Re: Back to the "nonsecure items" problem

[Oscar Carrillo <to...@daydream.stanford.edu>]

Hi,

I've noticed this too when including a Flash application.

I noticed that only IE complains. Mozilla doesn't. Is this the same case 
for you?

Oscar

On Tue, 3 Feb 2004, Wendy Smoak wrote:

> 
> I'm trying to serve a PDF from a Servlet and I'm getting the "This page
> contains both secure and nonsecure items. Do you want to display the
> nonsecure items" prompt from IE.
> 
> This is a confidential accounting report, so that just won't do!  I was
> hoping that when I put the webapp behind Apache, that the warning would
> magically go away since Apache would handle encrypting the transmission
> back to the client browser, but that does not seem to be the case.
> 
> The Apache HTTP server does have a Thawte certificate.  My next idea is
> to try to install that same certificate on Tomcat.  But I don't think
> that's going to do it entirely.
> 
> Here's some of the code that writes out the PDF:
> 
>       ByteArrayOutputStream baosPDF = null;
>       ...
>       ServletOutputStream sos;
>       sos = resp.getOutputStream();
>       baosPDF.writeTo( sos );
> 
> Can someone give me a pointer on what would have to change to encrypt
> the PDF so that the browser will stop complaining about nonsecure items?
> I can't have the 'nonsecure items' prompt, and I assume I will need a
> known good certificate-- can I use the same one that we're using on
> Apache?
> 
> Or am I headed in a completely wrong direction?  We've discussed this
> here before, and in the meantime I've gotten a handful of inquiries
> wondering if I solved the problem.  As far as I know, it's still an open
> question.
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org