You are viewing a plain text version of this content. The canonical link for it is here.

Posted to scm@geronimo.apache.org by xu...@apache.org on 2009/08/26 09:26:08 UTC

svn commit: r807901 - /geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java

Author: xuhaihong
Date: Wed Aug 26 07:26:07 2009
New Revision: 807901

URL: http://svn.apache.org/viewvc?rev=807901&view=rev
Log:
GERONIMO-4814 Disable the cache while forwarding to the login/error page in the form authentication 

Modified:
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java?rev=807901&r1=807900&r2=807901&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/security/authentication/FormAuthenticator.java Wed Aug 26 07:26:07 2009
@@ -217,6 +217,7 @@
     protected void forwardToLoginPage(Request request, Response response) {
         RequestDispatcher disp = request.getRequestDispatcher(loginPage);
         try {
+            disableClientCache(response.getResponse());
             disp.forward(request.getRequest(), response.getResponse());
             response.finishResponse();
         } catch (Throwable t) {
@@ -234,6 +235,7 @@
     protected void forwardToErrorPage(Request request, Response response) {
         RequestDispatcher disp = request.getRequestDispatcher(erroryPage);
         try {
+            disableClientCache(response.getResponse());
             disp.forward(request.getRequest(), response.getResponse());
             response.finishResponse();
         } catch (Throwable t) {
@@ -351,6 +353,7 @@
 
         request.getCoyoteRequest().requestURI().setString
                 (saved.getRequestURI());
+        disableClientCache(request.getResponse().getResponse());
         return (true);
 
     }
@@ -434,4 +437,8 @@
 
     }
 
+    private void disableClientCache(HttpServletResponse response) {
+        response.setHeader("Cache-Control", "No-cache");
+        response.setDateHeader("Expires", 1);
+    }
 }