https://bz.apache.org/bugzilla/show_bug.cgi?id=65513
--- Comment #1 from Mark Thomas <ma...@apache.org> --- Background: http://tomcat.markmail.org/thread/33sxtlnlpgcuecx6 CONFIDENTIAL only implies private caching, not no caching. Enabling securePagesWithPragma="true" for your authenticator may be a viable work-around until the web application is fixed. I'm currently leaning towards closing this as WONTFIX. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org