t; Cache-Control: no-cache
> Expires: Thu, 01 Jan 1970 10:00:00 EST
> Etag: W/"2807-1188956843361"
> Date: Wed, 05 Sep 2007 02:04:23 GMT
>
>
>
>
>
>> Date: Wed, 5 Sep 2007 09:46:53 +0100
>> From: [EMAIL PROTECTED]
>> To: users@tomcat.apache.or
3 GMT
> Date: Wed, 5 Sep 2007 09:46:53 +0100
> From: [EMAIL PROTECTED]
> To: users@tomcat.apache.org
> Subject: Re: Problem with form based JSP authentication using Firefox with
> Tomcat
>
> Are you saying you tried what I suggested, or that you have already
> tried it? I
Are you saying you tried what I suggested, or that you have already
tried it? It seems like the problem is a caching issue to me.
What URL are you trying to access to trigger the login - you're not
accessing the login.jsp directly are you? (I have to ask...)
In the second instance the brow
Thanks p (hope this is formatted better!)
I tried this without success. I've attached the livehttpheader output below.
What seems to happen in Firefox is the first time I go to the login page, it
passes the jsessionid to j_security_check.
If I then invalidate the session, and go to log in agai
Try putting all of the Cache-Control commands inline, comma separated:
content="no-store,no-cache,must-revalidate">
You can also set the headers:
<%
response.setHeader("Cache-Control","no-cache,no-store,must-revalidate");
response.setHeader("Pragma","no-cache");
response.setDateHeader("Expi
