The filter gets executed before tomcat's default servlet serves the content. The Filter itself would be pretty trivial, just place the code I posted in its doFilter(...) method and map it to *.doc in your members context.
Maybe it's more work than you were hoping for but considerably less than rewriting Tomcat's default servlet or tinkering with the code of the SingleSignOn feature.
Good luck,
Jon
Brad Hafichuk wrote:
I agree that that would work, but I'm not using any servlets to download the files, and thus have no where to place the code. I've basically just set up a folder, threw the word documents into it, and put a WEB-INF/web.xml (with security) in it as well. I was using apache's .htaccess before, but needed to move things to tomcat to use the single-signon.
Any other solutions out there?
Cheers, Brad
----- Original Message ----- From: "Jon Wingfield" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Thursday, August 12, 2004 6:09 AM
Subject: Re: Tomcat 4.1.30 adding no-cache to http headers
Yep. Tomcat (reasonably) adds these headers when the requested url is within a security constraint defined within the web.xml.
In all places on our site where pdf, excel, word docs etc can be downloaded we have the following code:
final String userAgent = request.getHeader("user-agent"); if (response.containsHeader("Pragma") && userAgent!=null && userAgent.toUpperCase().indexOf("MSIE")>-1) { response.setHeader("Pragma", "public"); }
This seems to have solved the issue for us. You could put the above code in a Filter mapped to your download urls in the members context.
HTH,
Jon
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]