user735566
Reputation: 471
Disabling browser caching in Tomcat 6
We want the web server to return the following http headers in all responses containing sensitive content:
Cache-control:no-store
Pragma:no-cache.
We are using tomcat server 6.0 version.
Please suggest where we have to make changes.
Upvotes: 0
Views: 2280
Answers (2)
Petar Vlahu
Reputation: 21
Depending on your security constraint you can setup tomcat valve to have securePagesWithPragma to true (default) which would set the headers as you requested. please refer to Tomcat6 Valve Documentation for further details and also Tomcat: Cache-Control
Upvotes: 0
alexkasko
Reputation: 4925
Servlet Filter like this should help:
public class ResourceCacheFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletResponse res = (HttpServletResponse) response;
res.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
res.setHeader("Pragma", "no-cache");
chain.doFilter(request, response);
}
}
Upvotes: 1
Related Questions
- How to disable cache in tomcat 8.0.23?
- how to disable tomcat caching?
- Java Tomcat enable caching
- Disable browser caching in servlet
- How to clear browser cache from servlet?
- Caching with JSP and HTML5: how to disable caching server-side
- How ask a browser to not store cache Java EE/Tomcat
- Unable to disable jsp cache
- How can I disable Tomcat caching completly?
- Howto deactivate caching inside a jsp page