I do not believe that caching the resulting pages will help you. If your form submission code returns errors, forward control back to the input page and automatically repopulate all of the form fields in anticipation of a user retrying (after fixing errors with the form).
Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com ----- Original Message ----- From: "Szwajkajzer Adam" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 13, 2003 05:13 Subject: How to enable secured JSP to be cached by browser? Hi all. I'm using Tomcat 4.1.18 (in boundle with JBoss 3.0.5). My application is configured to use declarative security (FORM based). Here my problems start. Each HTTP respons for secured JSP page gets amend by Tomcat. Additional header Pragma, Cache-Control and Expires entries are inserted to prevent the page to be locally cached. I've found on that list it is performed by AuthenticatorBase class and was added to prevent security vulnerability. The problem is with form pages in following scenario: User inserts data, submits form, server returns an application error. User returns to form page but it is reread from server and of course it's empty. (User gets angry while retyping all form data;) Since the application is only used in intranet it would be acceptable to locally cache secured JSP pages. So, is it possible to switch off no-cache/expires feature in Tomcat 4.1.18? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
