet site. The 
> requested site is either unavailable or cannnot be found. Please try 
> again later."
>
> This happens only with IE 5.5 and 6.0, not with mozilla 1.6 or Opera 
> 7.23(tested).
> The same webapp works works correctly in tomcat 4.02, 4.04, 4.1.30(all 
> tested).
> I tested on solaris(8), linux(SuSe 8.1) and W2000, the behavior is the 
> same, means the operating system does not matter.
>
> Could this please anybody confirm?
>
> If somebody has a smart workarround or bugfix for tomcat 5 I 
> appreciate it very much.
> I try to understand the BaseAuthenticator(catalina.jar) since I 
> thought there would be the bug but I must confess that I failed:-(
>


Mime
View raw message