Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 78526 invoked from network); 7 Nov 2007 06:02:39 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Nov 2007 06:02:39 -0000 Received: (qmail 84615 invoked by uid 500); 7 Nov 2007 06:02:15 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 84545 invoked by uid 500); 7 Nov 2007 06:02:15 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 84534 invoked by uid 99); 7 Nov 2007 06:02:15 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Nov 2007 22:02:15 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [69.147.64.90] (HELO smtp117.sbc.mail.sp1.yahoo.com) (69.147.64.90) by apache.org (qpsmtpd/0.29) with SMTP; Wed, 07 Nov 2007 06:02:47 +0000 Received: (qmail 29700 invoked from network); 7 Nov 2007 06:01:52 -0000 Received: from unknown (HELO ?172.16.0.171?) (gabriel_wong@sbcglobal.net@71.129.145.165 with plain) by smtp117.sbc.mail.sp1.yahoo.com with SMTP; 7 Nov 2007 06:01:51 -0000 X-YMail-OSG: 61QgGpMVM1kSbyPjYKS56XHBoZN9.e2dq8RXozPKeHrhQP2Flx858UlqMwGSYgNoXQSl.AOwdvu6vuHYQLhuIFh9mMBmiAoWx5CViIxVhiRQ7emdKSbZ.uEOVmBXf_118Nv7vx7n3Jzi Message-ID: <473154C6.4010507@ngasi.com> Date: Tue, 06 Nov 2007 22:01:42 -0800 From: Gabe Wong User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: serving files through SSL References: <47314FD4.3010502@senanque.co.nz> In-Reply-To: <47314FD4.3010502@senanque.co.nz> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Roger Parkinson wrote: > I am trying to deliver some PDFs to the browser using my tomcat > application. It works, but not always under SSL and IE. > One file is a static PDF and it lives inside my war file. That works > just fine. The file is accessed using a url like /myapp/web/myfile.pdf > and that always delivers the file. > Other files are generated by the app and live in a configured > directory. They are delivered through a servlet that looks like this: > > String mimeType = sc.getMimeType(filename); > FileHelper helper = new FileHelper(); > InputStream in = helper.fetch(filename, m_dir); > response.setContentType(mimeType); > response.setContentLength(10115); > response.addHeader("ETag","W/\"963288-1194247031062"); > OutputStream out = response.getOutputStream(); > byte[] buf = new byte[1024]; > int count = 0; > while ((count = in.read(buf)) >= 0) > { > out.write(buf, 0, count); > } > in.close(); > out.close(); > > So apart from some minor fiddling with the contentType etc I don't do > very much. This works fine outside of SSL and it also works fine with > SSL and Firefox, but not SSL+IE. > Thinking it was a problem with headers I did some research and found a > lot of stuff about setting no cache etc. Tried it and it nothing made > any difference (except that I managed to break it). I have taken all > those out because the static file, the one I mentioned at first, is > delivering okay to IE over SSL so I don't believe there is a problem > at the IE end, or not one that cannot be overcome by getting my > response right at the server end. > > I used TCPMonitor to sniff the headers using non-SSL and found that > the static file has this response: > HTTP/1.1 200 OK > Server: Apache-Coyote/1.1 > ETag: W/"963288-1194247031062" > Last-Modified: Mon, 05 Nov 2007 07:17:11 GMT > Content-Type: application/pdf > Content-Length: 963288 > Date: Wed, 07 Nov 2007 04:54:39 GMT > ... pdf file follows > > So there doesn't seem to be too much going on there. > > When I respond to the request for the dynamic file it looks like this: > HTTP/1.1 200 OK > Server: Apache-Coyote/1.1 > Pragma: No-cache > Cache-Control: no-cache > Expires: Thu, 01 Jan 1970 12:00:00 NZST > ETag: W/"963288-1194247031062 > Content-Type: application/pdf > Content-Length: 10115 > Date: Wed, 07 Nov 2007 05:32:02 GMT > > ...pdf file follows. > > I am getting some cache headers added for free otherwise there is no > difference in the request. > Of course those headers may be making all the difference because IE's > message is 'cannot write the file to cache' which is a bit odd because > we've explicitly told it not to here. > Searching the web on this has a number of answers that suggest adding > those no-cache headers anyway. > > So, does anyone know what I need to do to make the two responses > enough the same to stop IE complaining? > I am aware that I have faked the ETag and the length of the file and > that I need to do something smarter there, but I'll do that when it > starts working. > > Version info: Tomcat 5.5, Java 1.5, WinXP SP2 > Are you calling the dynamic PDF URL directly? For instance typing in the URL directly in the browser? The reason I am asking, is that for mixed responses from SSL requests, IE puts up a warning, whereas FF does not. -- Regards Gabe Wong NGASI AppServer Manager Application server installation and configuration AUTOMATION http://www.ngasi.com --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org