You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Gregor Schneider <rc...@googlemail.com> on 2006/11/27 16:36:05 UTC
Hint: Tomcat, Form-Login and HTTP 408-Error
Hi guys,
as you may remember, quite a while ago I asked this list if anybody
had a hint why we're getting a HTTP 408-error every now & then when
logging in to a secured web-app.
Usually, a HTTP 408 occurs when the time for a login is exceeded,
which usually can be fixed easily by setting the session-timeout
either in conf/web.xml or webapps/your_app/WEB-INF/web.xml to an
appropriate value.
However, not in our case, we still got that error, worst of all:
Sometimes we got it, sometimes not, it was irreproducible.
Meanwhile, we found a working solution for it.
Our server-architecture here is that we have an Apache http 2.0.53 in
front serving the static content, AA is done by Tomcat 5.5.17 via
mod_auth_cookie_mysql, servlets are also served by Tomcat 5.5.17 via
mod_jk, all is served through SSL.
We found out, that this error never occured when the cache
(client-side) first is deleted. So, we figured we just had to send
some headers like
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
However, it worked for FireFox 1.5, 2 but not for IE in any spice (IE
7 not tested, though).
Fact was, that IE gives a flying f... on what the headers tell it what
to do with the cache.
The solution finally was pretty simple:
Additionally to passing the correct headers we changed our
Login-Screen (in our case static HTML, but should work in any case) in
that way, the we passed
<meta http-equiv="Cache-Control" content="no-store,no-cache,must-revalidate">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="-1">
IE then accepts this and does not store / cache the login-form, and
everything's fine.
Conclusion on our side was, that here's a bug in IE with the handling
of HTTP-headers when it comes to caching, what can be cicumvented by
issuing the corrosponding meta-data in the HTML.
Hope this will help someone in the future when surfing the mailinglist-archives
Cheers
Greg
--
what's puzzlin' you, is the nature of my game
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org