tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bernhard Wraase ...@netkosmos.de>
Subject Re: bug in redirect to https
Date Fri, 27 Feb 2004 09:35:33 GMT
> See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27122.
This seems to me as a different bug.
Martin says that this problem is only on solaris present.


In my case these Url works with IE 5.5 and 6.0 correctly:

http://<servername>/sec-test/a.pdf
http://<servername>/sec-test/b.zip
https://<servername>/sec-test/a.pdf
https://<servername>/sec-test/b.zip

When I activate this in web.xml:
      <security-constraint>
       <web-resource-collection>
         <web-resource-name>The Entire Web App</web-resource-name>
         <url-pattern>/*</url-pattern>
       </web-resource-collection>
       <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
     </security-constraint>

then the problem arise.
I started for every request the IE new.

When I remove this security constraint, the buggy behavior diappear.

Again, the same webapp runs with tomcat 4.02, 4.04, 4.1.30 and this 
security constraint(redirect) without any problem.
The operating system that I tested was solaris, linuy and W2000.
They had no influence to the problem.

It seems to be the redirect from http to https which causes the issue.
-- 
Regards Bernhard Wraase


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message