You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Oscar <os...@gmail.com> on 2010/09/07 17:50:07 UTC
Problem with Struts 2 and browser cache
Hi to all, i have a little requirement in my application. Clients need that,
after logout, When they press the browser Back button, it shows that user
doesn't have permission because he was already logged out. For example, if
i'm inside the application and in that right moment i'm seeing some sensible
info and press the logout button, when they press browser Back button they
can't see that sensible info.
For me, it looks like a situation where i have to reset the browser cache or
something like that. I googled a lot about that and i find that delete cache
is impossible, but i find some javascript scripts, or use
response.setHeaders but none of that worked for me.
I'm working with Struts 2.1.8 and i found that i can override the parameter
struts.serve.static.browserCache in struts.xml to enable struts to add the
necessary headers to all static content. But isn't working. I assured that
struts.serve.static = true as says in the documentation:
### Used by FilterDispatcher
> ### This is good for development where one wants changes to the static content be
> ### fetch on each request.
> ### NOTE: This will only have effect if struts.serve.static=true
>
> ### If true -> Struts will write out header for static contents such that they will
> ### be cached by web browsers (using Date, Cache-Content, Pragma, Expires)
> ### headers).
> ### If false -> Struts will write out header for static contents such that they are
>
> ### NOT to be cached by web browser (using Cache-Content, Pragma, Expires
> ### headers)
>
>
>
>
But it doesn't work. Somebody knows why doesn't work or another way to avoid
cache after i logout from a Struts application (to avoid show cached content
when user press Back button)?
>
> Thanks in advance.
>
>
--
Oscar Calderón
SCJP 6 <http://javahowto.net>
Re: Problem with Struts 2 and browser cache
Posted by Greg Lindholm <gr...@gmail.com>.
We typically use a simple little filter to add cache-control headers to results.
Of course there is no guarantee the browser will respect it (although
the spec say it must be obeyed
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9).
In web.xml:
<filter>
<description>Cache-Control for Dynamic resources</description>
<filter-name>NoCacheFilter</filter-name>
<filter-class>com.mycompany.SetHeadersFilter</filter-class>
<init-param>
<param-name>Cache-Control</param-name>
<param-value>max-age=0, must-revalidate</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>NoCacheFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
public class SetHeadersFilter implements Filter
{
private FilterConfig _filterConfig;
public SetHeadersFilter()
{
super();
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain filterChain)
throws IOException, ServletException
{
HttpServletResponse response = (HttpServletResponse) res;
for (Enumeration<?> e = _filterConfig.getInitParameterNames();
e.hasMoreElements();)
{
String header = (String) e.nextElement();
response.setHeader(header, _filterConfig.getInitParameter(header));
}
filterChain.doFilter(req, res);
}
public void init(FilterConfig filterConfig)
{
this._filterConfig = filterConfig;
}
public void destroy()
{
this._filterConfig = null;
}
}
On Tue, Sep 7, 2010 at 11:50 AM, Oscar <os...@gmail.com> wrote:
> Hi to all, i have a little requirement in my application. Clients need that,
> after logout, When they press the browser Back button, it shows that user
> doesn't have permission because he was already logged out. For example, if
> i'm inside the application and in that right moment i'm seeing some sensible
> info and press the logout button, when they press browser Back button they
> can't see that sensible info.
>
> For me, it looks like a situation where i have to reset the browser cache or
> something like that. I googled a lot about that and i find that delete cache
> is impossible, but i find some javascript scripts, or use
> response.setHeaders but none of that worked for me.
>
> I'm working with Struts 2.1.8 and i found that i can override the parameter
> struts.serve.static.browserCache in struts.xml to enable struts to add the
> necessary headers to all static content. But isn't working. I assured that
> struts.serve.static = true as says in the documentation:
>
> ### Used by FilterDispatcher
>
>> ### This is good for development where one wants changes to the static content be
>> ### fetch on each request.
>> ### NOTE: This will only have effect if struts.serve.static=true
>>
>> ### If true -> Struts will write out header for static contents such that they will
>> ### be cached by web browsers (using Date, Cache-Content, Pragma, Expires)
>> ### headers).
>> ### If false -> Struts will write out header for static contents such that they are
>>
>> ### NOT to be cached by web browser (using Cache-Content, Pragma, Expires
>> ### headers)
>>
>>
>>
>>
> But it doesn't work. Somebody knows why doesn't work or another way to avoid
> cache after i logout from a Struts application (to avoid show cached content
> when user press Back button)?
>
>>
>> Thanks in advance.
>>
>>
>
> --
> Oscar Calderón
> SCJP 6 <http://javahowto.net>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org