RE: Modifying headers according to response code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> What is generating the different responses?

We use the Spring Security authentication framework on Tomcat using an APR connector behind Apache.

Protected resources are handled like this for an unauthenticated user:

GET /some/protected/resource.html
Response: 302 /login.html
GET /login.html
Response: 200
POST /login.html
Response: 302 /some/protected/resource.html

This is a pretty standard scenario in authentication and single sign-on frameworks. In the example, /some/protected/resource.html cannot be cached by the client since the same expires/cache-control headers will be included with the 302 response, and Firefox 5 will cache the 302, causing the second request to the resource to again redirect to /login.html.

-Michael


-----Original Message-----
From: Nick Kew [mailto:nick@xxxxxxxxxxxx] 
Sent: Wednesday, June 29, 2011 5:31 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Modifying headers according to response code

On Wed, 29 Jun 2011 19:20:26 +0000
Michael Stevens <michael.stevens@xxxxxxxxxxxxxxxx> wrote:

> Hello,
> 
> I'd like to do this:
> 
> Set Expires and Cache-control headers to specific values on a resource when the response code is 200.
> 
> Set those headers to different values when the response code is XXX (but not 200).

What is generating the different responses?

My suggestion: use ErrorDocument, and set your headers in its scope.

--
Nick Kew

Available for work, contract or permanent.
http://www.webthing.com/~nick/cv.html

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux