Servoy 4.1 on Centos
Ok,
I have spent days working out the reason for the IE bug that prevents downloads of PDF’s and JNLPS (ie the servoy client) over SSL. The download fails when the server responds with:
Pragma: no-cache
Proxy: no-cache
in the headers. This causes IE to refuse to save to disk and the download fails. Firefox has no problems but lots of clients use IE so this bug breaks the servoy rich client over SSL. There are a number of Technet articles on the subject; but getting every user to edit their registry is not an option
One of the fixes is to stop tomcat sending those headers to the browser. I have spent several days working on this and discovered that this can be done by:
creating a context.xml file in the …conf folder:
WEB-INF/web.xml
when servoy is loaded with this context.xml it does prevent the no-cache headers being sent for most content - eg /images etc. I can verify this by looking at browser traces. So I know the context.xml is being read and working. The problem is that for some reason the file has no effect on the servoy client download URL, with the conseuence that the client sitll fails under IE. here’s the browser conversation:
So why doesnt the context.xml get applied to /servoy-client/servoy_client.jnlp when it is applied to everything else? How can I get it applied?
I am so close to the answer I can nearly touch it…if anyone can point out the last piece in the puzzle that would be great.
Thanks
al
servoy_client.jnlp is a servlet written by us and generates dynamic content, therefor we concluded it was required to set no cache headers, but doing some testing after this question it seems its enough to set the expire header to 5 seconds in the future, this should solve your problem with https.
We will let you know when we have a build available to test this.
We consider this a workarround for IE browser, we could merge this to 3.5.8 as well, if really needed.
This just has never bin reported/asked for/against Servoy 3.5.x
Jan Blok:
We consider this a workarround for IE browser, we could merge this to 3.5.8 as well, if really needed.
This just has never bin reported/asked for/against Servoy 3.5.x
Just a follow up to confirm that the new build works perfectly. IE users can now download and run the client without issues over SSL.
Note - for anyone running into this issue in addition to using the latest modified servoy build you need to make a config change to your tomcat on the server to stop it (ie tomcat) adding the no-cache header and causing the same problem. You achieve this by:
edit /usr/local/servoy/application_server/conf/context.xml file as follows:
WEB-INF/web.xml
then restart hhtpd + servoy. I was lazy and turned the cache header thing off for all authenticaiton mechanisms - you probably only need it for one (SSL?) but I couldn’t be bothered to work out which.
Anyway problem is now resolved for IE users.
al.
alb:
Just a follow up to confirm that the new build works perfectly. IE users can now download and run the client without issues over SSL.
Note - for anyone running into this issue in addition to using the latest modified servoy build you need to make a config change to your tomcat on the server to stop it (ie tomcat) adding the no-cache header and causing the same problem. You achieve this by:
edit /usr/local/servoy/application_server/conf/context.xml file as follows:
WEB-INF/web.xml
then restart hhtpd + servoy. I was lazy and turned the cache header thing off for all authenticaiton mechanisms - you probably only need it for one (SSL?) but I couldn’t be bothered to work out which.
Anyway problem is now resolved for IE users.
al.
Hi Al,
we came across the same issue here, IE8 refuses to download the jnlp with a valid SSL certificate (IE7, IE9 and other browsers work fine)
You say your restart httpd AND servoy, but are using somekind of other mod-proxy server in front, like tomcat, or Apache? or are we talking here about plain Servoy? (with tomcat ofcourse)
and last but not least, does this apply also for Servoy 6.0.8?