You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by xu...@apache.org on 2009/08/26 09:26:08 UTC
svn commit: r807901 -
/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java
Author: xuhaihong
Date: Wed Aug 26 07:26:07 2009
New Revision: 807901
URL: http://svn.apache.org/viewvc?rev=807901&view=rev
Log:
GERONIMO-4814 Disable the cache while forwarding to the login/error page in the form authentication
Modified:
geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java
Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java?rev=807901&r1=807900&r2=807901&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java Wed Aug 26 07:26:07 2009
@@ -217,6 +217,7 @@
protected void forwardToLoginPage(Request request, Response response) {
RequestDispatcher disp = request.getRequestDispatcher(loginPage);
try {
+ disableClientCache(response.getResponse());
disp.forward(request.getRequest(), response.getResponse());
response.finishResponse();
} catch (Throwable t) {
@@ -234,6 +235,7 @@
protected void forwardToErrorPage(Request request, Response response) {
RequestDispatcher disp = request.getRequestDispatcher(erroryPage);
try {
+ disableClientCache(response.getResponse());
disp.forward(request.getRequest(), response.getResponse());
response.finishResponse();
} catch (Throwable t) {
@@ -351,6 +353,7 @@
request.getCoyoteRequest().requestURI().setString
(saved.getRequestURI());
+ disableClientCache(request.getResponse().getResponse());
return (true);
}
@@ -434,4 +437,8 @@
}
+ private void disableClientCache(HttpServletResponse response) {
+ response.setHeader("Cache-Control", "No-cache");
+ response.setDateHeader("Expires", 1);
+ }
}