Rupert Whitefield wrote:
So moved onto my next problem, which is why when securing the URL via
HTTPS, everything works great , but IE can no longer 'find' the Java Web
Start application..... And it worked on same port with HTTP. Sigh.
Looking into it.
This sounds like the caching problem in IE. Caching has to be disabled
because of the <insert your favourite expletive here> stupid way IE handles
downloads. It downloads them to a temporary location and then opens them in
the specified application or copies them to where the user specified. IE
treats this temporary location as a cache. The problem is that secure
content is marked as non-cacheable so IE obeys this instruction and deletes
it from the temporary location as soon as the download finishes. This means
when the app tries to open the file it isn't there. The two options to fix
this are:
1. disableProxyCaching="false"
Disables all caching. I have concerns about this. As long as there are no
proxies / web caches on the network you should be fine. If there is a
proxy / cache then you may well hit issues with people being able to access
content they shouldn't.
2. securePagesWithPragma="false"
This only allows caching if the cache is private to the user (as it is with
the IE download 'cache'). This should work and does not present any issues
with web proxies / caches as long as they obey the 'don't put this in a
shared cache' headers (which any off the shelf cache should).
Either of these options can be set on the authenticator. Eg:
<Context>
<Valve className="org.apache.catalina.authenticator.BasicAuthenticator"
disableProxyCaching="false" />
</Context>
Hope this helps,
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
