File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes ServletOutputStream on HTTPS connection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "ServletOutputStream on HTTPS connection" Watch "ServletOutputStream on HTTPS connection" New topic
Author

ServletOutputStream on HTTPS connection

Eric Lim
Greenhorn

Joined: Apr 01, 2002
Posts: 19
Hi,
We have a servlet that streams a PDF file into the ServletOutputStream of the response object. We set the content type in the header to be application/pdf. There is nothing special in the logic and there is nothing else in the response object except this stream of binary file.
However, when the application is run using https connection the browser would always issue a warning message "This page contains both secure and non-secure items. Would you like to view the non-secure items?" Clicking Yes (or No!) actually displays the PDF.
But why is this? Does it mean that the binary stream is not encrypted automatically if using ServletOutputStream (thus making it a non-secure item in the page)? What do we need to do to ensure that the file we send through ServletOutputStream will be automatically encrypted when viewed in an https connection?
Please help.
Thanks
Eric
Eric Lim
Greenhorn

Joined: Apr 01, 2002
Posts: 19
Hi,
I forgot to mention in my previous post that the problem only occurs if the request is a result of a POST method. When streaming the PDF on a GET, the problem does not occur.
thanks
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: ServletOutputStream on HTTPS connection
 
Similar Threads
help me to skip the message "web page containse both secure and non-secure items".
Removing warning message for nonsecure items
Securing only login page
SAML exception | Spring SSO
Switching from https to http - this one again