We have a web application using JBoss.4.0.0 and Apache 1.3.
Everything worked fine without any web authentication.
I have just added the Basic Authentication by creating roles.properties and users.properties and adding the following lines in the web.xml:

<security-constraint>
 <web-resource-collection>
 <web-resource-name>resource_name</web-resource-name>
 <description>my_site</description>
 <url-pattern>/*</url-pattern>
 <http-method>GET</http-method>
 <http-method>POST</http-method>
 </web-resource-collection>
 <auth-constraint>
 <role-name>role_name</role-name>
 </auth-constraint>
 </security-constraint>
<login-config>
 <auth-method>BASIC</auth-method>
 <realm-name>real_name</realm-name>
</login-config>
<security-role>
 <role-name>role_name</role-name>
</security-role>

Everything is still working fine except that I cannot download a PDF from our server if I use IE 6.0.

When I clicked on the PDF file link, I got a dialog which shows the file name, file type (Adobe Acrobat Control for ActiveX), and the server IP; it also asks me if I want to save or open the file with a warning

This type of file could harm your computer if it contains malicious code

and both Save and Open buttons return an error

Internet Explorer was not able to open this Internet site. The requested site is either unavailable or cannot be found

But I can download a PDF from our server if I use other prowser (e.g. Safari) without any problem.

Does anyone know why I am having this problem? I appreciate any ideas and any help.