You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Adrian Sutton <ad...@symphonious.net> on 2007/06/26 00:08:24 UTC
no-cache Headers In Authenticated Zones
Hi all,
It seems that Tomcat automatically adds Pragma: no-cache and a pre-
dated Expires header whenever the user requests a page that requires
container-based authentication. This has come up on the mailing list
in the past:
http://mail-archives.apache.org/mod_mbox/tomcat-users/200504.mbox/%
3C5AF8976357316F4798EAAFE5A4DBB5F602E8D3@swrmc_mail.swrmc.navy.mil%3E
the solution given however is for a form-based login and we're using
basic authentication and I've been unable to adapt the solution to
work for us. I'd like to stop Tomcat from adding any caching
directives and handle it manually in my webapp. I can setup a filter
to modify the response headers, but I can't find a way to remove
those headers - only to modify their values which doesn't seem to be
enough to get browsers to cache the content.
We're running Tomcat 5.5. Any help would be greatly appreciated.
Regards,
Adrian Sutton
http://www.symphonious.net
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: no-cache Headers In Authenticated Zones
Posted by Bill Barker <wb...@wilshire.com>.
"Adrian Sutton" <ad...@symphonious.net> wrote in message
news:D1E0DC84-F293-4F1A-A818-157C00DB45F9@symphonious.net...
> Hi all,
> It seems that Tomcat automatically adds Pragma: no-cache and a pre- dated
> Expires header whenever the user requests a page that requires
> container-based authentication. This has come up on the mailing list in
> the past:
> http://mail-archives.apache.org/mod_mbox/tomcat-users/200504.mbox/%
> 3C5AF8976357316F4798EAAFE5A4DBB5F602E8D3@swrmc_mail.swrmc.navy.mil%3E
>
> the solution given however is for a form-based login and we're using
> basic authentication and I've been unable to adapt the solution to work
> for us. I'd like to stop Tomcat from adding any caching directives and
> handle it manually in my webapp. I can setup a filter to modify the
> response headers, but I can't find a way to remove those headers - only
> to modify their values which doesn't seem to be enough to get browsers to
> cache the content.
>
> We're running Tomcat 5.5. Any help would be greatly appreciated.
>
The solution is the same as in the link above, but you use
BasicAuthenticator instead of FormAuthenticator.
> Regards,
>
> Adrian Sutton
> http://www.symphonious.net
>
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org