You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ed Marshall <em...@Cherrycorp.com> on 2008/06/24 21:32:02 UTC
User Authentication - IE doesn't recognize mime type (pdf, xls)
of files in protected directory
Problem: When accessing files other than a .jsp (pdf, xls, etc.) within
the protected directory, the browser does not recognize the mime type
and does not allow me to open the file. Pdf and xls files that are not
in protected folders can be opened without any problem.
Error Message: The file you are downloading cannot be opened by the
default program. It is either corrupted etc., etc.
Tomcat versions: I encounter this problem with either Tomcat 4.1 and
5.5
Authentication setup: Tomcat example Form-based auth. (ie.
/jsp-examples/security/protected)
I have the same problem whether using
BASIC or FORM (I don't run SSL)
Sequence of events:
1. I enter URL to access index.jsp in protected folder
(http://myServerName:8080/jsp-examples/security/protected/index.jsp)
2. The login form is displayed
3. I enter the userid and password (tomcat, tomcat) and click the
"Log In" button
4. The index.jsp file displays normally showing a successful login.
5. I enter URL to access a pdf file in the protected folder
(http://myServerName:8080/jsp-examples/security/protected/testfile.pdf)
6. IE displays a pop-up that gives me only Save and Cancel choices,
but no Open button. The message states that "The file you are
downloading cannot be opened by the default program. It is either
corrupted ...etc. etc.
A variation of the problem:
1. I enter URL to access testfile.pdf in protected folder
(http://myServerName:8080/jsp-examples/security/protected/testfile.pdf)
2. The login form is displayed
3. I enter the userid and password (tomcat, tomcat) and click the "Log
In" button
4. The pdf file opens normally within IE. Great!!!
5. I enter URl to access a different pdf file within the
protected directory
(http://myServerName:8080/jsp-examples/security/protected/testfile2.pdf)
6. IE displays a pop-up that gives me only Save and Cancel choices,
but no Open button. The message states that "The file you are
downloading cannot be opened by the default program. It is either
corrupted ...etc. etc.
In Summary:
I can't implement Tomcat's User Authentication if pdf files can't be
opened from a protected directory. My setup is straight out of the box,
so I can't figure out what could be making this happen. I have spent
days searching the web looking for a solution without success. Please,
if anyone can help... I don't know what else to try.
The information contained in this e-mail is confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copy or use of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify us immediately at the e-mail address above and delete the original message. Thank you.
RE: User Authentication - IE doesn't recognize mime type (pdf,xls)of files in protected directory
Posted by Steve Ochani <oc...@ncc.edu>.
On 25 Jun 2008 at 13:45, Ed Marshall wrote:
Date sent: Wed, 25 Jun 2008 13:45:42 -0500
From: Ed Marshall <em...@Cherrycorp.com>
Subject: RE: User Authentication - IE doesn't recognize mime type (pdf,xls)of
files in protected directory
To: Tomcat Users List <us...@tomcat.apache.org>
Send reply to: Tomcat Users List <us...@tomcat.apache.org>
> Thanks so much Chuck. Eliminating the no-cache headers did the
> job.
>
> An interesting footnote: Adding the following line to Context.xml
> within
> META-INF worked as expected.
> <Valve
> className="org.apache.catalina.authenticator.FormAuthenticator"
> disableProxyCaching="false" />
>
> However, when I copy the same code from META-INF/Context.xml to
> conf/server.xml (of course adding docBase and path) and then
> delete
> META-INF/Context.xml, the "Valve" has no affect on the Headers.
>
> I expected the results to have been the same. Just curious.
>
Did you restart tomcat?
BTW if using Tomcat 5 or 6 it isn't recommended to put context info into server.xml
http://tomcat.apache.org/tomcat-6.0-doc/config/printer/context.html
http://tomcat.apache.org/tomcat-5.5-doc/config/context.html
-Steve O.
> Thanks again for pointing me in the right direction!
> Ed
>
>
>
> -----Original Message-----
> From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
> Sent: Tuesday, June 24, 2008 6:47 PM
> To: Tomcat Users List
> Subject: RE: User Authentication - IE doesn't recognize mime type
> (pdf,xls)of files in protected directory
>
> > From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> > Subject: RE: User Authentication - IE doesn't recognize mime
> > type (pdf,xls)of files in protected directory
> >
> > But when I'm already logged in, IE will never display the pdf.
> > So it seems that Tomcat is behaving differently in each case.
>
> It's not Tomcat - it's Microsoft's less than brilliant
> interpretation of
> the HTTP RFC, coupled with IE's erratic implementation. You need to
> get
> rid of the no-cache headers; this should let IE open the file in
> situ.
>
> - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE
> PROPRIETARY
> MATERIAL and is thus for use only by the intended recipient. If
> you
> received this in error, please contact the sender and delete the
> e-mail
> and its attachments from all computers.
>
> --------------------------------------------------------------------
> -
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> The information contained in this e-mail is confidential information
> intended only for the use of the individual or entity named above.
> If the reader of this message is not the intended recipient, you are
> hereby notified that any dissemination, distribution, copy or use of
> this e-mail is strictly prohibited. If you have received this
> e-mail in error, please notify us immediately at the e-mail address
> above and delete the original message. Thank you.
>
>
> --------------------------------------------------------------------
> -
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: User Authentication - IE doesn't recognize mime type(pdf,xls)of
files in protected directory
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> Subject: RE: User Authentication - IE doesn't recognize mime
> type(pdf,xls)of files in protected directory
>
> However, when I copy the same code from META-INF/Context.xml to
> conf/server.xml
That is strongly discouraged these days - it would be a real step backwards. Doubt if you'll get anyone terribly interested in looking at that setup.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: User Authentication - IE doesn't recognize mime type
(pdf,xls)of files in protected directory
Posted by Ed Marshall <em...@Cherrycorp.com>.
Thanks so much Chuck. Eliminating the no-cache headers did the job.
An interesting footnote: Adding the following line to Context.xml within
META-INF worked as expected.
<Valve
className="org.apache.catalina.authenticator.FormAuthenticator"
disableProxyCaching="false" />
However, when I copy the same code from META-INF/Context.xml to
conf/server.xml (of course adding docBase and path) and then delete
META-INF/Context.xml, the "Valve" has no affect on the Headers.
I expected the results to have been the same. Just curious.
Thanks again for pointing me in the right direction!
Ed
-----Original Message-----
From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
Sent: Tuesday, June 24, 2008 6:47 PM
To: Tomcat Users List
Subject: RE: User Authentication - IE doesn't recognize mime type
(pdf,xls)of files in protected directory
> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> Subject: RE: User Authentication - IE doesn't recognize mime
> type (pdf,xls)of files in protected directory
>
> But when I'm already logged in, IE will never display the pdf.
> So it seems that Tomcat is behaving differently in each case.
It's not Tomcat - it's Microsoft's less than brilliant interpretation of
the HTTP RFC, coupled with IE's erratic implementation. You need to get
rid of the no-cache headers; this should let IE open the file in situ.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
The information contained in this e-mail is confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copy or use of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify us immediately at the e-mail address above and delete the original message. Thank you.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: User Authentication - IE doesn't recognize mime type (pdf,xls)of
files in protected directory
Posted by André Warnier <aw...@ice-sa.com>.
Caldarale, Charles R wrote:
>> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
>> Subject: RE: User Authentication - IE doesn't recognize mime
>> type (pdf,xls)of files in protected directory
>>
>> But when I'm already logged in, IE will never display the pdf.
>> So it seems that Tomcat is behaving differently in each case.
>
> It's not Tomcat - it's Microsoft's less than brilliant interpretation of the HTTP RFC, coupled with IE's erratic implementation. You need to get rid of the no-cache headers; this should let IE open the file in situ.
>
I agree 100% with the above.
The erratic behaviour of IE across versions, subversions, patches, etc..
with respect to the Content-Type and Content-disposition HTTP headers is
the subject of uncountable articles in newgroups and pages on the web,
and cost uncountable hours of work to developers.
In other words, it's broken and it's a mess.
(search Google for : IE +"Content-type" to get an idea)
Even on 2 PCs with exactly the same version of IE, the behaviour will
sometimes be different depending on the other programs installed on that PC.
I know this will sound as hocus-pocus, but please try it :
If you have any of the Acrobat programs installed on that PC, and if it
is possible without major work, then
- de-install the Acrobat program
- reboot your PC
- re-install the same Acrobat program
and try again. The chances are good that the behaviour of IE will change.
André
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: User Authentication - IE doesn't recognize mime type
(pdf,xls)of files in protected directory
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> Subject: RE: User Authentication - IE doesn't recognize mime
> type (pdf,xls)of files in protected directory
>
> But when I'm already logged in, IE will never display the pdf.
> So it seems that Tomcat is behaving differently in each case.
It's not Tomcat - it's Microsoft's less than brilliant interpretation of the HTTP RFC, coupled with IE's erratic implementation. You need to get rid of the no-cache headers; this should let IE open the file in situ.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: User Authentication - IE doesn't recognize mime type (pdf,
xls)of files in protected directory
Posted by Ed Marshall <em...@Cherrycorp.com>.
Chuck,
Thanks for reply. Yes, it does work with Firefox. Using an http
viewer, I repeated my test with IE where the pdf displayed the first
time but not the second time. That is, I
1) entered url xxx/xxx/testfile1.pdf
2) got the login form, logged in, and then the pdf displayed ok.
3) but then entered xxx/xxx/testfile2.pdf and got the pop-up message.
Both times (when the pdf displays and when it doesn't), the
Cache-Control was no-cache as you suggested. However, the pdf always
displays when the j_security_check Posts the request after the initial
login. But when I'm already logged in, IE will never display the pdf.
So it seems that Tomcat is behaving differently in each case. Just
can't see what it is.
WHAT STANDS OUT: The Request Header "Accept" field includes many
entries (eg application/vnd.ms-excel, etc) and the */* when it works.
However Accept only includes */* when it fails. I thought */* means
Accept everything.
Anyway, I'll browse the archives as you suggested to see what I can
find. Thanks very much,
Ed
-----Original Message-----
From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]
Sent: Tuesday, June 24, 2008 2:56 PM
To: Tomcat Users List
Subject: RE: User Authentication - IE doesn't recognize mime type (pdf,
xls)of files in protected directory
> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> Subject: User Authentication - IE doesn't recognize mime type
> (pdf, xls)of files in protected directory
>
> Problem: When accessing files other than a .jsp (pdf,
> xls, etc.) within the protected directory, the browser
> does not recognize the mime type and does not allow me
> to open the file.
Does it work with Firefox?
Look at the HTTP headers being returned with the file; if they contain a
Cache-Control setting of no-cache, IE will not hang onto the file long
enough to let an application open it. It's also possible that an
incorrect mime type is being returned with the file.
You can browse the archives for "pdf" and "cache" and see lots of
traffic about this IE "feature".
http://marc.info/?l=tomcat-user&w=2&r=1&s=pdf+cache&q=b
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
The information contained in this e-mail is confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copy or use of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify us immediately at the e-mail address above and delete the original message. Thank you.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: User Authentication - IE doesn't recognize mime type (pdf,
xls)of files in protected directory
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Ed Marshall [mailto:emarshall@Cherrycorp.com]
> Subject: User Authentication - IE doesn't recognize mime type
> (pdf, xls)of files in protected directory
>
> Problem: When accessing files other than a .jsp (pdf,
> xls, etc.) within the protected directory, the browser
> does not recognize the mime type and does not allow me
> to open the file.
Does it work with Firefox?
Look at the HTTP headers being returned with the file; if they contain a Cache-Control setting of no-cache, IE will not hang onto the file long enough to let an application open it. It's also possible that an incorrect mime type is being returned with the file.
You can browse the archives for "pdf" and "cache" and see lots of traffic about this IE "feature".
http://marc.info/?l=tomcat-user&w=2&r=1&s=pdf+cache&q=b
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org